urlscan.io logo urlscan.io
SecurityTrails logo

usfinf.net Open in urlscan Pro
104.21.80.202  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://cutt.us/MZgIB
Effective URL: http://usfinf.net/-89918KZPC/2qdMM?rndad=3239775516-1636486454
Submission: On November 09 via manual from BR — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 2 countries across 18 domains to perform 51 HTTP transactions. The main IP is 104.21.80.202, located in and belongs to CLOUDFLARENET, US. The main domain is usfinf.net.
This is the only time usfinf.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 69.61.26.121 141518 (SUBHOST-A...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
3 142.250.80.66 15169 (GOOGLE)
1 4 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 1 104.21.2.30 13335 (CLOUDFLAR...)
1 7 104.21.80.202 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
12 172.67.153.199 13335 (CLOUDFLAR...)
1 2600:9000:230... 16509 (AMAZON-02)
5 13.33.46.108 16509 (AMAZON-02)
3 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a03:2880:f11... 32934 (FACEBOOK)
2 2607:f8b0:400... 15169 (GOOGLE)
1 13.33.46.58 16509 (AMAZON-02)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2607:f8b0:402... 15169 (GOOGLE)
2 2600:9000:226... 16509 (AMAZON-02)
1 172.67.158.162 13335 (CLOUDFLAR...)
1 52.217.168.192 16509 (AMAZON-02)
51 21
1    69.61.26.121 (United States)

ASN141518 (SUBHOST-AS-IN Subhosting Innovations Pvt Ltd, IN)
cutt.us
1    2607:f8b0:4006:823::2002 (United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2607:f8b0:4006:809::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    142.250.80.66 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f2.1e100.net
securepubads.g.doubleclick.net
4    2607:f8b0:4006:822::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2607:f8b0:4006:80a::2002 (United States)

ASN15169 (GOOGLE, US)
adservice.google.com
1    104.21.2.30 (None, )

ASN13335 (CLOUDFLARENET, US)
fumacrom.com
7    104.21.80.202 (None, )

ASN13335 (CLOUDFLARENET, US)
usfinf.net
1    2607:f8b0:4006:80e::200a (United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
12    172.67.153.199 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.usfinf.net
1    2600:9000:2305:c00:12:c391:3100:21 (United States)

ASN16509 (AMAZON-02, US)
d1a3jb5hjny5s4.cloudfront.net
5    13.33.46.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-46-108.ewr52.r.cloudfront.net
rulinecrea.xyz
3    2606:4700:3033::6815:454d (United States)

ASN13335 (CLOUDFLARENET, US)
associalinterva.xyz
1    2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2607:f8b0:4006:81c::200d (United States)

ASN15169 (GOOGLE, US)
accounts.google.com
1    13.33.46.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-46-58.ewr52.r.cloudfront.net
roytheticc.xyz
2    2606:4700:3030::6815:2dcf (United States)

ASN13335 (CLOUDFLARENET, US)
freychang.fun
1    2607:f8b0:4023:1404::9d (Columbus, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2600:9000:2269:ac00:1f:315e:7fc0:21 (United States)

ASN16509 (AMAZON-02, US)
dufai4b1ap33z.cloudfront.net
1    172.67.158.162 (United States)

ASN13335 (CLOUDFLARENET, US)
babblecase.com
1    52.217.168.192 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
Domain Requested by
12 cdn.usfinf.net usfinf.net
cdn.usfinf.net
7 usfinf.net 1 redirects cutt.us
usfinf.net
cdn.usfinf.net
5 rulinecrea.xyz cdn.usfinf.net
4 www.google-analytics.com 1 redirects www.googletagmanager.com
www.google-analytics.com
usfinf.net
3 associalinterva.xyz usfinf.net
3 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
2 dufai4b1ap33z.cloudfront.net rulinecrea.xyz
2 freychang.fun cdn.usfinf.net
d1a3jb5hjny5s4.cloudfront.net
2 accounts.google.com usfinf.net
1 s3.amazonaws.com babblecase.com
1 babblecase.com usfinf.net
1 stats.g.doubleclick.net usfinf.net
1 roytheticc.xyz d1a3jb5hjny5s4.cloudfront.net
1 www.facebook.com usfinf.net
1 d1a3jb5hjny5s4.cloudfront.net usfinf.net
1 ajax.googleapis.com usfinf.net
1 fumacrom.com 1 redirects
1 adservice.google.com securepubads.g.doubleclick.net
1 www.googletagmanager.com cutt.us
1 www.googletagservices.com cutt.us
1 cutt.us
0 pagead2.googlesyndication.com Failed securepubads.g.doubleclick.net
51 22

This site contains links to these domains. Also see Links.

Domain
support.adf.ly
adf.ly
Subject Issuer Validity Valid
www.cutt.us
R3		 2021-10-09 -
2022-01-07		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
rulinecrea.xyz
Amazon		 2021-10-19 -
2022-11-17		 a year crt.sh
*.associalinterva.xyz
R3		 2021-11-07 -
2022-02-05		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-08-19 -
2021-11-17		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
roytheticc.xyz
Amazon		 2021-10-19 -
2022-11-17		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-10-16 -
2022-10-15		 a year crt.sh
*.usfinf.net
R3		 2021-10-26 -
2022-01-24		 3 months crt.sh

This page contains 6 frames:

Primary Page: http://usfinf.net/-89918KZPC/2qdMM?rndad=3239775516-1636486454
Frame ID: EA21910D24BEC1498BFA7DA0FC242597
Requests: 43 HTTP requests in this frame

Frame: http://rulinecrea.xyz/Z050RVIGLBcobQZzFmMnFSJJYGAha0YDNhIoFSxmBX8VNWFUNFomPgg7ECMgCCAAazwCOlF3FCUaRC0fNAohNhgeBwEGOBQmPw0HIyhHPXdVCBIiFBcHHn08MDRNdBBUex8GNSIsNXUTEgEcHDQ9BkEwHSMEJiY8Dz8+AwMPAkcDJzINMTcxPyUgCTsQOxAUFBceMDI8PyA9Nx4zDCcLKAwkOHQlCyweLiIkDT0rHA4ILgwrCz4RKxxRFBo9JiV9TSIdHggWDisEeTs9EF4rNwxqIgZFcTQ/KRYjYFZrRgMRDwxNIBYUJiN2Pl8vLDFhBiAEfR8mAEMcBUoiQgcBU3okBgA2ATd1Jy5/A3IwP3o7BBofa0YDCwk9MCQ8F3YtA2YJHjcAOSIGRAkzPyEyDCsiIDgXEF4rNzYmMSclKwgwfjwjKxQlOyk9DgIjKWQEfS58CwkpFiBhUmtGAzElOkIjFQt4NhElFwUdKRotI0VgYCUKEwdqAXw+chNVJU0mA0EkByo8F3M/cwMiByMOJwY8LhIDVg
Frame ID: FF8D55DCB5912637293553B080E94BD1
Requests: 2 HTTP requests in this frame

Frame: http://rulinecrea.xyz/VGFnNDI1AwRZDTVcBRJHJg1aEQASRFVyViEHBl0GNlAGRAFnG0lXXjsUA1JAOw8TGlwxFUIGdCYzHWZ5DRsAX2UtMCF2SBoFK1gGBAUQBQQCBlJcaj4KKmJYNyssTnxkLzBtBgJSLl9wIzMhYHZlMAMFfzEqVmFZFiAxXGcHMCZ2ag0yLENWNQQAdkESUQBbamcCJmNmbTUqXHgMKCEEVQY0V1lxBwIqZVthOC1TezAFP34XZiczZVo9IwlEfgAYUlV+Mxk3enASVTIFay4kP1xmFzkEVVc/OCt2YBJVMgQKITYJTGocOTUGUGUkLmRFHkRVdmE8UFZ2cXkSM2dxIDM3ZWg1LSEEF2YjNVNdFiA/WGcSDzZ3UGUkLlYDbAghBWcmJD9TVRw5MnF4MxEzfVoSVTIFCj03HnF/ETYuc1czIzZ6ZCcPJVwDZQIJemUSDwRVVDg0K1JKJERVcmQsUFZ2dj8iP11oEyhXbXkVMCEBZBY7V3VfIzYlZRQ+EghaQmkAN3hABhNTflFnLw
Frame ID: 08B33724BF5D54BD09C2354F9F2717A1
Requests: 2 HTTP requests in this frame

Frame: http://usfinf.net/rtb/validate/e0cfc880fc8706ea5a00d94ce742f98d/?type=1&user_id=21795659&k=505756&c=1
Frame ID: 744A0BD59F39CBB2A279ED09EAC58DAE
Requests: 2 HTTP requests in this frame

Frame: http://babblecase.com/ad/display?ad_id=759011
Frame ID: F9ED3E75671FD819A89D709C7843B030
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: CBE33A38EA020DC96B6FBCA2FE2E2EE6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

H5or3

Page URL History Show full URLs

  1. https://cutt.us/MZgIB Page URL
  2. http://fumacrom.com/2qdMM HTTP 301
    http://usfinf.net/-89918KZPC/2qdMM?rndad=3239775516-1636486454 Page URL

