urlscan.io logo urlscan.io
SecurityTrails logo

usfinf.net Open in urlscan Pro
104.21.80.202  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://cutt.us/MZgIB
Effective URL: http://usfinf.net/-89918AZIR/2qdMM?rndad=3257167644-1636566664
Submission: On November 10 via manual from SA — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 2 countries across 17 domains to perform 52 HTTP transactions. The main IP is 104.21.80.202, located in and belongs to CLOUDFLARENET, US. The main domain is usfinf.net.
This is the only time usfinf.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 69.61.26.122 22653 (GLOBALCOM...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 142.250.80.8 15169 (GOOGLE)
3 142.251.40.226 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 1 172.67.128.165 13335 (CLOUDFLAR...)
1 7 104.21.80.202 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 4 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
12 172.67.153.199 13335 (CLOUDFLAR...)
1 2600:9000:21e... 16509 (AMAZON-02)
6 18.67.76.100 16509 (AMAZON-02)
3 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a03:2880:f11... 32934 (FACEBOOK)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2607:f8b0:402... 15169 (GOOGLE)
2 2600:9000:202... 16509 (AMAZON-02)
1 104.21.9.25 13335 (CLOUDFLAR...)
1 2a04:4e42:400... 54113 (FASTLY)
52 22
1    69.61.26.122 (United States)

ASN22653 (GLOBALCOMPASS, US)
cutt.us
1    2607:f8b0:4006:80f::2002 (United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    142.250.80.8 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s33-in-f8.1e100.net
www.googletagmanager.com
3    142.251.40.226 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2607:f8b0:4006:807::2002 (United States)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2607:f8b0:4006:80e::2001 (United States)

ASN15169 (GOOGLE, US)
4d7804020e49d9bae9588c63d575ab00.safeframe.googlesyndication.com
1    172.67.128.165 (United States)

ASN13335 (CLOUDFLARENET, US)
fumacrom.com
7    104.21.80.202 (None, )

ASN13335 (CLOUDFLARENET, US)
usfinf.net
1    2607:f8b0:4006:81e::2002 (United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    2607:f8b0:4006:80e::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2607:f8b0:4006:816::200a (United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
12    172.67.153.199 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.usfinf.net
1    2600:9000:21ea:c600:12:c391:3100:21 (United States)

ASN16509 (AMAZON-02, US)
d1a3jb5hjny5s4.cloudfront.net
6    18.67.76.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-76-100.iad89.r.cloudfront.net
ouncedbi.xyz
3    2606:4700:3031::ac43:b990 (United States)

ASN13335 (CLOUDFLARENET, US)
jerunamendary.xyz
1    2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2607:f8b0:4006:81c::200d (United States)

ASN15169 (GOOGLE, US)
accounts.google.com
2    2606:4700:3030::ac43:dadd (United States)

ASN13335 (CLOUDFLARENET, US)
freychang.fun
1    2607:f8b0:4023:1404::9c (Columbus, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2600:9000:202c:5200:1f:315e:7fc0:21 (United States)

ASN16509 (AMAZON-02, US)
dufai4b1ap33z.cloudfront.net
1    104.21.9.25 (None, )

ASN13335 (CLOUDFLARENET, US)
babblecase.com
1    2a04:4e42:400::393 (United States)

ASN54113 (FASTLY, US)
res.cloudinary.com
Domain Requested by
12 cdn.usfinf.net usfinf.net
cdn.usfinf.net
7 usfinf.net 1 redirects cutt.us
usfinf.net
cdn.usfinf.net
6 ouncedbi.xyz cdn.usfinf.net
d1a3jb5hjny5s4.cloudfront.net
4 www.google-analytics.com 1 redirects www.googletagmanager.com
www.google-analytics.com
usfinf.net
3 jerunamendary.xyz usfinf.net
3 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
2 dufai4b1ap33z.cloudfront.net ouncedbi.xyz
2 freychang.fun cdn.usfinf.net
d1a3jb5hjny5s4.cloudfront.net
2 accounts.google.com usfinf.net
1 res.cloudinary.com babblecase.com
1 babblecase.com usfinf.net
1 stats.g.doubleclick.net usfinf.net
1 www.facebook.com usfinf.net
1 d1a3jb5hjny5s4.cloudfront.net usfinf.net
1 ajax.googleapis.com usfinf.net
1 pagead2.googlesyndication.com securepubads.g.doubleclick.net
1 fumacrom.com 1 redirects
1 4d7804020e49d9bae9588c63d575ab00.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 www.googletagmanager.com cutt.us
1 www.googletagservices.com cutt.us
1 cutt.us
0 tpc.googlesyndication.com Failed securepubads.g.doubleclick.net
52 23

This site contains links to these domains. Also see Links.

Domain
support.adf.ly
adf.ly
Subject Issuer Validity Valid
www.cutt.us
R3		 2021-10-09 -
2022-01-07		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
ouncedbi.xyz
Amazon		 2021-10-19 -
2022-11-17		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-11-07 -
2022-11-06		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-08-20 -
2021-11-18		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.usfinf.net
R3		 2021-10-26 -
2022-01-24		 3 months crt.sh
*.cloudinary.com
Go Daddy Secure Certificate Authority - G2		 2020-05-27 -
2022-06-22		 2 years crt.sh

This page contains 7 frames:

Primary Page: http://usfinf.net/-89918AZIR/2qdMM?rndad=3257167644-1636566664
Frame ID: A9E804FDE1518BB7DA572AA26979190F
Requests: 43 HTTP requests in this frame

Frame: https://4d7804020e49d9bae9588c63d575ab00.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CC809A8913A6B9B5B62CE78BC06FD907
Requests: 1 HTTP requests in this frame

Frame: http://ouncedbi.xyz/ZjhGbkgHWiUDdwcFJEg9FFR7S3ogHXQoLBNeJwd8BAknHntVQmgNJAlNIgg6CVYyQCYDTGNcDlZ2PCgHNFNzOxAPeSENHShhDQA8UnoxOHEFcCk8HxwINicNBXUNNh0IYncBAS55AF4sHFstPnoFYAkEPxd7ISgnLVF/NB4IdiEleQprJV0sCW4qOzsDCyk8GjIMNiQZFn4PFwEBYAM/cC98LiwOHEsoDXkWXQgtcA9vdyw6AnkhLQBVDSwICQViCT1wAW13Wn0obzUoCTV5Pw8/M3ogXRIBej48cSR/NSgJMlMwJwkjfiddHSt9ISBtVHoWAC8ifwFDPFZeKjQKNlEpHBkgaTUiGwJ8ACY/J10xPw8/cBBaDQF2Y1wKBFEQCBo1dTcPPzBBJ10aQwoEOXkBVA9cOyB5FQUiKm4+CxJUdn4seS9VCC0OB24BGngleXIrES5iIS8/AgEgAwklehEaeABTFD8DJVt+NiA0AAcmOyN6Kyx5A3oAKysRHiwdJwhIewl7D2gtKBIpewAXKhdo
Frame ID: B4C382E4701F6C6D1D319734D46BE8D2
Requests: 2 HTTP requests in this frame

Frame: http://ouncedbi.xyz/M0wxeG5SLlIVUVJxU14bQSAMXVx1aQM+CkYqUBFaUX1QCF0ANh8bAlw5VR4cXCJFVgBWOBRKKH8eXEgZUCBeFC9feGQiOnoJZz1XRyhdKS9hfkkfLAMBVTYqaR1mEj8KDmAIW3UPXhY5XRVXPCZiBncfN1QFXTkvZQhoFi8CKGEeLX4IZEhXQRVwADt2C1UBPQMdcjY9Ah1jOlYWfnMzL2kKcDwZRAtJISZ8f0I5NkQrSzMJdR5nSglyG3NNLVV/YxwpchlLMy9fKnMrAlkURjkNfyF/Hi92AkAZKAMaYCoGWRRGOSh+NVkaLHUoQTorVA9gESREG2NVAmsteSEjYg14SidLPGc9KnY6dio4cgR5NgtxfUkIDXYrcikAejhzLT9VAlw2CFB9VRcKVAprPzoKJmkPL2UcSC0pa31FXVx1KHdJOnQlVggvdRppGS9xGXMuFkItdxMpYht7FzlyHmkZJmopZCo/BAJwKThiDkkCNlQoUhk2cQBjLVYVJkIXAENxWz4JcCt4Hh5Se3cVOAEo
Frame ID: DAF902DD178957A838D008F63DEEF34E
Requests: 2 HTTP requests in this frame