Page Statistics

51
Requests

43 %
HTTPS

57 %
IPv6

18
Domains

22
Subdomains

21
IPs

2
Countries

480 kB
Transfer

1201 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cutt.us/MZgIB Page URL
  2. http://fumacrom.com/2qdMM HTTP 301
    http://usfinf.net/-89918KZPC/2qdMM?rndad=3239775516-1636486454 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36
  • http://www.google-analytics.com/ga.js HTTP 307
  • https://www.google-analytics.com/ga.js
Request Chain 43
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1916767105&utmhn=usfinf.net&utme=8(User)9(21795659)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=H5or3&utmhid=664297637&utmr=-&utmp=%2F-89918KZPC%2F2qdMM%3Frndad%3D3239775516-1636486454&utmht=1636486455862&utmac=UA-6469700-9&utmcc=__utma%3D185573165.1031377853.1636486456.1636486456.1636486456.1%3B%2B__utmz%3D185573165.1636486456.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=359940622&utmredir=1&utmu=qQAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1916767105&utmhn=usfinf.net&utme=8(User)9(21795659)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=H5or3&utmhid=664297637&utmr=-&utmp=%2F-89918KZPC%2F2qdMM%3Frndad%3D3239775516-1636486454&utmht=1636486455862&utmac=UA-6469700-9&utmcc=__utma%3D185573165.1031377853.1636486456.1636486456.1636486456.1%3B%2B__utmz%3D185573165.1636486456.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=359940622&utmredir=1&utmu=qQAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6469700-9&cid=1031377853.1636486456&jid=359940622&_v=5.7.2&z=1916767105
Request Chain 48
  • http://usfinf.net/rtb/show/e0cfc880fc8706ea5a00d94ce742f98d/?k=505756&cs=vkNmTcMh3ZLWjYMT2BICiNw1i4dCWOQziYODiNIuyAMjTLc15kNzTLYl11O2SbIyshI2nQYgykIyjborwNLWCZJHmBZSmZYrilOGjbQgxwMCzTYN5RMFDSAL3hMCDII2sMIjmLd3nMZTyNIv6QMXiawLiJcWnZJXyVIGjbowwBLXCQJg3kMCSNI26gMHTIY7wQMjCNwuild2zVIgisODjMEuxAMTTMEgsQIlnTcgzMI3jdovxRNmjbApwdLFCKJg3ANjCLI168MSTYIswxMWCaw6i9dWzTUiioOjjIA0s5IWnZcn2FImjcolwNLXCdJi2wMiyIIv65MkSIw6iIcy3cRvh9dVGZUsxlXm2YZvv1Ym3IVszAZjWOQiiUOGjbApsJI2mbttlJeCVL9ihQIGjOo5iYMmTMA05cNTmZMjxRMTjOUk4BODDMchzVZTTYMl0ZODDMk3xgMz2YQm0BMDTOJ4kMZmDZYjzBZTjZEiwoZjmIU0iJfyQe== HTTP 302
  • http://babblecase.com/ad/display?ad_id=759011

51 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
MZgIB
cutt.us/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cutt.us/MZgIB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.61.26.121 , United States, ASN141518 (SUBHOST-AS-IN Subhosting Innovations Pvt Ltd, IN),
Reverse DNS
Software
Hotcores.com /
Resource Hash
0e4f79ad5a23616e2335f51d4569acd07ec8c167f06b9f4b8fad76b94b387fb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

Server
Hotcores.com
Date
Tue, 09 Nov 2021 19:34:13 GMT
Content-Type
text/html; Charset=UTF-8;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Cache-Control
no-cache, must-revalidate, max-age=0
Pragma
no-cache
X-Robots-Tag
noindex, nofollow
I-AM
Alpha
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Encoding
gzip
gpt.js
www.googletagservices.com/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: cutt.us
URL: https://cutt.us/MZgIB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d0f8cf857051b379423f8e63120c8d72cf8ceea629fca40b8da5273e1976f95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:34:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1039 / 38 of 1000 / last-modified: 1636459612"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27070
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 09 Nov 2021 19:34:13 GMT
js
www.googletagmanager.com/gtag/ 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-31510493-1
Requested by
Host: cutt.us
URL: https://cutt.us/MZgIB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a0f143a1f26c1bfe87b3d690d81b0dfdc5424570d245cf1aebc1eadc0ce9755b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:34:13 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36394
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 09 Nov 2021 19:34:13 GMT
pubads_impl_2021110401.js
securepubads.g.doubleclick.net/gpt/ 		346 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
sffe /
Resource Hash
ecafecffa0db9b7f76734f0bcab9c4646954668aebd3e86dc38cdbe162d3f250
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:34:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119010
x-xss-protection
0
last-modified
Thu, 04 Nov 2021 08:34:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 09 Nov 2021 19:34:13 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		26 B
678 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=cutt.us
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
9976a6ecb3c55b071fd718a5849aa06de3cec11a5a80ff3f73ff564018d1443b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 19:34:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Tue, 09 Nov 2021 19:34:13 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-31510493-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1671
date
Tue, 09 Nov 2021 19:06:22 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 09 Nov 2021 21:06:22 GMT
collect
www.google-analytics.com/j/ 		1 B
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1788009914&t=pageview&_s=1&dl=https%3A%2F%2Fcutt.us%2FMZgIB&ul=en-us&de=UTF-8&dt=MZgIB&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1393236083&gjid=1654958262&cid=904401304.1636486454&tid=UA-31510493-1&_gid=37707632.1636486454&_r=1&gtm=2oub80&z=1075473169
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cutt.us/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:34:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cutt.us
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cutt.us
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 19:34:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		0
943 B 		Other
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1709867901393272&correlator=4055580969495199&output=wbn&wbsu=7cd70afc-4653-49cc-8256-92767c9c8f72&callback=googletag.wbn1&impl=fif&eid=31063136%2C31063206%2C31060545%2C31062324&vrg=2021110401&ptt=17&sc=1&sfv=1-0-38&ecs=20211109&iu_parts=5837603%2CCutt_360&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x360&cookie_enabled=1&bc=31&abxe=1&lmt=1636486454&dt=1636486454186&dlt=1636486453052&idt=1104&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=1933368604&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcutt.us%2FMZgIB&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x63&msz=0x0&ga_vid=904401304.1636486454&ga_sid=1636486454&ga_hid=1788009914&ga_fc=true&fws=128&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:34:14 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
443
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
application/webbundle
access-control-allow-origin
https://cutt.us
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
uuid:7cd70afc-4653-49cc-8256-92767c9c8f72
/ 		477 B
603 B 		Script
General
Check archive.org
Download Go to
Full URL
urn:uuid:7cd70afc-4653-49cc-8256-92767c9c8f72
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Protocol
URN
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7478a48a53e5248d4c399ac70978ca5d1a97d5ccb9f92a42431aee118f94a56e
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

X-Content-Type-Options
nosniff, nosniff
content-type
text/javascript; charset=utf-8
Primary Request 2qdMM
usfinf.net/-89918KZPC/
Redirect Chain
  • http://fumacrom.com/2qdMM
  • http://usfinf.net/-89918KZPC/2qdMM?rndad=3239775516-1636486454
18 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://usfinf.net/-89918KZPC/2qdMM?rndad=3239775516-1636486454
Requested by
Host: cutt.us
URL: https://cutt.us/MZgIB
Protocol
HTTP/1.1
Server
104.21.80.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / adfly
Resource Hash
f52197d98b608e7b5c4b9427f0afea6791039a8905cbf8a0c18ce5972ce53c83
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://cutt.us/MZgIB

Response headers

Date
Tue, 09 Nov 2021 19:34:14 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
x-powered-by
adfly
p3p
policyref="http://adf.ly/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa IVAi IVDi CONi HISi TELi OUR IND PHY ONL FIN COM NAV INT DEM GOV"
expires
Sat, 26 Jul 1997 05:00:00 GMT
last-modified
Tue, 09 Nov 2021 19:34:14 GMT
x-frame-options
DENY
referrer-policy
no-referrer-when-downgrade
cache-control
no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
pragma
no-cache
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
CF-Cache-Status
DYNAMIC
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B3zppBie3ff3KKwvajE%2FSnR98FmxeEIhLJupV1RZGLgXFVPsRUoDh%2FvF%2FKmR2YIqEulQvTQaKDCWBdtxoXiZThQzT3vF8bJ1%2FVWGv6kfjLg7yjRKnmcSIGJ7%2FTYR"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
6ab97a367b8767ab-DFW
Content-Encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date
Tue, 09 Nov 2021 19:34:14 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
x-powered-by
adfly
location
http://usfinf.net/-89918KZPC/2qdMM?rndad=3239775516-1636486454
x-turbo-charged-by
LiteSpeed
CF-Cache-Status
DYNAMIC
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Y3SbFb6LP7bhmb1ekTFgSY9zYSryCIHhcmcpgAgLSA5AqAnVhRFh7jFMVM5LC1H3%2FRAutzMWMk311Ovv26KmsSICg%2FFlWaAQCo5j5OjYCDumO5qeob8lAr1V%2FHPEH4%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
6ab97a356bc76755-DFW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
sodar
pagead2.googlesyndication.com/getconfig/ 		0
0
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.1/ 		92 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
Requested by
Host: usfinf.net
URL: http://usfinf.net/-89918KZPC/2qdMM?rndad=3239775516-1636486454
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918KZPC/2qdMM?rndad=3239775516-1636486454
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 05 Nov 2021 23:50:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
330219
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33333
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Sat, 05 Nov 2022 23:50:36 GMT
adfly_7.css
cdn.usfinf.net/static/css/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://cdn.usfinf.net/static/css/adfly_7.css
Requested by
Host: usfinf.net
URL: http://usfinf.net/-89918KZPC/2qdMM?rndad=3239775516-1636486454
Protocol
HTTP/1.1
Server
172.67.153.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a84956aa983e7d398b0f4346769e35792af58f217f5dcc535dcd7ab5996b999a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918KZPC/2qdMM?rndad=3239775516-1636486454
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 19:34:15 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1741
Cf-Polished
origSize=3778
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 08 Mar 2021 18:42:47 GMT
Server
cloudflare
etag
W/"ec2-60467027-6a5aa4acec833b9;gz"
vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2BEsQgnwLi7Ld32PEMW09x6IQnfdYPmBV7ll1b35%2B5lFILGvPtTWGL8QyO0%2FukRM%2FdCXuDHO75v58V3moiLYQ2ytDWKvE95qsLvzK9UGA8MgespMHq%2BszHiFWOvEDYItRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
expires
Tue, 16 Nov 2021 19:05:14 GMT
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
CF-RAY
6ab97a380bdb639e-ORD
Cf-Bgj
minify
amvn.js
cdn.usfinf.net/static/js/ 		245 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.usfinf.net/static/js/amvn.js
Requested by
Host: usfinf.net
URL: http://usfinf.net/-89918KZPC/2qdMM?rndad=3239775516-1636486454
Protocol
HTTP/1.1
Server
172.67.153.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1feb7809a6145eb5a06f98be7ea32a44f5770e24651a0219b7edfced19e5ff4d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918KZPC/2qdMM?rndad=3239775516-1636486454
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 19:34:15 GMT
content-encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1739
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
82665
last-modified
Tue, 09 Nov 2021 12:20:02 GMT
Server
cloudflare
etag
"3d3dd-618a6772-2d0a6cfcb0d9bebd;gz"
vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L9vaD7DJ%2FITdK92KPISry4gfL66vI6uzmMstMBOQlRPhEJn72py6iE%2F0SLUS8cgDiJFttcpLfl6JbAAITYWy5ZYmo%2F7EARDdU1QQtbpi1d8AS2XFrssKrX61WQ3YJNQJpg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/x-javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
Accept-Ranges
bytes
CF-RAY
6ab97a37bb446713-DFW
expires
Tue, 16 Nov 2021 19:05:16 GMT
/
d1a3jb5hjny5s4.cloudfront.net/ 		101 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d1a3jb5hjny5s4.cloudfront.net/?hbjad=709056
Requested by
Host: usfinf.net
URL: http://usfinf.net/-89918KZPC/2qdMM?rndad=3239775516-1636486454
Protocol
HTTP/1.1
Server
2600:9000:2305:c00:12:c391:3100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
573790863ad94d405969449d4690b60498ae7bc2f8f0269b7eee365263aebe4e

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918KZPC/2qdMM?rndad=3239775516-1636486454
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 18:20:06 GMT
Content-Encoding
gzip
Connection
keep-alive
Age
4449
X-Cache
Hit from cloudfront
access-control-allow-origin
*
Cache-Control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
X-Amz-Cf-Pop
IAD89-P2
Content-Length
35635
Via
1.1 d3cd567650e598ded7d5dd9266aa396d.cloudfront.net (CloudFront)
X-Amz-Cf-Id
8_-chuz6wiZkin16ed-dS6ftVx2xBSi6hIQQ6MpZs1B2UqC-aBWO9A==
main.js
cdn.usfinf.net/static/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.usfinf.net/static/js/main.js
Requested by
Host: usfinf.net
URL: http://usfinf.net/-89918KZPC/2qdMM?rndad=3239775516-1636486454
Protocol
HTTP/1.1
Server
172.67.153.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a65eca7c102c3a7ec3da4f688c7fe2e88f5a3d6382a13d224938a8e66c65fac

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918KZPC/2qdMM?rndad=3239775516-1636486454
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 19:34:15 GMT
content-encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1742
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
667
last-modified
Tue, 10 Nov 2020 09:44:06 GMT
Server
cloudflare
etag
"6f6-5faa60e6-67322d0de901b96d;gz"
vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y41KO60l2taT4rkfIKyrju7caYSBJhZm8opu%2FaOuz0j3FuhMYJGJ5TFN2ly1fWlPfQFtSTF9rumVQvS78YlH19XWLHULztCaHZCZV72iXyT9LIozFy%2FJrQIIjy5%2FTJiylQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/x-javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
Accept-Ranges
bytes
CF-RAY
6ab97a37bfb80eda-DFW
expires
Tue, 16 Nov 2021 19:05:12 GMT
logo_fb2.png
cdn.usfinf.net/static/image/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.usfinf.net/static/image/logo_fb2.png
Requested by
Host: usfinf.net
URL: http://usfinf.net/-89918KZPC/2qdMM?rndad=3239775516-1636486454
Protocol
HTTP/1.1
Server
172.67.153.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
042313bf805bd8d9a1c6b2a88c90e15407004fcc6e9c5d5974c87c85c20796f3

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918KZPC/2qdMM?rndad=3239775516-1636486454
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 19:34:15 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1740
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
6283
last-modified
Tue, 10 Nov 2020 09:44:06 GMT
Server
cloudflare
etag
"188b-5faa60e6-50f7a0a7015a0140;;;"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tToUimxBxmYkDGexK1paIZwQK4dCrICnqq7UikGZrYOaMJK9kS5cdkBXE6uRzHmZnOQGe8O0Mq6e%2FnyaY%2Bnzh3aBAHuB%2BHp3pBaadlTtgnGxcvvUp4n5PLdFhAPmXXFolw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
Accept-Ranges
bytes
CF-RAY
6ab97a3968936713-DFW
expires
Tue, 16 Nov 2021 19:05:15 GMT
ad_top_bg2.png
cdn.usfinf.net/static/image/ 		156 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.usfinf.net/static/image/ad_top_bg2.png?&ad_box_=1
Requested by
Host: usfinf.net
URL: http://usfinf.net/-89918KZPC/2qdMM?rndad=3239775516-1636486454
Protocol
HTTP/1.1
Server
172.67.153.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
938632fb472382061e62d8f1d033da03cbc84f150236e4251c8ece12241405ae

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918KZPC/2qdMM?rndad=3239775516-1636486454
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 19:34:15 GMT
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
156
last-modified
Tue, 10 Nov 2020 09:44:06 GMT
Server
cloudflare
etag
"9c-5faa60e6-403b27215d00ca1;;;"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RICMUzoZ2fCs5VkqhI2WjufYKKukVCaLwLLHcZX0qZ0vfRyMC5Z3VEy1idy0dwG5rSFwNSUacILOKOpbLfe6MOGZX%2F6m3OUltRchu3STS0hagJk%2BeFzeVYFalvoFEtxJGw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
CF-RAY
6ab97a39d9d46713-DFW
expires
Tue, 16 Nov 2021 19:34:15 GMT
ahl6532.gif
cdn.usfinf.net/static/image/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.usfinf.net/static/image/ahl6532.gif
Requested by
Host: usfinf.net
URL: http://usfinf.net/-89918KZPC/2qdMM?rndad=3239775516-1636486454
Protocol
HTTP/1.1
Server
172.67.153.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13cad7fb56a878cd12d9456a8754cf13433ac6741338371f87776b4373411b15

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918KZPC/2qdMM?rndad=3239775516-1636486454
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 19:34:15 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1738
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
3229
last-modified
Tue, 10 Nov 2020 09:44:06 GMT
Server
cloudflare
etag
"c9d-5faa60e6-bdf1ebb6d8b3a2e3;;;"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S0bKlJZUUl25i%2BMHjdMSkci%2Bt3SKK%2FH4sgLsUydRe4tW2jLXusshHrtUMoP8qiJ24ZDCimmQxN%2Ba7Z34s43HuTXO7kXayi1MWgohe0UyaX7Een0%2ByZn%2BRXPSCuqetac2DA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/gif
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
Accept-Ranges
bytes
CF-RAY
6ab97a3a8b8d6713-DFW
expires
Tue, 16 Nov 2021 19:05:17 GMT
spinner.gif
cdn.usfinf.net/static/image/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.usfinf.net/static/image/spinner.gif
Requested by
Host: usfinf.net
URL: http://usfinf.net/-89918KZPC/2qdMM?rndad=3239775516-1636486454
Protocol
HTTP/1.1
Server
172.67.153.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a607f27600e85addcfd1415ee611a370a30dce3f53ac200d3e0e25d2bdc5157

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918KZPC/2qdMM?rndad=3239775516-1636486454
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 19:34:15 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1741
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
35453
last-modified
Tue, 10 Nov 2020 09:44:06 GMT
Server
cloudflare
etag
"8a7d-5faa60e6-abbbac75116acc85;;;"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WOUVhRHTks%2B0EPNBrxsGo3ra4GeX0v9qAyGoKWYs4QbRqk%2Fmda57WFoRblfoQOORV6M73leGcwdEJDz%2Bf%2BxqhaTkGo2JZ1bvAZKnj5YDjAjJEgTz71Y8fs4M%2FvvMYij47Q%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/gif
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
Accept-Ranges
bytes
CF-RAY
6ab97a3ad924639e-ORD
expires
Tue, 16 Nov 2021 19:05:14 GMT
en_tran.png
cdn.usfinf.net/static/image/skip_ad/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.usfinf.net/static/image/skip_ad/en_tran.png
Requested by
Host: usfinf.net
URL: http://usfinf.net/-89918KZPC/2qdMM?rndad=3239775516-1636486454
Protocol
HTTP/1.1
Server
172.67.153.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef8721967f0cca2539ee60f9cad0e8c1ef89f18a53964a4e6101033d23a4ba29