Frame: http://usfinf.net/rtb/validate/7846d115e89b46d0496dce301c81c8cb/?type=1&user_id=21795659&k=610358&c=1
Frame ID: DD3E96DE453BFF56E41C6E81620CFE07
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: 89E39A97705AFC393C8E16FE655FBA33
Requests: 1 HTTP requests in this frame

Frame: http://babblecase.com/ad/display?ad_id=1102017
Frame ID: 8EA7EA136D041B5B27D4F8F2B62EB198
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

H5or3

Page URL History Show full URLs

  1. https://cutt.us/MZgIB Page URL
  2. http://fumacrom.com/2qdMM HTTP 301
    http://usfinf.net/-89918AZIR/2qdMM?rndad=3257167644-1636566664 Page URL

Page Statistics

52
Requests

48 %
HTTPS

64 %
IPv6

17
Domains

23
Subdomains

22
IPs

2
Countries

524 kB
Transfer

1249 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cutt.us/MZgIB Page URL
  2. http://fumacrom.com/2qdMM HTTP 301
    http://usfinf.net/-89918AZIR/2qdMM?rndad=3257167644-1636566664 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35
  • http://www.google-analytics.com/ga.js HTTP 307
  • https://www.google-analytics.com/ga.js
Request Chain 45
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1732458759&utmhn=usfinf.net&utme=8(User)9(21795659)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=H5or3&utmhid=990421685&utmr=-&utmp=%2F-89918AZIR%2F2qdMM%3Frndad%3D3257167644-1636566664&utmht=1636566665390&utmac=UA-6469700-9&utmcc=__utma%3D185573165.1645813376.1636566665.1636566665.1636566665.1%3B%2B__utmz%3D185573165.1636566665.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1481074715&utmredir=1&utmu=qQAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1732458759&utmhn=usfinf.net&utme=8(User)9(21795659)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=H5or3&utmhid=990421685&utmr=-&utmp=%2F-89918AZIR%2F2qdMM%3Frndad%3D3257167644-1636566664&utmht=1636566665390&utmac=UA-6469700-9&utmcc=__utma%3D185573165.1645813376.1636566665.1636566665.1636566665.1%3B%2B__utmz%3D185573165.1636566665.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1481074715&utmredir=1&utmu=qQAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6469700-9&cid=1645813376.1636566665&jid=1481074715&_v=5.7.2&z=1732458759
Request Chain 50
  • http://usfinf.net/rtb/show/7846d115e89b46d0496dce301c81c8cb/?k=610358&cs=vkNmTcMh3ZLWjYMT2BICiNw1i4dCWOQziYODiNIuyAMjTLc15kNzTLYl11O2SbIyshI2nQYgykIyjborwNLWCZJHmBZSmZYrilOGjbQgxwMCzTYN5RMFDSAL3hMCDII2sMIjmLd3nMZTyNIv6QMXiawLiJcWnZJXyVIGjbowwBLXCQJg3kMCSNI26gMHTIY7wQMjCNwuild2zVIgisODjMEuxAMTTMEgsQIlnTcgzMI3jdovxRNmjbApwdLFCKJg3ANjCLI168MSTYIswxMWCaw6i9dWzTUiioOjjIA0s5IWnZcn2FImjcolwNLXCdJi2wMiyIIv65MkSIw6iIcy3cRvh9dVGZUsxlXm2YZvv1Ym3IVszAZjWOQiiUOGjbApsJI2mbttlJeCVL9ihII2jYo4iMYWTMI4yMNWjMJwlMOTGZJjiROmGNZ5kQYDzMAk5ZNDWNMiylYDmOVlhVNTDMMx1QOmTNV0jgOzDNgixoZjTIE0iJfyQe== HTTP 302
  • http://babblecase.com/ad/display?ad_id=1102017

52 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
MZgIB
cutt.us/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cutt.us/MZgIB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.61.26.122 , United States, ASN22653 (GLOBALCOMPASS, US),
Reverse DNS
Software
Hotcores.com /
Resource Hash
0e4f79ad5a23616e2335f51d4569acd07ec8c167f06b9f4b8fad76b94b387fb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

Server
Hotcores.com
Date
Wed, 10 Nov 2021 17:51:04 GMT
Content-Type
text/html; Charset=UTF-8;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Cache-Control
no-cache, must-revalidate, max-age=0
Pragma
no-cache
X-Robots-Tag
noindex, nofollow
I-AM
Beta
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Encoding
gzip
gpt.js
www.googletagservices.com/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: cutt.us
URL: https://cutt.us/MZgIB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be0e2481b9bc9814a6aaae787d8ebaf01ec26f9716f7ea226a3f745c8276639a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 17:51:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1039 / 291 of 1000 / last-modified: 1636545917"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27009
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 10 Nov 2021 17:51:04 GMT
js
www.googletagmanager.com/gtag/ 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-31510493-1
Requested by
Host: cutt.us
URL: https://cutt.us/MZgIB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
1e4472cf4137a3e13117ce11f31bf03f7811bbebc6aa340de3ac6ee18d464a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 17:51:04 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36399
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 10 Nov 2021 17:51:04 GMT
pubads_impl_2021110801.js
securepubads.g.doubleclick.net/gpt/ 		344 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js?31063684
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
sffe /
Resource Hash
447ffe4040fc9d0761f896e3ef3b37e2220744f4d3e3760ffe1f216f3d0e4e54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 17:51:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118396
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 09:34:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 10 Nov 2021 17:51:04 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		26 B
678 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=cutt.us
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
9976a6ecb3c55b071fd718a5849aa06de3cec11a5a80ff3f73ff564018d1443b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Nov 2021 17:51:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Wed, 10 Nov 2021 17:51:04 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cutt.us
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js?31063684
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Nov 2021 17:51:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		437 B
729 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4191509915547480&correlator=3095411705255385&output=ldjh&impl=fif&eid=31063136%2C31063684%2C44754276%2C31063183&vrg=2021110801&ptt=17&sc=1&sfv=1-0-38&ecs=20211110&iu_parts=5837603%2CCutt_360&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x360&cookie_enabled=1&bc=31&abxe=1&lmt=1636566664&dt=1636566664538&dlt=1636566664075&idt=439&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=1933368604&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcutt.us%2FMZgIB&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x63&msz=0x0&ga_vid=873942843.1636566665&ga_sid=1636566665&ga_hid=430908707&ga_fc=false&fws=128&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js?31063684
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
ca1eaf84ac267f2aade9da574267875fc074a95f8ce7c9f9dc8554c40389f985
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 17:51:04 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
226
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cutt.us
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
4d7804020e49d9bae9588c63d575ab00.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CC80 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4d7804020e49d9bae9588c63d575ab00.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js?31063684
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://cutt.us/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Wed, 10 Nov 2021 17:51:04 GMT
expires
Thu, 10 Nov 2022 17:51:04 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Primary Request 2qdMM
usfinf.net/-89918AZIR/
Redirect Chain
  • http://fumacrom.com/2qdMM
  • http://usfinf.net/-89918AZIR/2qdMM?rndad=3257167644-1636566664
18 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://usfinf.net/-89918AZIR/2qdMM?rndad=3257167644-1636566664
Requested by
Host: cutt.us
URL: https://cutt.us/MZgIB
Protocol
HTTP/1.1
Server
104.21.80.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / adfly
Resource Hash
38dcd84e21478764e18126e35bbf0303a44b017287a25fe6f315de8d6ad481bd
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://cutt.us/MZgIB