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918KZPC/2qdMM?rndad=3239775516-1636486454
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 19:34:15 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1738
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
5076
last-modified
Tue, 10 Nov 2020 09:44:06 GMT
Server
cloudflare
etag
"13d4-5faa60e6-a653c25d6e1f8e24;;;"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CDm2HTHbxj68i7eImaVHFQuPZo44YnzdHrG%2BVIkFgSDIeBd%2FApLq36qLkFofXydBdnh6%2BIqRKDoBCx0c4USxS%2BAbhmqbIfuAg0gkZfJsduwaBL8LyzAIFyPVRFONQkWwgw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
Accept-Ranges
bytes
CF-RAY
6ab97a3bffc16713-DFW
expires
Tue, 16 Nov 2021 19:05:17 GMT
delete2.png
cdn.usfinf.net/static/image/ 		577 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.usfinf.net/static/image/delete2.png
Requested by
Host: usfinf.net
URL: http://usfinf.net/-89918KZPC/2qdMM?rndad=3239775516-1636486454
Protocol
HTTP/1.1
Server
172.67.153.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fa2ba143aaedc6b6169e9b024d4f12df4acfc5995950dce175fd97644dd0c43

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918KZPC/2qdMM?rndad=3239775516-1636486454
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 19:34:15 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1738
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
577
last-modified
Tue, 10 Nov 2020 09:44:06 GMT
Server
cloudflare
etag
"241-5faa60e6-9320ae10e0d19c6b;;;"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eBFiRI8wTRzMRk1qdt8de5CAw4%2Bu2uBx7Ys%2BArHQnnFCTorHDAC1Qb0pwuHOcqRifad1CsScvtnn67FbjbjTfgyWOVVtU41A%2FEwVvmEd4pAEdiJegvGXgDAVEhSHv0ekGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
Accept-Ranges
bytes
CF-RAY
6ab97a3c094d0eda-DFW
expires
Tue, 16 Nov 2021 19:05:17 GMT
view117_bidshow.js
cdn.usfinf.net/static/js/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.usfinf.net/static/js/view117_bidshow.js
Requested by
Host: usfinf.net
URL: http://usfinf.net/-89918KZPC/2qdMM?rndad=3239775516-1636486454
Protocol
HTTP/1.1
Server
172.67.153.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b281ad15b8eae8656a12eb97b8fea4002f82f70a9031ae5bc9af3d0cc177a85b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918KZPC/2qdMM?rndad=3239775516-1636486454
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 19:34:15 GMT
content-encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1739
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
4020
last-modified
Sat, 25 Sep 2021 14:54:49 GMT
Server
cloudflare
etag
"2ad8-614f3839-fe99aae1576cce1d;gz"
vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=klu3J5acgForG6P0mZ3fg5MOqN4XDwM3OOF6ruXRgQv0RXx9dGv27PwcWFhVr2ryTdUTVFtz5Yuo6yznnxd6i3UjEqc19dSV%2Fz6eES%2Bwyo%2BKTqtiQvltVyYXfWhd9VIQjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/x-javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
Accept-Ranges
bytes
CF-RAY
6ab97a390f6e6713-DFW
expires
Tue, 16 Nov 2021 19:05:16 GMT
utx
rulinecrea.xyz/ 		0
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rulinecrea.xyz/utx?cb=NWjigdqCCARK&top=usfinf.net&tid=604364
Requested by
Host: cdn.usfinf.net
URL: http://cdn.usfinf.net/static/js/amvn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.46.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-46-108.ewr52.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918KZPC/2qdMM?rndad=3239775516-1636486454
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:34:15 GMT
via
1.1 bf5abe06e7e8ddc3963a0afd0a961f75.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
x-amz-cf-pop
EWR52-C1
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
http://usfinf.net
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
lZ7wwRQD373kXeFKJcZsJ3Q0YtsOuCJISoIG6IpEbkZGsgVy1nHE5g==
utx
rulinecrea.xyz/ 		0
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rulinecrea.xyz/utx?cb=vMgYQVPVIL2g&top=usfinf.net&tid=709056
Requested by
Host: cdn.usfinf.net
URL: http://cdn.usfinf.net/static/js/amvn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.46.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-46-108.ewr52.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918KZPC/2qdMM?rndad=3239775516-1636486454
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:34:15 GMT
via
1.1 bf5abe06e7e8ddc3963a0afd0a961f75.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
x-amz-cf-pop
EWR52-C1
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
http://usfinf.net
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
jycagLYYEjJBN8jOGXufSIvKENqD6KvpmfN6F6mWrCE_qJ3WszWQZA==
NVFKYUUabikSeFQHB1ALchcoACJWFx9QLV8TPSMXYAYfJwdzFGwVLFFsfFFxBmd+RzVcNXdQY0YlKxUwRmx7RyxbNyVcY0Nse092AX94UmsDdz4RJFJse0c1QSUmXHQDYnxVfQNlf1RxDWU
associalinterva.xyz/ 		0
538 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://associalinterva.xyz/NVFKYUUabikSeFQHB1ALchcoACJWFx9QLV8TPSMXYAYfJwdzFGwVLFFsfFFxBmd+RzVcNXdQY0YlKxUwRmx7RyxbNyVcY0Nse092AX94UmsDdz4RJFJse0c1QSUmXHQDYnxVfQNlf1RxDWU
Requested by
Host: usfinf.net
URL: http://usfinf.net/-89918KZPC/2qdMM?rndad=3239775516-1636486454
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:454d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918KZPC/2qdMM?rndad=3239775516-1636486454
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:34:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V1xboXR1fmdRTybUGRobZS0bMLouFZexKR3%2BV46hWDX1aVNiRy%2Fp52Qc7nPOyIz7n%2FnYox4ZOgDFbh%2BnasxD6RGUKxgOYvVPxhPvx9L91ROZsk4%2BTkY8Jr74qnmalLrdh0DVWLjT5m220oPiJKaizj%2Bg"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
6ab97a3d48b66799-DFW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
login.php
www.facebook.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by
Host: usfinf.net
URL: http://usfinf.net/-89918KZPC/2qdMM?rndad=3239775516-1636486454
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918KZPC/2qdMM?rndad=3239775516-1636486454
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
ServiceLogin
accounts.google.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
Requested by
Host: usfinf.net
URL: http://usfinf.net/-89918KZPC/2qdMM?rndad=3239775516-1636486454
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200d , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918KZPC/2qdMM?rndad=3239775516-1636486454
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
ServiceLogin
accounts.google.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
Requested by
Host: usfinf.net
URL: http://usfinf.net/-89918KZPC/2qdMM?rndad=3239775516-1636486454
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200d , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918KZPC/2qdMM?rndad=3239775516-1636486454
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
popunder.gif
associalinterva.xyz/ 		35 B
930 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://associalinterva.xyz/popunder.gif
Requested by
Host: usfinf.net
URL: http://usfinf.net/-89918KZPC/2qdMM?rndad=3239775516-1636486454
Protocol
HTTP/1.1
Server
2606:4700:3033::6815:454d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918KZPC/2qdMM?rndad=3239775516-1636486454
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 19:34:15 GMT
content-encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
104791
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
58
pragma
public
Last-Modified
Mon, 08 Nov 2021 14:27:44 GMT
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zeyLFbNUx4Kug5PpdMyEyloVQ5DF16cl%2BDFWC7RUHc%2BTcyY17CxiTkqlNUtMLWQTEhw6E7ujYqJpLkXF84WnMwORVXQRHk%2F0YCR5AHOnGyfBurtERFIQCLCkG6%2BLzDKdQOZNi64CM6h%2Fgy29iRyLNVKr"}],"group":"cf-nel","max_age":604800}
Content-Type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
Accept-Ranges
bytes
CF-RAY
6ab97a3caf260f2a-DFW
B39caD5DMAtzexUhGDomDmBafXwHaVp6fwZlVHc
associalinterva.xyz/bE5KM1FDcSlAbDkKAHocOj46cj8LCygBMi0rC1c7NR8cSxNeJWxHOAhzfQNoXHt8FSEFKncBaEo9PlIlGT13AncFICxcbEo4dwJ/XGB/ 		0
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://associalinterva.xyz/bE5KM1FDcSlAbDkKAHocOj46cj8LCygBMi0rC1c7NR8cSxNeJWxHOAhzfQNoXHt8FSEFKncBaEo9PlIlGT13AncFICxcbEo4dwJ/XGB/B39caD5DMAtzexUhGDomDmBafXwHaVp6fwZlVHc
Requested by
Host: usfinf.net
URL: http://usfinf.net/-89918KZPC/2qdMM?rndad=3239775516-1636486454
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:454d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918KZPC/2qdMM?rndad=3239775516-1636486454
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:34:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0c56FrwQq7XFvjofCjJW5s8oa2lK0d2wqfqWVvHzYUBVQtC9Vp7TPP6EHDb40H4qW0bMQQRvqxwMNpP0ocxrCgg23UB0wLeaIj53XEW%2FD%2FMmRaw8RByJqd2d2RcKSdKtXUBB8leXx69TGtf1wXozOTYG"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
6ab97a3d48b96799-DFW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
utx
roytheticc.xyz/ 		0
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://roytheticc.xyz/utx?cb=WUTls6tGERfW&top=usfinf.net&tid=709056
Requested by
Host: d1a3jb5hjny5s4.cloudfront.net
URL: http://d1a3jb5hjny5s4.cloudfront.net/?hbjad=709056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.46.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-46-58.ewr52.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918KZPC/2qdMM?rndad=3239775516-1636486454
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:34:15 GMT
via
1.1 d58537e312a32f11086af17e2a952efc.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
x-amz-cf-pop
EWR52-C1
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
http://usfinf.net
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
OUHVXpzOwb_wCsOByzBCJBK3USQP66-ssnscwvV-apx6nkAt3pCxmw==
display.js
usfinf.net/js/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://usfinf.net/js/display.js
Requested by
Host: usfinf.net
URL: http://usfinf.net/-89918KZPC/2qdMM?rndad=3239775516-1636486454
Protocol
HTTP/1.1
Server
104.21.80.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b67d948e653f56aa7bc25cd403afa4fe04bafa3d8f3399ab0b84d96f1292259

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918KZPC/2qdMM?rndad=3239775516-1636486454
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 19:34:15 GMT
content-encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1742
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
5775
last-modified
Thu, 29 Jul 2021 14:08:58 GMT
Server
cloudflare
etag
"3e81-6102b67a-1a029ed62bba2563;gz"
vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dnu6vV0jGXA4ZiqdjpyHD%2FYCLfUH%2FwCUaKu08E8XMbn4WFiqGjkYF%2F67dCYemj4cv8YBWb7ywzOcSRVrzyTyGNpSG1uSrfSiM%2FQPJFnEfcz1c%2FFTjj%2Bv40ahrBaG"}],"group":"cf-nel","max_age":604800}
Content-Type
application/x-javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
Accept-Ranges
bytes
CF-RAY
6ab97a3b095767ab-DFW
expires
Tue, 16 Nov 2021 19:05:12 GMT
/
freychang.fun/ 		16 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://freychang.fun/?f=7837a0161f0754c085dc3812f7d5d438
Requested by
Host: cdn.usfinf.net
URL: http://cdn.usfinf.net/static/js/amvn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fca2fc0f5c4d7a5406a19b1089244a40e1ef58083209d1df5d84086af8aed41

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918KZPC/2qdMM?rndad=3239775516-1636486454
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:34:15 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
http://usfinf.net
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3tVE961%2FtX70sySYM%2BG8PkwsGBLhzxWhHRHz3lRQdQl%2Bxe1h0p018A2uhhfgmxUYlivBbByY2I9kLQcFbN6O%2FJwmu4YFYRI207Fjolkl2OZm3fqMfwzuOJWS3sv6lmrJ4F1a0hIhgBm5Ezdc"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
6ab97a3d28f00e62-DFW
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
freychang.fun/ 		16 B
727 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://freychang.fun/?f=7837a0161f0754c085dc3812f7d5d438
Requested by
Host: d1a3jb5hjny5s4.cloudfront.net
URL: http://d1a3jb5hjny5s4.cloudfront.net/?hbjad=709056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5e346eb6fc208708a7503d68dd5cd0f566726e422cd1754bf69a54cb1a5be5a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918KZPC/2qdMM?rndad=3239775516-1636486454
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:34:15 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
http://usfinf.net
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kXBUxbAs11RXJpoETOYhZpcjcIhtiDX%2BPjVIIDa0kgXyJDI1yfzzJ%2BfXYrDduAtika6Y92mHzLkbs%2B%2BTdA396Ub9%2F3ZjEGbuxBKpTb1SehNZU6JjOXWVNhHUAgfoS6cfUw%2B11K7izPdznfVW"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
6ab97a3d28f20e62-DFW
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
funcript1636486455659.php
usfinf.net/ 		0
593 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usfinf.net/funcript1636486455659.php?pub=21795659&v=aySF8m1ZMhzNcFuIM0zUYjiLL4CMJj1NZ0C4IC6MMujUET3OOvTUUW2bNvTJkHsaIDnBYSiKOvjtI2sYIlmdNErIIljtpW0acsnBVClLLMC1JEwVYIXtQEiKOgjYQzyMLuCcJziMa1W85CkdRpWtxklYblWdVVuZdsCBIH6cIBnBNSrKa0XYBDfeYgnsUDyNd2H4RWvabXiBIysOIwm4hChMcx2AgCiVOOiBIy5cN3D9QG5ZNu2lU21VNozAJChMYuTUYz1LZhmxIG1bYpTpF3lbYN2JQi0ONiGQJnlbNlDdEWyYNyTVF2hcM1CJJy9e
Requested by
Host: usfinf.net
URL: http://usfinf.net/js/display.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.80.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.27
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918KZPC/2qdMM?rndad=3239775516-1636486454
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:34:15 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.3.27
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G5dWai%2Bo4eTmYK75MA3kpNq6GPMfviP0C9BHxADF9K9QerA8iek%2BiXSBRcFwisP5xrvlHacsPrGGFEAVlkCOqfDvhbSe2gO6CySqbpK0Vq26NpHv6NwpkzG2FkXp"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
x-turbo-charged-by
LiteSpeed
cf-ray
6ab97a3ccd030c2f-DFW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
ga.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: usfinf.net
URL: http://usfinf.net/-89918KZPC/2qdMM?rndad=3239775516-1636486454
Protocol
H2
Server
2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918KZPC/2qdMM?rndad=3239775516-1636486454
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6439
date
Tue, 09 Nov 2021 17:46:56 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Tue, 09 Nov 2021 19:46:56 GMT

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
d_top_bg.png
cdn.usfinf.net/static/image/ 		156 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.usfinf.net/static/image/d_top_bg.png
Requested by
Host: cdn.usfinf.net
URL: http://cdn.usfinf.net/static/css/adfly_7.css
Protocol
HTTP/1.1
Server
172.67.153.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
938632fb472382061e62d8f1d033da03cbc84f150236e4251c8ece12241405ae

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://cdn.usfinf.net/static/css/adfly_7.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 19:34:15 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1742
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
156
last-modified
Tue, 10 Nov 2020 09:44:06 GMT
Server
cloudflare
etag
"9c-5faa60e6-6bfb178d8ae4aca5;;;"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BTjxahcA9jgUqOOCxKx5jOChHzRLflBTLlfKNU%2FW9Ai8bLUE%2BbolVVkQLUJOOHB71EOJqMMyBMPb5VwNHQx0inW0%2B74N3G05iEdtNk7aqmdCBxficNNxcZugP5BBkH6CDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
Accept-Ranges
bytes
CF-RAY
6ab97a3c3b94639e-ORD
expires
Tue, 16 Nov 2021 19:05:13 GMT
d_bottom_bg2.png
cdn.usfinf.net/static/image/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.usfinf.net/static/image/d_bottom_bg2.png
Requested by
Host: cdn.usfinf.net
URL: http://cdn.usfinf.net/static/css/adfly_7.css
Protocol
HTTP/1.1
Server
172.67.153.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27ab7efdb31ee6b311557cb2296d9bdb4c5038a230bcb4f9bc1a2409bb73863a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://cdn.usfinf.net/static/css/adfly_7.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 19:34:15 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1741
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
2829
last-modified
Tue, 10 Nov 2020 09:44:06 GMT
Server
cloudflare
etag
"b0d-5faa60e6-47ec8d363413ae2c;;;"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ra5Y%2BuOdp%2FImT3fxh8Dl8d%2FMXMAPItFUyQW5M4bLbF96bMmf5yTQuyXrjke8r60n4aBKx55TxbIlPUFEbEy8r0IiNtKqoNoS5NmNHobtiNrZMTmQOcF52fwCMpAyhFRKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
Accept-Ranges
bytes
CF-RAY
6ab97a3c68eb6713-DFW
expires
Tue, 16 Nov 2021 19:05:14 GMT
2market_bidshow.php
usfinf.net/ 		127 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://usfinf.net/2market_bidshow.php?user_id=21795659&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F95.0.4638.54%20Safari%2F537.36&ref_url=eyJ1cmwiOm51bGwsImRvbWFpbiI6bnVsbH0%3D&url=https%3A%2F%2Fwww7.freddyoctavio.pro%2Fpushredirect%2F%3Fnetwork%3D6%26site%3Dadfly%26ppi%3D21795659%26pci%3D6980219625%26t%3D1636486454%26dest%3Dhttps%253A%252F%252Fcutt.us%252FH5or3&url_id=6980219625&t=8bc19db028e504f59b1120a1ff9c72c2&w=629a40cac80f138e3bc5503656426df7
Requested by
Host: cdn.usfinf.net
URL: http://cdn.usfinf.net/static/js/view117_bidshow.js
Protocol
HTTP/1.1
Server
104.21.80.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.27
Resource Hash
51c9069c9d2946f822459df6ab632d458f4e1c4d40f0feed66a4308ad4ae55a6