Response headers

Date
Wed, 10 Nov 2021 17:51:05 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
x-powered-by
adfly
p3p
policyref="http://adf.ly/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa IVAi IVDi CONi HISi TELi OUR IND PHY ONL FIN COM NAV INT DEM GOV"
expires
Sat, 26 Jul 1997 05:00:00 GMT
last-modified
Wed, 10 Nov 2021 17:51:05 GMT
x-frame-options
DENY
referrer-policy
no-referrer-when-downgrade
cache-control
no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
pragma
no-cache
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
CF-Cache-Status
DYNAMIC
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p4HXu6YVkhBGEa0fOTdC7wRNxp97rYnw7pZIxMEjxqODXUDxAbSngryoxiR3Ydbfop%2Bgfyh%2Fy1mFe0TbscnP%2BsY6hGHyx9HfKQiNtEbWgr32MuBmMbvvqAi9skx8"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
6ac12077fb031967-EWR
Content-Encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date
Wed, 10 Nov 2021 17:51:04 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
x-powered-by
adfly
location
http://usfinf.net/-89918AZIR/2qdMM?rndad=3257167644-1636566664
x-turbo-charged-by
LiteSpeed
CF-Cache-Status
DYNAMIC
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aZLXpO4NUoaLlHp1t3TQ7FsP7v6w57%2BJbTeDrI79%2B1yNh%2BED2AUvMd5dJ4zb6Xe2B3YB0tej8CXqHQEkVqTnaUCK0tLzvA2lfw2wODJCg2R87wn5ANUTwqTpUjlj%2FM8%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
6ac120772927333c-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
sodar
pagead2.googlesyndication.com/getconfig/ 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021110801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js?31063684
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Nov 2021 17:51:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9132
x-xss-protection
0
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-31510493-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
7125
date
Wed, 10 Nov 2021 15:52:19 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 10 Nov 2021 17:52:19 GMT
collect
www.google-analytics.com/j/ 		1 B
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=430908707&t=pageview&_s=1&dl=https%3A%2F%2Fcutt.us%2FMZgIB&ul=en-us&de=UTF-8&dt=MZgIB&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=1573202029&gjid=148423628&cid=873942843.1636566665&tid=UA-31510493-1&_gid=850120800.1636566665&_r=1&gtm=2oub80&z=1286094625
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cutt.us/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 17:51:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cutt.us
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		0
0
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.1/ 		92 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
Requested by
Host: usfinf.net
URL: http://usfinf.net/-89918AZIR/2qdMM?rndad=3257167644-1636566664
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918AZIR/2qdMM?rndad=3257167644-1636566664
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 05 Nov 2021 23:50:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
410429
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33333
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Sat, 05 Nov 2022 23:50:36 GMT
adfly_7.css
cdn.usfinf.net/static/css/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://cdn.usfinf.net/static/css/adfly_7.css
Requested by
Host: usfinf.net
URL: http://usfinf.net/-89918AZIR/2qdMM?rndad=3257167644-1636566664
Protocol
HTTP/1.1
Server
172.67.153.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a84956aa983e7d398b0f4346769e35792af58f217f5dcc535dcd7ab5996b999a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918AZIR/2qdMM?rndad=3257167644-1636566664
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 17:51:05 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2762
Cf-Polished
origSize=3778
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 08 Mar 2021 18:42:47 GMT
Server
cloudflare
etag
W/"ec2-60467027-b79b494dafd99b83;gz"
vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BtbwCoAFkZRCOHzkKu6fFw5xQZNXi%2BqDUcoYs7PFZGTc3VKh4TX4I%2BCc7TiGBO6xRz5QGlEnOO4sIyqs5U30oOhDLLhxFTgSHATXpf7c1owp7tetp%2FgIrF4s5qYyfpncMw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
expires
Wed, 17 Nov 2021 17:05:03 GMT
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
CF-RAY
6ac12078b929178c-EWR
Cf-Bgj
minify
amvn.js
cdn.usfinf.net/static/js/ 		245 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.usfinf.net/static/js/amvn.js
Requested by
Host: usfinf.net
URL: http://usfinf.net/-89918AZIR/2qdMM?rndad=3257167644-1636566664
Protocol
HTTP/1.1
Server
172.67.153.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bde55d5cf3382c3735eb5a499e45375ed4e1219b20d5bf8e6992946ad8deb12

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918AZIR/2qdMM?rndad=3257167644-1636566664
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 17:51:05 GMT
content-encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2762
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
82644
last-modified
Wed, 10 Nov 2021 12:20:02 GMT
Server
cloudflare
etag
"3d3d1-618bb8f2-e083e635a5cf9cb2;gz"
vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e6s%2BN02xvx2MPznlluYmriZTqhf11naVvcYiHJKCaEWE28ll4i%2B6znzGuHustuNhgwbJnSXV27ss0PetU1%2FJCCaRapWNonqm4dwPp8T9987RLuxaAJ2LSOfnzUWIbDvncw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/x-javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
Accept-Ranges
bytes
CF-RAY
6ac12078bb5f558a-EWR
expires
Wed, 17 Nov 2021 17:05:03 GMT
/
d1a3jb5hjny5s4.cloudfront.net/ 		101 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d1a3jb5hjny5s4.cloudfront.net/?hbjad=709056
Requested by
Host: usfinf.net
URL: http://usfinf.net/-89918AZIR/2qdMM?rndad=3257167644-1636566664
Protocol
HTTP/1.1
Server
2600:9000:21ea:c600:12:c391:3100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8f1d706754892e22a5f5f4838df397b3957c43ee39782a2414e977ca2535ebdb

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918AZIR/2qdMM?rndad=3257167644-1636566664
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 15:17:23 GMT
Content-Encoding
gzip
Connection
keep-alive
Age
9222
X-Cache
Hit from cloudfront
access-control-allow-origin
*
Cache-Control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
X-Amz-Cf-Pop
EWR50-C1
Content-Length
35643
Via
1.1 5163ef6f21ebac65d5a58243b15e5dbe.cloudfront.net (CloudFront)
X-Amz-Cf-Id
8DQp9RI8EpUNlPWE7md_F81DpID2bOdnX1dOy3rO3ziwxgvFsQK4pQ==
main.js
cdn.usfinf.net/static/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.usfinf.net/static/js/main.js
Requested by
Host: usfinf.net
URL: http://usfinf.net/-89918AZIR/2qdMM?rndad=3257167644-1636566664
Protocol
HTTP/1.1
Server
172.67.153.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a65eca7c102c3a7ec3da4f688c7fe2e88f5a3d6382a13d224938a8e66c65fac

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918AZIR/2qdMM?rndad=3257167644-1636566664
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 17:51:05 GMT
content-encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2758
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
667
last-modified
Tue, 10 Nov 2020 09:44:06 GMT
Server
cloudflare
etag
"6f6-5faa60e6-2edb9d7c202b9275;gz"
vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cierrmns3%2FOhYRKHe6ty2xGNT8blAAmx%2FLSrLNYyGAHp0SWm2MY5Pyf0J8XV4SUv4%2BOfjjgGyv3wgWAKcrLk%2FDb7oSHBlRDunoiUqcnx%2B%2B3EWR5KKXItYKkVmYsfxsrHSA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/x-javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
Accept-Ranges
bytes
CF-RAY
6ac12078bb16e851-EWR
expires
Wed, 17 Nov 2021 17:05:07 GMT
logo_fb2.png
cdn.usfinf.net/static/image/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.usfinf.net/static/image/logo_fb2.png
Requested by
Host: usfinf.net
URL: http://usfinf.net/-89918AZIR/2qdMM?rndad=3257167644-1636566664
Protocol
HTTP/1.1
Server
172.67.153.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
042313bf805bd8d9a1c6b2a88c90e15407004fcc6e9c5d5974c87c85c20796f3

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918AZIR/2qdMM?rndad=3257167644-1636566664
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 17:51:05 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2760
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
6283
last-modified
Tue, 10 Nov 2020 09:44:06 GMT
Server
cloudflare
etag
"188b-5faa60e6-48354ceeda0c07b3;;;"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oh1%2Br%2BGMuKjAFRCVEEsu4hYmOpb9yOYLxi07%2BQFV8IAx%2Ffq7BUoZ%2BaHypFm1Yz9%2B%2Bq4sik3%2By3Yz6dLOxB5Gz%2FOfImQhVjnoYf%2BD%2BsY%2BqO8PqsSL19lJOP8U8ylA5imhJw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
Accept-Ranges
bytes
CF-RAY
6ac12078ebda558a-EWR
expires
Wed, 17 Nov 2021 17:05:05 GMT
ad_top_bg2.png
cdn.usfinf.net/static/image/ 		156 B
1023 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.usfinf.net/static/image/ad_top_bg2.png?&ad_box_=1
Requested by
Host: usfinf.net
URL: http://usfinf.net/-89918AZIR/2qdMM?rndad=3257167644-1636566664
Protocol
HTTP/1.1
Server
172.67.153.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
938632fb472382061e62d8f1d033da03cbc84f150236e4251c8ece12241405ae