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918KZPC/2qdMM?rndad=3239775516-1636486454
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 19:34:15 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.3.27
Transfer-Encoding
chunked
p3p
policyref="http://adf.ly/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa IVAi IVDi CONi HISi TELi OUR IND PHY ONL FIN COM NAV INT DEM GOV"
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
no-cache
Server
cloudflare
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P2404Zdf1G08DfWG9XnWyqN7b0KvCsIgyPE%2BpVnYk7Ma0VMdp%2FpJtPzEnLb2XZonpBnZ13LtAh8QCJ0h55uc2IqdTItLe7dZiwFOhlXPrBMcTYaWiOhqNNqeDAPk"}],"group":"cf-nel","max_age":604800}
Content-Type
application/json
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
x-turbo-charged-by
LiteSpeed
CF-RAY
6ab97a3c3d0067ab-DFW
cwMiByMOJwY8LhIDVg
rulinecrea.xyz/Z050RVIGLBcobQZzFmMnFSJJYGAha0YDNhIoFSxmBX8VNWFUNFomPgg7ECMgCCAAazwCOlF3FCUaRC0fNAohNhgeBwEGOBQmPw0HIyhHPXdVCBIiFBcHHn08MDRNdBBUex8GNSIsNXUTEgEcHDQ9BkEwHSMEJiY8Dz8+AwMPAkcDJzINMTcxPy... Frame FF8D 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://rulinecrea.xyz/Z050RVIGLBcobQZzFmMnFSJJYGAha0YDNhIoFSxmBX8VNWFUNFomPgg7ECMgCCAAazwCOlF3FCUaRC0fNAohNhgeBwEGOBQmPw0HIyhHPXdVCBIiFBcHHn08MDRNdBBUex8GNSIsNXUTEgEcHDQ9BkEwHSMEJiY8Dz8+AwMPAkcDJzINMTcxPyUgCTsQOxAUFBceMDI8PyA9Nx4zDCcLKAwkOHQlCyweLiIkDT0rHA4ILgwrCz4RKxxRFBo9JiV9TSIdHggWDisEeTs9EF4rNwxqIgZFcTQ/KRYjYFZrRgMRDwxNIBYUJiN2Pl8vLDFhBiAEfR8mAEMcBUoiQgcBU3okBgA2ATd1Jy5/A3IwP3o7BBofa0YDCwk9MCQ8F3YtA2YJHjcAOSIGRAkzPyEyDCsiIDgXEF4rNzYmMSclKwgwfjwjKxQlOyk9DgIjKWQEfS58CwkpFiBhUmtGAzElOkIjFQt4NhElFwUdKRotI0VgYCUKEwdqAXw+chNVJU0mA0EkByo8F3M/cwMiByMOJwY8LhIDVg
Requested by
Host: cdn.usfinf.net
URL: http://cdn.usfinf.net/static/js/amvn.js
Protocol
HTTP/1.1
Server
13.33.46.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-46-108.ewr52.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
905b6707b61c2d52b15f222d72c35e58e09ad218936bb0afaf63b9bee02ebd40

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918KZPC/2qdMM?rndad=3239775516-1636486454

Response headers

Content-Type
text/html
Content-Length
1239
Connection
keep-alive
Date
Tue, 09 Nov 2021 19:34:15 GMT
Server
openresty/1.17.8.2
cache-control
no-store, no-cache, must-revalidate, no-transform
Pragma
no-cache
P3P
CP="NID DSP ALL COR"
content-encoding
gzip
X-Cache
Miss from cloudfront
Via
1.1 3b1807627d3f1dc0cdeb157fc313627b.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
EWR52-C1
X-Amz-Cf-Id
xMx9RpqBLEDuIitFNM2c7O5SnaimTWb7gmmFV9_8s2PTgTzY1IP06w==
ETYuc1czIzZ6ZCcPJVwDZQIJemUSDwRVVDg0K1JKJERVcmQsUFZ2dj8iP11oEyhXbXkVMCEBZBY7V3VfIzYlZRQ+EghaQmkAN3hABhNTflFnLw
rulinecrea.xyz/VGFnNDI1AwRZDTVcBRJHJg1aEQASRFVyViEHBl0GNlAGRAFnG0lXXjsUA1JAOw8TGlwxFUIGdCYzHWZ5DRsAX2UtMCF2SBoFK1gGBAUQBQQCBlJcaj4KKmJYNyssTnxkLzBtBgJSLl9wIzMhYHZlMAMFfzEqVmFZFiAxXGcHMCZ2ag0yLENWNQ... Frame 08B3 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://rulinecrea.xyz/VGFnNDI1AwRZDTVcBRJHJg1aEQASRFVyViEHBl0GNlAGRAFnG0lXXjsUA1JAOw8TGlwxFUIGdCYzHWZ5DRsAX2UtMCF2SBoFK1gGBAUQBQQCBlJcaj4KKmJYNyssTnxkLzBtBgJSLl9wIzMhYHZlMAMFfzEqVmFZFiAxXGcHMCZ2ag0yLENWNQQAdkESUQBbamcCJmNmbTUqXHgMKCEEVQY0V1lxBwIqZVthOC1TezAFP34XZiczZVo9IwlEfgAYUlV+Mxk3enASVTIFay4kP1xmFzkEVVc/OCt2YBJVMgQKITYJTGocOTUGUGUkLmRFHkRVdmE8UFZ2cXkSM2dxIDM3ZWg1LSEEF2YjNVNdFiA/WGcSDzZ3UGUkLlYDbAghBWcmJD9TVRw5MnF4MxEzfVoSVTIFCj03HnF/ETYuc1czIzZ6ZCcPJVwDZQIJemUSDwRVVDg0K1JKJERVcmQsUFZ2dj8iP11oEyhXbXkVMCEBZBY7V3VfIzYlZRQ+EghaQmkAN3hABhNTflFnLw
Requested by
Host: cdn.usfinf.net
URL: http://cdn.usfinf.net/static/js/amvn.js
Protocol
HTTP/1.1
Server
13.33.46.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-46-108.ewr52.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
96c480753a7d7709a405ecc8f065d182f201f87a31956f427a82dc1f30a262b7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918KZPC/2qdMM?rndad=3239775516-1636486454

Response headers

Content-Type
text/html
Content-Length
1230
Connection
keep-alive
Date
Tue, 09 Nov 2021 19:34:15 GMT
Server
openresty/1.17.8.2
cache-control
no-store, no-cache, must-revalidate, no-transform
Pragma
no-cache
P3P
CP="NID DSP ALL COR"
content-encoding
gzip
X-Cache
Miss from cloudfront
Via
1.1 e6d15137ec23376f4c8a22e6edb289bd.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
EWR52-C1
X-Amz-Cf-Id
npMHOyCdwLwhUMleUX6YGWiVRA-5Zpx3YWjp896UQBKRt8qmK1LT0g==
/
usfinf.net/rtb/validate/e0cfc880fc8706ea5a00d94ce742f98d/ Frame 744A 		28 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://usfinf.net/rtb/validate/e0cfc880fc8706ea5a00d94ce742f98d/?type=1&user_id=21795659&k=505756&c=1
Requested by
Host: cdn.usfinf.net
URL: http://cdn.usfinf.net/static/js/view117_bidshow.js
Protocol
HTTP/1.1
Server
104.21.80.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.27
Resource Hash
cbd7436e3ce9694c58983f99416d3d65d0965e61a3c43880dedce532835fbbdb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

Date
Tue, 09 Nov 2021 19:34:15 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
x-powered-by
PHP/7.3.27
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
CF-Cache-Status
DYNAMIC
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=30MpdiwSX6N1zD5FfTgSrawugFPmD2A5TX1WkiFkIfTyn96acyntCgEczT69AOymicGGa%2BpK43P4NTKsDyWLMA0GQ9Io275sAAemou8N4343FAI5yyxRSOesSChn"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
6ab97a3cff1b67ab-DFW
Content-Encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1916767105&utmhn=usfinf.net&utme=8(User)9(21795659)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1916767105&utmhn=usfinf.net&utme=8(User)9(21795659)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6469700-9&cid=1031377853.1636486456&jid=359940622&_v=5.7.2&z=1916767105
35 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6469700-9&cid=1031377853.1636486456&jid=359940622&_v=5.7.2&z=1916767105
Requested by
Host: usfinf.net
URL: http://usfinf.net/-89918KZPC/2qdMM?rndad=3239775516-1636486454
Protocol
H2
Server
2607:f8b0:4023:1404::9d Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918KZPC/2qdMM?rndad=3239775516-1636486454
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 09 Nov 2021 19:34:16 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:34:15 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6469700-9&cid=1031377853.1636486456&jid=359940622&_v=5.7.2&z=1916767105
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
369
expires
Fri, 01 Jan 1990 00:00:00 GMT
multi
rulinecrea.xyz/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rulinecrea.xyz/multi?cs=d2VmczFOVVZGBEBXVkUIRlJfRQI&abt=0&red=1&sm=76&k=h5or3%20shrink%20your%20urls%20paid&v=1.0.54.0&sts=0&prn=0&emb=0&tid=709056&fs=1&ref=http%3A%2F%2Fusfinf.net%2F-89918KZPC%2F2qdMM%3Frndad%3D3239775516-1636486454&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F95.0.4638.54%20safari%2F537.36&tzd=0&uloc=&if=0&_lnOr=1636486455885&crc=1
Requested by
Host: cdn.usfinf.net
URL: http://cdn.usfinf.net/static/js/amvn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.46.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-46-108.ewr52.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
65c6075d5cf3e17fcb86254d0a5d0189d5fd33d48d022fa2d4d20782ca366c29