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918AZIR/2qdMM?rndad=3257167644-1636566664
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 17:51:05 GMT
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
156
last-modified
Tue, 10 Nov 2020 09:44:06 GMT
Server
cloudflare
etag
"9c-5faa60e6-95f251b8bd8ef212;;;"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4n75RsspXQgrsI2HSz1QnNR8MCYVfLVe3XG6j8VVUGnNH6YkfUsVwEh8Wnj4eMdWSZXh6Xm925QSkUAtFzod8SHTzZYipkRFlKFZOzHC3GTddcgX2CjiquFpgKIAl49D7A%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
CF-RAY
6ac120791c43558a-EWR
expires
Wed, 17 Nov 2021 17:51:05 GMT
ahl6532.gif
cdn.usfinf.net/static/image/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.usfinf.net/static/image/ahl6532.gif
Requested by
Host: usfinf.net
URL: http://usfinf.net/-89918AZIR/2qdMM?rndad=3257167644-1636566664
Protocol
HTTP/1.1
Server
172.67.153.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13cad7fb56a878cd12d9456a8754cf13433ac6741338371f87776b4373411b15

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918AZIR/2qdMM?rndad=3257167644-1636566664
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 17:51:05 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2752
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
3229
last-modified
Tue, 10 Nov 2020 09:44:06 GMT
Server
cloudflare
etag
"c9d-5faa60e6-ae87f5cbe4d6cff3;;;"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jTTJ9DpCiYNMuhBitEzMSHcOqlPimlAWf74JwgaUv2gnbiWY%2BcN8V0PH8D7fJm%2FHgBFK3baAtkdAS9Cw6CLbcIKW9hSSDs1DzgSz5aaqddvQDY87Soxt3dfbiw0ZzSLDgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/gif
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
Accept-Ranges
bytes
CF-RAY
6ac120792bb2e851-EWR
expires
Wed, 17 Nov 2021 17:05:13 GMT
spinner.gif
cdn.usfinf.net/static/image/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.usfinf.net/static/image/spinner.gif
Requested by
Host: usfinf.net
URL: http://usfinf.net/-89918AZIR/2qdMM?rndad=3257167644-1636566664
Protocol
HTTP/1.1
Server
172.67.153.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a607f27600e85addcfd1415ee611a370a30dce3f53ac200d3e0e25d2bdc5157

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918AZIR/2qdMM?rndad=3257167644-1636566664
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 17:51:05 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2760
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
35453
last-modified
Tue, 10 Nov 2020 09:44:06 GMT
Server
cloudflare
etag
"8a7d-5faa60e6-abbbac75116acc85;;;"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rr6GZXTaE3LZ9RAZBCfhw1K0u2tgdxH3N1PdASsM3jDCrHbY2gpuY3eMMMZWVMHgnLgniw%2FaeS3U7KYynjuki3Lp4U3PhRHd86MB9wCIFKDFqeTepBkWwR2gdaDSEwAqlg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/gif
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
Accept-Ranges
bytes
CF-RAY
6ac120793a34178c-EWR
expires
Wed, 17 Nov 2021 17:01:55 GMT
en_tran.png
cdn.usfinf.net/static/image/skip_ad/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.usfinf.net/static/image/skip_ad/en_tran.png
Requested by
Host: usfinf.net
URL: http://usfinf.net/-89918AZIR/2qdMM?rndad=3257167644-1636566664
Protocol
HTTP/1.1
Server
172.67.153.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef8721967f0cca2539ee60f9cad0e8c1ef89f18a53964a4e6101033d23a4ba29

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918AZIR/2qdMM?rndad=3257167644-1636566664
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 17:51:05 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2756
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
5076
last-modified
Tue, 10 Nov 2020 09:44:06 GMT
Server
cloudflare
etag
"13d4-5faa60e6-d082b40bd28384ce;;;"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BHVzUQLQHxyDnPpUxYHAyWsfVAdlsmfvURjTZu6YCkn8s%2BtGHWcfUpCQO1VeuwAJK1hvDhAejyZ04otN0fp%2B%2BFDs9n58E4k6xlKjkqTqbFZFl7CsSG%2FfMChFqPhJdhBtcw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
Accept-Ranges
bytes
CF-RAY
6ac120793d58e714-EWR
expires
Wed, 17 Nov 2021 17:05:09 GMT
delete2.png
cdn.usfinf.net/static/image/ 		577 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.usfinf.net/static/image/delete2.png
Requested by
Host: usfinf.net
URL: http://usfinf.net/-89918AZIR/2qdMM?rndad=3257167644-1636566664
Protocol
HTTP/1.1
Server
172.67.153.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fa2ba143aaedc6b6169e9b024d4f12df4acfc5995950dce175fd97644dd0c43