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918KZPC/2qdMM?rndad=3239775516-1636486454
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:34:15 GMT
content-encoding
gzip
server
openresty/1.17.8.2
x-amz-cf-pop
EWR52-C1
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
http://usfinf.net
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
content-type
text/plain
content-length
1379
via
1.1 bf5abe06e7e8ddc3963a0afd0a961f75.cloudfront.net (CloudFront)
x-amz-cf-id
hoSgopgdAmjbpR2GXQ-V98_tZZne7CaF0sPs9e6blwGDAHdxUTcL6g==
encoding.js
usfinf.net/static/js/ Frame 744A 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://usfinf.net/static/js/encoding.js
Requested by
Host: usfinf.net
URL: http://usfinf.net/rtb/validate/e0cfc880fc8706ea5a00d94ce742f98d/?type=1&user_id=21795659&k=505756&c=1
Protocol
HTTP/1.1
Server
104.21.80.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a713376b08fd74e7edb469234b525ba596d7c5317793ffd8a9a5eb83d05832bf

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/rtb/validate/e0cfc880fc8706ea5a00d94ce742f98d/?type=1&user_id=21795659&k=505756&c=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 19:34:15 GMT
content-encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1741
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
2869
last-modified
Wed, 21 Jul 2021 19:37:10 GMT
Server
cloudflare
etag
"240a-60f87766-1ba2410bd1492e63;gz"
vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K9M9bSk1DkFeNV6GPRkyS2yon8zo%2FUad121%2BpLZkHZxyTvQEXicKBwpv37mcse%2FwiS7F3jGm0Q3EldYPKtR7zNLQdPmTuiSDzz1hJ8VrWMZMCjzXFTiAXQEzsd%2Bp"}],"group":"cf-nel","max_age":604800}
Content-Type
application/x-javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
Accept-Ranges
bytes
CF-RAY
6ab97a3da95767ab-DFW
expires
Tue, 16 Nov 2021 19:05:14 GMT
Vx11BDkCXiZGI0YKAQF5VBZ0AmwWBQ
dufai4b1ap33z.cloudfront.net/rRzRKYzgkWyQFBzNdLl4Pdw16Vg5hXjkMVjcJKzN0NWY4V3IkBwRFTD1Qd1MeK1UkBAVhUSQABXYSKwdaegBsF0goX3cAWT9TMhJXIF0gRU0mCScMQi5YJgIddXJ/TQhiBnpLTy5aLgxPNBF4U1YzEXhTCXcaekYLBRF4U08... Frame 08B3 		579 B
831 B 		Script
General
Check archive.org
Download Go to
Full URL
http://dufai4b1ap33z.cloudfront.net/rRzRKYzgkWyQFBzNdLl4Pdw16Vg5hXjkMVjcJKzN0NWY4V3IkBwRFTD1Qd1MeK1UkBAVhUSQABXYSKwdaegBsF0goX3cAWT9TMhJXIF0gRU0mCScMQi5YJgIddXJ/TQhiBnpLTy5aLgxPNBF4U1YzEXhTCXcaekYLBRF4U08uWnxXHXR2b1EIPwJ+Sh11BC-sTSCtRPQZaLF0+RgoBAXlUFnQCb1EIb18iF1UrEXggHXUEJgpTIhF4U18iVyEMEWIGegBQNVsnBh11cnNWFncaflULfxp/Vx11BDkCXiZGI0YKAQF5VBZ0AmwWBQ
Requested by
Host: rulinecrea.xyz
URL: http://rulinecrea.xyz/VGFnNDI1AwRZDTVcBRJHJg1aEQASRFVyViEHBl0GNlAGRAFnG0lXXjsUA1JAOw8TGlwxFUIGdCYzHWZ5DRsAX2UtMCF2SBoFK1gGBAUQBQQCBlJcaj4KKmJYNyssTnxkLzBtBgJSLl9wIzMhYHZlMAMFfzEqVmFZFiAxXGcHMCZ2ag0yLENWNQQAdkESUQBbamcCJmNmbTUqXHgMKCEEVQY0V1lxBwIqZVthOC1TezAFP34XZiczZVo9IwlEfgAYUlV+Mxk3enASVTIFay4kP1xmFzkEVVc/OCt2YBJVMgQKITYJTGocOTUGUGUkLmRFHkRVdmE8UFZ2cXkSM2dxIDM3ZWg1LSEEF2YjNVNdFiA/WGcSDzZ3UGUkLlYDbAghBWcmJD9TVRw5MnF4MxEzfVoSVTIFCj03HnF/ETYuc1czIzZ6ZCcPJVwDZQIJemUSDwRVVDg0K1JKJERVcmQsUFZ2dj8iP11oEyhXbXkVMCEBZBY7V3VfIzYlZRQ+EghaQmkAN3hABhNTflFnLw
Protocol
HTTP/1.1
Server
2600:9000:2269:ac00:1f:315e:7fc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
41ecdf7d42681066a73f4a7c212f0fd1213db261367c5b61c062ae9d79db3cb1

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://rulinecrea.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 19:34:16 GMT
Content-Encoding
gzip
X-Amz-Cf-Pop
IAD89-P1
X-Cache
Miss from cloudfront
access-control-allow-origin
*
Cache-Control
max-age=31556926
Connection
keep-alive
Content-Length
444
Via
1.1 9349b115ae66d16aae68deb9bb5eebc2.cloudfront.net (CloudFront)
X-Amz-Cf-Id
CgCslpmDZwUsfBHgTjvHyifgqSdIxYlvxOSBoZdl45Q_SwiP3ZsXHw==
cBt6fGl6BTwpKilHJm1+DgB8f2J7A2k9cQ
dufai4b1ap33z.cloudfront.net/BT0hMSDUsJyIuCjshKHUDf3x/fgFpIj8nWz91B35kCgEbA0AuOhYfZH5uODJRcnhqJFQhL3FuUCErcXkTLiwudQFpPDwnXnIrLTBSNzkjL1wlbjkpCCInNiFZIylpenN6ZnxtB39gOyFbKyc7OxB9eCI8EH14fXgbf21/ChB... Frame FF8D 		710 B
908 B 		Script
General
Check archive.org
Download Go to
Full URL
http://dufai4b1ap33z.cloudfront.net/BT0hMSDUsJyIuCjshKHUDf3x/fgFpIj8nWz91B35kCgEbA0AuOhYfZH5uODJRcnhqJFQhL3FuUCErcXkTLiwudQFpPDwnXnIrLTBSNzkjL1wlbjkpCCInNiFZIylpenN6ZnxtB39gOyFbKyc7OxB9eCI8EH14fXgbf21/ChB9eDshW3l8aXt3anp8MAN7YW-l6BS44PCRQOC0uI1w7bX4OAHx/YnsDanp8YF4nPCEkEH0LaXoFIyEnLRB9eCstViQnZW0HfyskOloiLWl6c3Z9Yngbe35/cBt6fGl6BTwpKilHJm1+DgB8f2J7A2k9cQ
Requested by
Host: rulinecrea.xyz
URL: http://rulinecrea.xyz/Z050RVIGLBcobQZzFmMnFSJJYGAha0YDNhIoFSxmBX8VNWFUNFomPgg7ECMgCCAAazwCOlF3FCUaRC0fNAohNhgeBwEGOBQmPw0HIyhHPXdVCBIiFBcHHn08MDRNdBBUex8GNSIsNXUTEgEcHDQ9BkEwHSMEJiY8Dz8+AwMPAkcDJzINMTcxPyUgCTsQOxAUFBceMDI8PyA9Nx4zDCcLKAwkOHQlCyweLiIkDT0rHA4ILgwrCz4RKxxRFBo9JiV9TSIdHggWDisEeTs9EF4rNwxqIgZFcTQ/KRYjYFZrRgMRDwxNIBYUJiN2Pl8vLDFhBiAEfR8mAEMcBUoiQgcBU3okBgA2ATd1Jy5/A3IwP3o7BBofa0YDCwk9MCQ8F3YtA2YJHjcAOSIGRAkzPyEyDCsiIDgXEF4rNzYmMSclKwgwfjwjKxQlOyk9DgIjKWQEfS58CwkpFiBhUmtGAzElOkIjFQt4NhElFwUdKRotI0VgYCUKEwdqAXw+chNVJU0mA0EkByo8F3M/cwMiByMOJwY8LhIDVg
Protocol
HTTP/1.1
Server
2600:9000:2269:ac00:1f:315e:7fc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
5e02169f46f4ac321c7c24d8ee05ac0f5f24424869ba5d7466fc28ac64ecec8f

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://rulinecrea.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 19:34:16 GMT
Content-Encoding
gzip
X-Amz-Cf-Pop
IAD89-P1
X-Cache
Miss from cloudfront
access-control-allow-origin
*
Cache-Control
max-age=31556926
Connection
keep-alive
Content-Length
521
Via
1.1 2a6e657acb4fd3f6aee2e3da45e44642.cloudfront.net (CloudFront)
X-Amz-Cf-Id
EmvSJKRsX5kgOb55oZTqcbVXXEUCg4yQGK9-Lfa7rDJdM8KVa6C6mg==
display
babblecase.com/ad/ Frame F9ED
Redirect Chain
  • http://usfinf.net/rtb/show/e0cfc880fc8706ea5a00d94ce742f98d/?k=505756&cs=vkNmTcMh3ZLWjYMT2BICiNw1i4dCWOQziYODiNIuyAMjTLc15kNzTLYl11O2SbIyshI2nQYgykIyjborwNLWCZJHmBZSmZYrilOGjbQgxwMCzTYN5RMFDSAL3hMC...
  • http://babblecase.com/ad/display?ad_id=759011
404 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://babblecase.com/ad/display?ad_id=759011
Requested by
Host: usfinf.net
URL: http://usfinf.net/rtb/validate/e0cfc880fc8706ea5a00d94ce742f98d/?type=1&user_id=21795659&k=505756&c=1
Protocol
HTTP/1.1
Server
172.67.158.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / adfly
Resource Hash
ac478ca8e720d24efecc2585c8bdb07577d8475c33f73b9af40900d0350bb0cf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
about:blank

Response headers

Date
Tue, 09 Nov 2021 19:34:16 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
x-powered-by
adfly
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
CF-Cache-Status
DYNAMIC
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h7Kgh7CPGtA%2FZCaLtjnlYnCXKD54sfazBiFdT8mJ1sTbsdDRRr%2BI%2BuXbPZ3yMI%2FnPVAFDu1jusdgiEapTTnNuy6PBdODwp6ZY%2FRdw0CtuDXdKhDXOvaGxETooW5hPMUpZw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
6ab97a4018000f42-DFW
Content-Encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date
Tue, 09 Nov 2021 19:34:16 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
x-powered-by
PHP/7.3.27
location
http://babblecase.com/ad/display?ad_id=759011
cache-control
no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by
LiteSpeed
CF-Cache-Status
DYNAMIC
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O47X5SoRZrawBUwJuehlODEYHthT6jFQzgC7KOqqJKVTypDNrm7i311N4Gy2j6ZXggEjnCBgV2Hoe0ZttooQJnqD5NpIYVfPWmv6Uwr1NUrIVVxts3GJ47TpwXpi"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
6ab97a3f2da867ab-DFW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
truncated
/ Frame CBE3 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3c1e4cc7644ff1698616e3b394dc02cc07aa5a5e2fe94f992de85246c467dfa9

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918KZPC/2qdMM?rndad=3239775516-1636486454
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/svg+xml
6S6F_720.90.jpg
s3.amazonaws.com/public.digitalaltitude.co/zanners/ Frame F9ED 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://s3.amazonaws.com/public.digitalaltitude.co/zanners/6S6F_720.90.jpg
Requested by
Host: babblecase.com
URL: http://babblecase.com/ad/display?ad_id=759011
Protocol
HTTP/1.1
Server
52.217.168.192 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://babblecase.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021110401&st=env

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler boolean| frame_check object| antiClickjack function| $ function| jQuery number| LAST_CORRECT_EVENT_TIME number| _2005463505 number| _2328677372 function| fa string| tkn string| log_token string| user_id string| url_id string| ysmm string| ref_url string| waitmsg string| skip_button number| intpop string| adfly_id number| pat string| bindElement function| o6xx function| A6VV string| jmbdd boolean| adfly_google_compliant object| _gaq function| goal object| adReporter function| removeCookieNotice function| getCookie function| z000 function| MD5 function| decryptUrl number| countdown boolean| counter_started boolean| loaded boolean| opera number| t boolean| abd number| fail_timer number| fail_count function| handleAdbClick function| onMessage function| md5_hh object| abC function| getFlyMessage function| bit_rol string| dn string| key_a function| md5_ii object| xhr function| V function| md5_gg function| M function| md5_ff function| md5_cmn function| safe_add function| cookieCheck function| Y function| X function| base64_decode_view function| k9WW function| checkstart function| stCntr function| cnt object| _gat object| gaGlobal number| iinf

17 Cookies

Domain/Path Name / Value
.cutt.us/ Name: _ga
Value: GA1.2.904401304.1636486454
.cutt.us/ Name: _gid
Value: GA1.2.37707632.1636486454
.cutt.us/ Name: _gat_gtag_UA_31510493_1
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.cutt.us/ Name: __gads
Value: ID=ec3a87dd16fa3381-22763ebe527b00cb:T=1636486454:S=ALNI_Mb8NBl-Z-Z7xkjyJOXd5N5XImpMvw
fumacrom.com/ Name: FLYSESSID
Value: gj0rocsjqh9g9j7ppsdf5clfet
usfinf.net/ Name: FLYSESSID
Value: 58duve1a41s2man2ojtfo4lcdm
.usfinf.net/ Name: yp1
Value: 4df6f43f3b1cae6ee43fe9e77747312a
.usfinf.net/ Name: yp2
Value: 39b0c6ebcea15ad0a0cab1856df29e69
.usfinf.net/ Name: yp3
Value: 3239775516
usfinf.net/ Name: market_759011
Value: 2624505
usfinf.net/ Name: adfly_ad_report
Value: 759011_2624505
.usfinf.net/ Name: __utma
Value: 185573165.1031377853.1636486456.1636486456.1636486456.1
.usfinf.net/ Name: __utmc
Value: 185573165
.usfinf.net/ Name: __utmz
Value: 185573165.1636486456.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.usfinf.net/ Name: __utmt
Value: 1
.usfinf.net/ Name: __utmb
Value: 185573165.1.10.1636486456

1 Console Messages

Source Level URL
Text
network error URL: http://s3.amazonaws.com/public.digitalaltitude.co/zanners/6S6F_720.90.jpg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
adservice.google.com
ajax.googleapis.com
associalinterva.xyz
babblecase.com
cdn.usfinf.net
cutt.us
d1a3jb5hjny5s4.cloudfront.net
dufai4b1ap33z.cloudfront.net
freychang.fun
fumacrom.com
pagead2.googlesyndication.com
roytheticc.xyz
rulinecrea.xyz
s3.amazonaws.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
usfinf.net
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
pagead2.googlesyndication.com
104.21.2.30
104.21.80.202
13.33.46.108
13.33.46.58
142.250.80.66
172.67.153.199
172.67.158.162
2600:9000:2269:ac00:1f:315e:7fc0:21
2600:9000:2305:c00:12:c391:3100:21
2606:4700:3030::6815:2dcf
2606:4700:3033::6815:454d
2607:f8b0:4006:809::2008
2607:f8b0:4006:80a::2002
2607:f8b0:4006:80e::200a
2607:f8b0:4006:81c::200d
2607:f8b0:4006:822::200e
2607:f8b0:4006:823::2002
2607:f8b0:4023:1404::9d
2a03:2880:f112:83:face:b00c:0:25de
52.217.168.192
69.61.26.121
042313bf805bd8d9a1c6b2a88c90e15407004fcc6e9c5d5974c87c85c20796f3
0a607f27600e85addcfd1415ee611a370a30dce3f53ac200d3e0e25d2bdc5157
0d0f8cf857051b379423f8e63120c8d72cf8ceea629fca40b8da5273e1976f95
0e4f79ad5a23616e2335f51d4569acd07ec8c167f06b9f4b8fad76b94b387fb8
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
13cad7fb56a878cd12d9456a8754cf13433ac6741338371f87776b4373411b15
1a65eca7c102c3a7ec3da4f688c7fe2e88f5a3d6382a13d224938a8e66c65fac
1feb7809a6145eb5a06f98be7ea32a44f5770e24651a0219b7edfced19e5ff4d
27ab7efdb31ee6b311557cb2296d9bdb4c5038a230bcb4f9bc1a2409bb73863a
2fa2ba143aaedc6b6169e9b024d4f12df4acfc5995950dce175fd97644dd0c43
3c1e4cc7644ff1698616e3b394dc02cc07aa5a5e2fe94f992de85246c467dfa9
41ecdf7d42681066a73f4a7c212f0fd1213db261367c5b61c062ae9d79db3cb1
4b67d948e653f56aa7bc25cd403afa4fe04bafa3d8f3399ab0b84d96f1292259
51c9069c9d2946f822459df6ab632d458f4e1c4d40f0feed66a4308ad4ae55a6
573790863ad94d405969449d4690b60498ae7bc2f8f0269b7eee365263aebe4e
5e02169f46f4ac321c7c24d8ee05ac0f5f24424869ba5d7466fc28ac64ecec8f
65c6075d5cf3e17fcb86254d0a5d0189d5fd33d48d022fa2d4d20782ca366c29
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7478a48a53e5248d4c399ac70978ca5d1a97d5ccb9f92a42431aee118f94a56e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
905b6707b61c2d52b15f222d72c35e58e09ad218936bb0afaf63b9bee02ebd40
938632fb472382061e62d8f1d033da03cbc84f150236e4251c8ece12241405ae
96c480753a7d7709a405ecc8f065d182f201f87a31956f427a82dc1f30a262b7
9976a6ecb3c55b071fd718a5849aa06de3cec11a5a80ff3f73ff564018d1443b
9fca2fc0f5c4d7a5406a19b1089244a40e1ef58083209d1df5d84086af8aed41
a0f143a1f26c1bfe87b3d690d81b0dfdc5424570d245cf1aebc1eadc0ce9755b
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a713376b08fd74e7edb469234b525ba596d7c5317793ffd8a9a5eb83d05832bf
a84956aa983e7d398b0f4346769e35792af58f217f5dcc535dcd7ab5996b999a
ac478ca8e720d24efecc2585c8bdb07577d8475c33f73b9af40900d0350bb0cf
b281ad15b8eae8656a12eb97b8fea4002f82f70a9031ae5bc9af3d0cc177a85b
cbd7436e3ce9694c58983f99416d3d65d0965e61a3c43880dedce532835fbbdb
d5e346eb6fc208708a7503d68dd5cd0f566726e422cd1754bf69a54cb1a5be5a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecafecffa0db9b7f76734f0bcab9c4646954668aebd3e86dc38cdbe162d3f250
ef8721967f0cca2539ee60f9cad0e8c1ef89f18a53964a4e6101033d23a4ba29
f52197d98b608e7b5c4b9427f0afea6791039a8905cbf8a0c18ce5972ce53c83