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918AZIR/2qdMM?rndad=3257167644-1636566664
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 17:51:05 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2761
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
577
last-modified
Tue, 10 Nov 2020 09:44:06 GMT
Server
cloudflare
etag
"241-5faa60e6-657b5e5638f6aacc;;;"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bta0QQwdlJ4Mvd3K3vnr%2B%2FbHiif%2FJPdv3mJIWCjadjN36OZxsGwPgUG3lQtpQ6xTyH87HDw%2FPibN%2F4GKBqI1HRcC7KPw%2BApU0WdUA1aHs7n92JNOREyuho09EC1CAObqxw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
Accept-Ranges
bytes
CF-RAY
6ac1207938e31851-EWR
expires
Wed, 17 Nov 2021 17:05:04 GMT
view117_bidshow.js
cdn.usfinf.net/static/js/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.usfinf.net/static/js/view117_bidshow.js
Requested by
Host: usfinf.net
URL: http://usfinf.net/-89918AZIR/2qdMM?rndad=3257167644-1636566664
Protocol
HTTP/1.1
Server
172.67.153.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b281ad15b8eae8656a12eb97b8fea4002f82f70a9031ae5bc9af3d0cc177a85b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918AZIR/2qdMM?rndad=3257167644-1636566664
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 17:51:05 GMT
content-encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2764
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
4020
last-modified
Sat, 25 Sep 2021 14:54:49 GMT
Server
cloudflare
etag
"2ad8-614f3839-fe99aae1576cce1d;gz"
vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YsOlM0PR5QqxlayAyRtnkGCVfEsqrGaAne7J06LYPiNaxOVQKmrQGzaWbJV%2BDtE%2FqAA%2Fnf5b4VqPrzY2Hcpc5G3wgEjzmJJB9JVfDxFSHzJPCB%2FMFaP5L89uMJGLEjOsOw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/x-javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
Accept-Ranges
bytes
CF-RAY
6ac12078db47e851-EWR
expires
Wed, 17 Nov 2021 17:05:01 GMT
utx
ouncedbi.xyz/ 		0
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ouncedbi.xyz/utx?cb=po9IsXPNVhFO&top=usfinf.net&tid=604364
Requested by
Host: cdn.usfinf.net
URL: http://cdn.usfinf.net/static/js/amvn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-100.iad89.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918AZIR/2qdMM?rndad=3257167644-1636566664
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 17:51:05 GMT
via
1.1 e0a78b49206aba2a7e76eb45b9688a8f.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
x-amz-cf-pop
IAD89-P2
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
http://usfinf.net
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
hK6JarFz7waCHjQmdi9nVT8TyxTX-BN02N_Ucf5kmdOjzFEju6C6PA==
utx
ouncedbi.xyz/ 		0
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ouncedbi.xyz/utx?cb=35qi1k3YMMu6&top=usfinf.net&tid=709056
Requested by
Host: cdn.usfinf.net
URL: http://cdn.usfinf.net/static/js/amvn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-100.iad89.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918AZIR/2qdMM?rndad=3257167644-1636566664
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 17:51:05 GMT
via
1.1 e0a78b49206aba2a7e76eb45b9688a8f.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
x-amz-cf-pop
IAD89-P2
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
http://usfinf.net
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
ir10KcwQDnEGmFLXwh3nM9wEZ9qn2HZADoYHE7wZB4_SwwY-eOhetg==
VU1DNVd6ciBGajAhIEwzZRsHbwYDCyBwJzkMc2NuBhoWcgY7FGVBPjFwdQVjZnt3Eyc8KX4EcSY5IkEiJnByEz47KywIcSNwchtkYWNxBnljazdFNjJwchMnITkvCGZjfnUAYWN7dQBmZHk
jerunamendary.xyz/ 		0
537 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jerunamendary.xyz/VU1DNVd6ciBGajAhIEwzZRsHbwYDCyBwJzkMc2NuBhoWcgY7FGVBPjFwdQVjZnt3Eyc8KX4EcSY5IkEiJnByEz47KywIcSNwchtkYWNxBnljazdFNjJwchMnITkvCGZjfnUAYWN7dQBmZHk
Requested by
Host: usfinf.net
URL: http://usfinf.net/-89918AZIR/2qdMM?rndad=3257167644-1636566664
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:b990 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918AZIR/2qdMM?rndad=3257167644-1636566664
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 17:51:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NKYE0ZmqZr05emyfQA2d6vQNyz9PnIEUzK%2FHi3rtYvWRqt41US11olGwf3eYtdoIBwH5vjqXUEvmRu%2BgAXalZrHrjJC7nnrGzMA%2FbCZSnBbFbEBasHylq7QJbF7xNPCB8Ky944hMtz9eH0WSNDh95Q%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
6ac120797b64e738-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
login.php
www.facebook.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by
Host: usfinf.net
URL: http://usfinf.net/-89918AZIR/2qdMM?rndad=3257167644-1636566664
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918AZIR/2qdMM?rndad=3257167644-1636566664
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
ServiceLogin
accounts.google.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
Requested by
Host: usfinf.net
URL: http://usfinf.net/-89918AZIR/2qdMM?rndad=3257167644-1636566664
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200d , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918AZIR/2qdMM?rndad=3257167644-1636566664
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
ServiceLogin
accounts.google.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
Requested by
Host: usfinf.net
URL: http://usfinf.net/-89918AZIR/2qdMM?rndad=3257167644-1636566664
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200d , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918AZIR/2qdMM?rndad=3257167644-1636566664
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
popunder.gif
jerunamendary.xyz/ 		35 B
927 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://jerunamendary.xyz/popunder.gif
Requested by
Host: usfinf.net
URL: http://usfinf.net/-89918AZIR/2qdMM?rndad=3257167644-1636566664
Protocol
HTTP/1.1
Server
2606:4700:3031::ac43:b990 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918AZIR/2qdMM?rndad=3257167644-1636566664
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 17:51:05 GMT
content-encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
60714
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
58
pragma
public
Last-Modified
Wed, 10 Nov 2021 00:59:11 GMT
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3BqgCtTf7txaOod9mg7e66OxB8dv2gyk9thq9g0KA58YKx%2F1zxxo47c0rpZC6Obpvjz14BBtQ0b9GRGTXdVXvrcCbd8cxAsjnWLMDryZSsSmEzvIc5WWxzGqdU%2BYvaRVDcseAXghZC53q8fS3XutJA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
Accept-Ranges
bytes
CF-RAY
6ac12079682d1869-EWR
VXgyWDR6R1ErCQwgUWljAS5nCVMTH3NpZh06X2ByA0gKHFUUGxQsXTFFBWgNZU0EfkQ8HA9qDXMLRjlAIAsPaRI8FlQ3CXMOD2kaZVYHbBplXkYoVTJFA35EIQxeZQVjSwRtAmNOBG0FZ0g
jerunamendary.xyz/ 		0
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jerunamendary.xyz/VXgyWDR6R1ErCQwgUWljAS5nCVMTH3NpZh06X2ByA0gKHFUUGxQsXTFFBWgNZU0EfkQ8HA9qDXMLRjlAIAsPaRI8FlQ3CXMOD2kaZVYHbBplXkYoVTJFA35EIQxeZQVjSwRtAmNOBG0FZ0g
Requested by
Host: usfinf.net
URL: http://usfinf.net/-89918AZIR/2qdMM?rndad=3257167644-1636566664
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:b990 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918AZIR/2qdMM?rndad=3257167644-1636566664
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 17:51:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HWcz%2Fafhcvp8pxke66ok9Fu5XwdmC8D8Gx%2BsRm9ML%2Bzw%2B3VsKuptinsVtM8iAW1sASf9ZlQ%2BdzTS85ULVe%2BhrmsY5tk%2Bshrp%2BaPQXP5fVJI9AdAqldJZNJnwE5VT5EDC6kPNQJVBA26JwHIwu5GyBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
6ac120797b66e738-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
utx
ouncedbi.xyz/ 		0
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ouncedbi.xyz/utx?cb=e5yq7jluwvcJ&top=usfinf.net&tid=709056
Requested by
Host: d1a3jb5hjny5s4.cloudfront.net
URL: http://d1a3jb5hjny5s4.cloudfront.net/?hbjad=709056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-100.iad89.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918AZIR/2qdMM?rndad=3257167644-1636566664
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 17:51:05 GMT
via
1.1 e0a78b49206aba2a7e76eb45b9688a8f.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
x-amz-cf-pop
IAD89-P2
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
http://usfinf.net
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
GdaswVSzk9B_Mzrjp3irXkNgDre_iPcPK_k1HMnAFpm9TAc4VFWnfQ==
display.js
usfinf.net/js/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://usfinf.net/js/display.js
Requested by
Host: usfinf.net
URL: http://usfinf.net/-89918AZIR/2qdMM?rndad=3257167644-1636566664
Protocol
HTTP/1.1
Server
104.21.80.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b67d948e653f56aa7bc25cd403afa4fe04bafa3d8f3399ab0b84d96f1292259

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918AZIR/2qdMM?rndad=3257167644-1636566664
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 17:51:05 GMT
content-encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2759
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
5775
last-modified
Thu, 29 Jul 2021 14:08:58 GMT
Server
cloudflare
etag
"3e81-6102b67a-1bb6c6fda6fd5163;gz"
vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2HSZvBDpr9sBtLPtea1yxXAQX3uwE7HxHau%2FwcyVEaUKEdNupb8s1IrRpVLK2ypkOT7L5%2FPY3qqsvzu4GzgIWvO6hdxXVPuKBOeMrrK9pSd5AHg8DaWevQ9HUvxf"}],"group":"cf-nel","max_age":604800}
Content-Type
application/x-javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
Accept-Ranges
bytes
CF-RAY
6ac120790d641967-EWR
expires
Wed, 17 Nov 2021 17:05:06 GMT
funcript1636566665144.php
usfinf.net/ 		0
591 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usfinf.net/funcript1636566665144.php?pub=21795659&v=aySF8m1ZMhzNcFuIM0zUYjiLL4CMJj1NZ0C4IC6MMujUET3OOvTUUW2bNvTJkHsaIDnBYSiKOvjtI2sYIlmdNErIIljtpW0acsnBVClLLMC1JEwVYIXtQEiKOgjYQzyMLuCcJziMa1W85CkdRpWtxklYblWdVVuZdsCBIH6cIBnBNSrKa0XYBDfeYgnsUDyNd2H4RWvabXiBIysOIwm4hChMcx2AgCiVOOiBIy5cN3D9QG5ZNu2lU21VNozAJChMYuTUYz1LZhmxIG1bYpTpF3lbYN2JQi0ONiGQJnlbNlDdEWyYNyTVF2hcM1CJJy9e
Requested by
Host: usfinf.net
URL: http://usfinf.net/js/display.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.80.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.27
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918AZIR/2qdMM?rndad=3257167644-1636566664
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 17:51:05 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.3.27
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OGHaVIWr7AMxcqNdJNKJRSyYeOLsZG33sKqk8fwgoJNaAxpx0R0AqWQS3gxbEPkTiqI6oR12zIAQ5aheBRkwhKpcfFL1p8HJFHqnSGU2P6Aqt8b93gW4YEkLzNdk"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
x-turbo-charged-by
LiteSpeed
cf-ray
6ac120797db71977-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
ga.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: usfinf.net
URL: http://usfinf.net/-89918AZIR/2qdMM?rndad=3257167644-1636566664
Protocol
H2
Server
2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918AZIR/2qdMM?rndad=3257167644-1636566664
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
638
date
Wed, 10 Nov 2021 17:40:27 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Wed, 10 Nov 2021 19:40:27 GMT

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
d_top_bg.png
cdn.usfinf.net/static/image/ 		156 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.usfinf.net/static/image/d_top_bg.png
Requested by
Host: cdn.usfinf.net
URL: http://cdn.usfinf.net/static/css/adfly_7.css
Protocol
HTTP/1.1
Server
172.67.153.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
938632fb472382061e62d8f1d033da03cbc84f150236e4251c8ece12241405ae

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://cdn.usfinf.net/static/css/adfly_7.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 17:51:05 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2762
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
156
last-modified
Tue, 10 Nov 2020 09:44:06 GMT
Server
cloudflare
etag
"9c-5faa60e6-8cdf0c0df6a4e2a9;;;"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UU5oaUi5AmOwE77HJX4Y9V3KcbGKsFqkdTjCBV1N9CcIxdwOXdGGmmig5M0XDduT17IEzHc6r8SBobAFq3pmJllWO%2FzvKEzozIs7MvjJiHGJuDiTVP4yLxZXOQ8JARroJw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
Accept-Ranges
bytes
CF-RAY
6ac120794be7e851-EWR
expires
Wed, 17 Nov 2021 17:05:03 GMT
d_bottom_bg2.png
cdn.usfinf.net/static/image/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.usfinf.net/static/image/d_bottom_bg2.png
Requested by
Host: cdn.usfinf.net
URL: http://cdn.usfinf.net/static/css/adfly_7.css
Protocol
HTTP/1.1
Server
172.67.153.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27ab7efdb31ee6b311557cb2296d9bdb4c5038a230bcb4f9bc1a2409bb73863a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://cdn.usfinf.net/static/css/adfly_7.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 17:51:05 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2762
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
2829
last-modified
Tue, 10 Nov 2020 09:44:06 GMT
Server
cloudflare
etag
"b0d-5faa60e6-4be0e3e54c61ce38;;;"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XjOJjkpz%2Fhpr3Ymw5m0rjGtIIsAyWLc5VaWJf32EiNN6XppAw4RSAgLkt2urKyBpvKcYME75XNnysr%2FJ4eZpiYfq3Kf9dgkQQftjt4%2FAqDsrnu9kZjqQ57jckpVbaL8eIA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
Accept-Ranges
bytes
CF-RAY
6ac1207969711851-EWR
expires
Wed, 17 Nov 2021 17:05:03 GMT
2market_bidshow.php
usfinf.net/ 		127 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://usfinf.net/2market_bidshow.php?user_id=21795659&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F95.0.4638.54%20Safari%2F537.36&ref_url=eyJ1cmwiOm51bGwsImRvbWFpbiI6bnVsbH0%3D&url=https%3A%2F%2Fwww16.nathanaeldan.pro%2Fpushredirect%2F%3Fnetwork%3D3%26site%3Dadfly%26ppi%3D21795659%26pci%3D6980219625%26t%3D1636566665%26dest%3Dhttps%253A%252F%252Fcutt.us%252FH5or3&url_id=6980219625&t=c860c870acf99d702bedde093626e014&w=b67dd45d33cc4e5c4c236b084833653a
Requested by
Host: cdn.usfinf.net
URL: http://cdn.usfinf.net/static/js/view117_bidshow.js
Protocol
HTTP/1.1
Server
104.21.80.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.27
Resource Hash
c90d133d8781031905e8ca7b870e057bf3dacad058720efc4a2ec848cb40d2df

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918AZIR/2qdMM?rndad=3257167644-1636566664
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 17:51:05 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.3.27
Transfer-Encoding
chunked
p3p
policyref="http://adf.ly/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa IVAi IVDi CONi HISi TELi OUR IND PHY ONL FIN COM NAV INT DEM GOV"
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
no-cache
Server
cloudflare
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dP%2Fb8eHFlhvLG3sRGL63Rki6owtz9u3lLlyY6U7eje2ebfHjAdcYrzpch25iLimk3fvXmJib9tFQunSaRC%2BdUJ%2BCiqjhuAW2bt9fEOy4N%2FAOiRmsZtTLBAst5MVL"}],"group":"cf-nel","max_age":604800}
Content-Type
application/json
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
x-turbo-charged-by
LiteSpeed
CF-RAY
6ac120797e1c1967-EWR
AgEgAwklehEaeABTFD8DJVt+NiA0AAcmOyN6Kyx5A3oAKysRHiwdJwhIewl7D2gtKBIpewAXKhdo
ouncedbi.xyz/ZjhGbkgHWiUDdwcFJEg9FFR7S3ogHXQoLBNeJwd8BAknHntVQmgNJAlNIgg6CVYyQCYDTGNcDlZ2PCgHNFNzOxAPeSENHShhDQA8UnoxOHEFcCk8HxwINicNBXUNNh0IYncBAS55AF4sHFstPnoFYAkEPxd7ISgnLVF/NB4IdiEleQprJV0sCW4q... Frame B4C3 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ouncedbi.xyz/ZjhGbkgHWiUDdwcFJEg9FFR7S3ogHXQoLBNeJwd8BAknHntVQmgNJAlNIgg6CVYyQCYDTGNcDlZ2PCgHNFNzOxAPeSENHShhDQA8UnoxOHEFcCk8HxwINicNBXUNNh0IYncBAS55AF4sHFstPnoFYAkEPxd7ISgnLVF/NB4IdiEleQprJV0sCW4qOzsDCyk8GjIMNiQZFn4PFwEBYAM/cC98LiwOHEsoDXkWXQgtcA9vdyw6AnkhLQBVDSwICQViCT1wAW13Wn0obzUoCTV5Pw8/M3ogXRIBej48cSR/NSgJMlMwJwkjfiddHSt9ISBtVHoWAC8ifwFDPFZeKjQKNlEpHBkgaTUiGwJ8ACY/J10xPw8/cBBaDQF2Y1wKBFEQCBo1dTcPPzBBJ10aQwoEOXkBVA9cOyB5FQUiKm4+CxJUdn4seS9VCC0OB24BGngleXIrES5iIS8/AgEgAwklehEaeABTFD8DJVt+NiA0AAcmOyN6Kyx5A3oAKysRHiwdJwhIewl7D2gtKBIpewAXKhdo
Requested by
Host: cdn.usfinf.net
URL: http://cdn.usfinf.net/static/js/amvn.js
Protocol
HTTP/1.1
Server
18.67.76.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-100.iad89.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
3ed40b8659621744aed29c23d8eaf363068ac3806dd7ae70a8ae4c0aa491c3ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918AZIR/2qdMM?rndad=3257167644-1636566664

Response headers

Content-Type
text/html
Content-Length
1239
Connection
keep-alive
Date
Wed, 10 Nov 2021 17:51:05 GMT
Server
openresty/1.17.8.2
cache-control
no-store, no-cache, must-revalidate, no-transform
Pragma
no-cache
P3P
CP="NID DSP ALL COR"
content-encoding
gzip
X-Cache
Miss from cloudfront
Via
1.1 92ed8a6103fa735c31caf49b92d4efb7.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
IAD89-P2
X-Amz-Cf-Id
iLFnEDXE_f_Dnq9u64KGId498Jp1_gCMJSrBbR70x6R85vlvZchndw==
BAJwKThiDkkCNlQoUhk2cQBjLVYVJkIXAENxWz4JcCt4Hh5Se3cVOAEo
ouncedbi.xyz/M0wxeG5SLlIVUVJxU14bQSAMXVx1aQM+CkYqUBFaUX1QCF0ANh8bAlw5VR4cXCJFVgBWOBRKKH8eXEgZUCBeFC9feGQiOnoJZz1XRyhdKS9hfkkfLAMBVTYqaR1mEj8KDmAIW3UPXhY5XRVXPCZiBncfN1QFXTkvZQhoFi8CKGEeLX4IZEhXQRVw... Frame DAF9 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ouncedbi.xyz/M0wxeG5SLlIVUVJxU14bQSAMXVx1aQM+CkYqUBFaUX1QCF0ANh8bAlw5VR4cXCJFVgBWOBRKKH8eXEgZUCBeFC9feGQiOnoJZz1XRyhdKS9hfkkfLAMBVTYqaR1mEj8KDmAIW3UPXhY5XRVXPCZiBncfN1QFXTkvZQhoFi8CKGEeLX4IZEhXQRVwADt2C1UBPQMdcjY9Ah1jOlYWfnMzL2kKcDwZRAtJISZ8f0I5NkQrSzMJdR5nSglyG3NNLVV/YxwpchlLMy9fKnMrAlkURjkNfyF/Hi92AkAZKAMaYCoGWRRGOSh+NVkaLHUoQTorVA9gESREG2NVAmsteSEjYg14SidLPGc9KnY6dio4cgR5NgtxfUkIDXYrcikAejhzLT9VAlw2CFB9VRcKVAprPzoKJmkPL2UcSC0pa31FXVx1KHdJOnQlVggvdRppGS9xGXMuFkItdxMpYht7FzlyHmkZJmopZCo/BAJwKThiDkkCNlQoUhk2cQBjLVYVJkIXAENxWz4JcCt4Hh5Se3cVOAEo
Requested by
Host: cdn.usfinf.net
URL: http://cdn.usfinf.net/static/js/amvn.js
Protocol
HTTP/1.1
Server
18.67.76.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-100.iad89.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
019f82324636927da983189c4f9e9ce1695dd38aab067e7d335a441b3a4eb307

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918AZIR/2qdMM?rndad=3257167644-1636566664

Response headers

Content-Type
text/html
Content-Length
1234
Connection
keep-alive
Date
Wed, 10 Nov 2021 17:51:05 GMT
Server
openresty/1.17.8.2
cache-control
no-store, no-cache, must-revalidate, no-transform
Pragma
no-cache
P3P
CP="NID DSP ALL COR"
content-encoding
gzip
X-Cache
Miss from cloudfront
Via
1.1 dbb909966903df95f63a00d4241f7b7d.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
IAD89-P2
X-Amz-Cf-Id
QE1QE70R68NPgzUwA9-ih31Wk82M-qJIIQFk0MpzQqc3_wLMnZf8hQ==
multi
ouncedbi.xyz/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ouncedbi.xyz/multi?cs=dmRJMTJDUX0IBENUegcCQFx%2FAAA&abt=0&red=1&sm=76&k=h5or3%20shrink%20your%20urls%20paid&v=1.0.54.0&sts=0&prn=0&emb=0&tid=709056&fs=1&ref=http%3A%2F%2Fusfinf.net%2F-89918AZIR%2F2qdMM%3Frndad%3D3257167644-1636566664&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F95.0.4638.54%20safari%2F537.36&tzd=0&uloc=&if=0&_mWAo=1636566665308&crc=1
Requested by
Host: cdn.usfinf.net
URL: http://cdn.usfinf.net/static/js/amvn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-100.iad89.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
a5a8c31a5b6bde17e4b0af553eb177182a9cbd47296c86ed292d6c32ade34d3c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918AZIR/2qdMM?rndad=3257167644-1636566664
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 17:51:05 GMT
content-encoding
gzip
server
openresty/1.17.8.2
x-amz-cf-pop
IAD89-P2
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
http://usfinf.net
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
content-type
text/plain
content-length
1832
via
1.1 e0a78b49206aba2a7e76eb45b9688a8f.cloudfront.net (CloudFront)
x-amz-cf-id
hkBspwmn6gjwKP-V1HxVl7aN6qGJ-Qy-IejjUhAbITTmstMhwVfFwg==
/
usfinf.net/rtb/validate/7846d115e89b46d0496dce301c81c8cb/ Frame DD3E 		28 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://usfinf.net/rtb/validate/7846d115e89b46d0496dce301c81c8cb/?type=1&user_id=21795659&k=610358&c=1
Requested by
Host: cdn.usfinf.net
URL: http://cdn.usfinf.net/static/js/view117_bidshow.js
Protocol
HTTP/1.1
Server
104.21.80.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.27
Resource Hash
b51453b356d6b372c9dc23c72d7f31bd62ced388b0697c8c4034e714f38da66f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

Date
Wed, 10 Nov 2021 17:51:05 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
x-powered-by
PHP/7.3.27
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
CF-Cache-Status
DYNAMIC
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mWr8nSckvVG76zzKpoBu8jz7jDERGIjTcjAomhsbylhlef7WPAB8U05%2F5T0PnltYfmdQad8z3FR%2B9kuBH1v1m91jfHSFHQv6b%2F8V4TXo9f3PIRvgQ2h955pi6Mym"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
6ac1207a58191967-EWR
Content-Encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
freychang.fun/ 		15 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://freychang.fun/?f=d56b345256d487a765c8e19bc3389dc2
Requested by
Host: cdn.usfinf.net
URL: http://cdn.usfinf.net/static/js/amvn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:dadd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d31d4f85ce7a98d99a5063f063de51403cc2ba3d9e25324a85c861bc0a932ea

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918AZIR/2qdMM?rndad=3257167644-1636566664
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 17:51:05 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
http://usfinf.net
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PWjbt6DmJVi%2F1a2TCSO2%2Fr4hhdS%2FKkHAe67UQZ7HoalGjCYZUZDF2PvT3eDhOkLhQOai1g9Z5OzEb53VwWqw%2FrAGrdDu6lJd6hF04ulRua%2BixiYXclADCP2eqy15uPJEfjvjDy2SWXI6iegQ"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
6ac1207aee49e85d-EWR
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
truncated
/ Frame 89E3 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3c1e4cc7644ff1698616e3b394dc02cc07aa5a5e2fe94f992de85246c467dfa9

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918AZIR/2qdMM?rndad=3257167644-1636566664
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/svg+xml
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1732458759&utmhn=usfinf.net&utme=8(User)9(21795659)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1732458759&utmhn=usfinf.net&utme=8(User)9(21795659)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6469700-9&cid=1645813376.1636566665&jid=1481074715&_v=5.7.2&z=1732458759
35 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6469700-9&cid=1645813376.1636566665&jid=1481074715&_v=5.7.2&z=1732458759
Requested by
Host: usfinf.net
URL: http://usfinf.net/-89918AZIR/2qdMM?rndad=3257167644-1636566664
Protocol
H2
Server
2607:f8b0:4023:1404::9c Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918AZIR/2qdMM?rndad=3257167644-1636566664
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 10 Nov 2021 17:51:05 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 17:51:05 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6469700-9&cid=1645813376.1636566665&jid=1481074715&_v=5.7.2&z=1732458759
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
370
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
freychang.fun/ 		16 B
724 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://freychang.fun/?f=d56b345256d487a765c8e19bc3389dc2
Requested by
Host: d1a3jb5hjny5s4.cloudfront.net
URL: http://d1a3jb5hjny5s4.cloudfront.net/?hbjad=709056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:dadd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cea05571d808be1ab05aa745d31fe2d5fa7a1ab0f58e5ee3e85e09d774ab1b8f

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/-89918AZIR/2qdMM?rndad=3257167644-1636566664
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 17:51:05 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
http://usfinf.net
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iZ1%2BrkNRtSiq10o5tBbSkxeQounimArGvyMlPJY5pqJjhytbmASqwMA0GQR1zZVBKjWyIdGRUypl%2BbAUQ62G2DnGz0QSFWtqzcIWKpIXYi9XgAKe%2BZB%2Bl5ii6hw6jZbGMwHNPjB0yrRoS22a"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
6ac1207aee4ee85d-EWR
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
0NzFORk5UXiAgcUNYKnt4BwV9cHoRWz0pIEcMKXUnZ1oIHAF0dzckP2cXOjwqCgFoKi9ZVnNgK1lSc3doVlUse3oRRT4pJQpFIyIgXEQ8IDhBFzsnc1peNC8iW1BrdAgCH35jfAcZOS8gU145NWsFASAyawUBf3ZgBxR9BGsFATkvIAEFa3UMEgN+PngDGG-t0flZ...
dufai4b1ap33z.cloudfront.net/ Frame B4C3 		710 B
903 B 		Script
General
Check archive.org
Download Go to
Full URL
http://dufai4b1ap33z.cloudfront.net/0NzFORk5UXiAgcUNYKnt4BwV9cHoRWz0pIEcMKXUnZ1oIHAF0dzckP2cXOjwqCgFoKi9ZVnNgK1lSc3doVlUse3oRRT4pJQpFIyIgXEQ8IDhBFzsnc1peNC8iW1BrdAgCH35jfAcZOS8gU145NWsFASAyawUBf3ZgBxR9BGsFATkvIAEFa3UMEgN+PngDGG-t0flZBPiorQFQsLSdDFHwAewQGYHV4EgN+biVfRSMqawVya3R+W1glI2sFASkjLVxeZ2N8B1ImNCFaVGt0CA4EYHZgAwd9fmACBWt0fkRQKCc8XhR8AHsEBmB1eBFEcw
Requested by
Host: ouncedbi.xyz
URL: http://ouncedbi.xyz/ZjhGbkgHWiUDdwcFJEg9FFR7S3ogHXQoLBNeJwd8BAknHntVQmgNJAlNIgg6CVYyQCYDTGNcDlZ2PCgHNFNzOxAPeSENHShhDQA8UnoxOHEFcCk8HxwINicNBXUNNh0IYncBAS55AF4sHFstPnoFYAkEPxd7ISgnLVF/NB4IdiEleQprJV0sCW4qOzsDCyk8GjIMNiQZFn4PFwEBYAM/cC98LiwOHEsoDXkWXQgtcA9vdyw6AnkhLQBVDSwICQViCT1wAW13Wn0obzUoCTV5Pw8/M3ogXRIBej48cSR/NSgJMlMwJwkjfiddHSt9ISBtVHoWAC8ifwFDPFZeKjQKNlEpHBkgaTUiGwJ8ACY/J10xPw8/cBBaDQF2Y1wKBFEQCBo1dTcPPzBBJ10aQwoEOXkBVA9cOyB5FQUiKm4+CxJUdn4seS9VCC0OB24BGngleXIrES5iIS8/AgEgAwklehEaeABTFD8DJVt+NiA0AAcmOyN6Kyx5A3oAKysRHiwdJwhIewl7D2gtKBIpewAXKhdo
Protocol
HTTP/1.1
Server
2600:9000:202c:5200:1f:315e:7fc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
338845689908ee65a904fea0c319caa1749da895c3a405f0ac3909375f7e8f1f

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://ouncedbi.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 17:51:05 GMT
Content-Encoding
gzip
X-Amz-Cf-Pop
EWR52-C2
X-Cache
Miss from cloudfront
access-control-allow-origin
*
Cache-Control
max-age=31556926
Connection
keep-alive
Content-Length
516
Via
1.1 d873eb6ebbb9da58c373c3c3b1843e77.cloudfront.net (CloudFront)
X-Amz-Cf-Id
D4XzDPeInFj-vTt6I2BHp4G_QkLIuWqMEzx8iTgX0x9iZ5xAIDINrA==
dF1TGigpAFVXaABUBVxqaFkGQWJoWARXaHYeURQ7NAQVQBxzXgdcaXBLRU8
dufai4b1ap33z.cloudfront.net/LRm0wclolAl4UZTIEVE9tdlQAR2xgB0MdNDZQWjQ9BQp5FConWnYfDHQJFgYgIlAAVDYnA1dPfCMDU09rYAxUEGdyS0QCNS1QRB8+KAZFADwwGxYHO3sAXwgzKgFRV2gAWB5Cf3RdGAUzKAlfBSljXwAcLmNfAENqaF0VQRh... Frame DAF9 		579 B
842 B 		Script
General
Check archive.org
Download Go to
Full URL
http://dufai4b1ap33z.cloudfront.net/LRm0wclolAl4UZTIEVE9tdlQAR2xgB0MdNDZQWjQ9BQp5FConWnYfDHQJFgYgIlAAVDYnA1dPfCMDU09rYAxUEGdyS0QCNS1QRB8+KAZFADwwGxYHO3sAXwgzKgFRV2gAWB5Cf3RdGAUzKAlfBSljXwAcLmNfAENqaF0VQRhjXwAFMyhbBFdpBEgCQiJwWR-lXaHYMQAI2IxpVEDEvGRVAHHNeB1xpcEgCQnItBUQfNmNfc1dodgFZGT9jXwAVPyUGX1t/dF1TGigpAFVXaABUBVxqaFkGQWJoWARXaHYeURQ7NAQVQBxzXgdcaXBLRU8
Requested by
Host: ouncedbi.xyz
URL: http://ouncedbi.xyz/M0wxeG5SLlIVUVJxU14bQSAMXVx1aQM+CkYqUBFaUX1QCF0ANh8bAlw5VR4cXCJFVgBWOBRKKH8eXEgZUCBeFC9feGQiOnoJZz1XRyhdKS9hfkkfLAMBVTYqaR1mEj8KDmAIW3UPXhY5XRVXPCZiBncfN1QFXTkvZQhoFi8CKGEeLX4IZEhXQRVwADt2C1UBPQMdcjY9Ah1jOlYWfnMzL2kKcDwZRAtJISZ8f0I5NkQrSzMJdR5nSglyG3NNLVV/YxwpchlLMy9fKnMrAlkURjkNfyF/Hi92AkAZKAMaYCoGWRRGOSh+NVkaLHUoQTorVA9gESREG2NVAmsteSEjYg14SidLPGc9KnY6dio4cgR5NgtxfUkIDXYrcikAejhzLT9VAlw2CFB9VRcKVAprPzoKJmkPL2UcSC0pa31FXVx1KHdJOnQlVggvdRppGS9xGXMuFkItdxMpYht7FzlyHmkZJmopZCo/BAJwKThiDkkCNlQoUhk2cQBjLVYVJkIXAENxWz4JcCt4Hh5Se3cVOAEo
Protocol
HTTP/1.1
Server
2600:9000:202c:5200:1f:315e:7fc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
c4485bca81f0c2d9fe62a63f0b0c6f91675cb6ee166b3c3759929ac577036aa2

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://ouncedbi.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 17:51:05 GMT
Content-Encoding
gzip
X-Amz-Cf-Pop
EWR52-C2
X-Cache
Miss from cloudfront
access-control-allow-origin
*
Cache-Control
max-age=31556926
Connection
keep-alive
Content-Length
455
Via
1.1 c855cfdfac580e3b58f1c68c8d67dcf6.cloudfront.net (CloudFront)
X-Amz-Cf-Id
jxxEfLj_yMpzeoaDNHSpB22ltZm3SEOQZFolaclwRN3aTwyXs2fGfQ==
encoding.js
usfinf.net/static/js/ Frame DD3E 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://usfinf.net/static/js/encoding.js
Requested by
Host: usfinf.net
URL: http://usfinf.net/rtb/validate/7846d115e89b46d0496dce301c81c8cb/?type=1&user_id=21795659&k=610358&c=1
Protocol
HTTP/1.1
Server
104.21.80.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a713376b08fd74e7edb469234b525ba596d7c5317793ffd8a9a5eb83d05832bf

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://usfinf.net/rtb/validate/7846d115e89b46d0496dce301c81c8cb/?type=1&user_id=21795659&k=610358&c=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 17:51:05 GMT
content-encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2753
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
2869
last-modified
Wed, 21 Jul 2021 19:37:10 GMT
Server
cloudflare
etag
"240a-60f87766-2f1222768fe7b3e1;gz"
vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ijTeIaFCw0gji5neqjbzZhYiVcN5nr4FXrBg3I%2FMoYnah%2B0kSzAWPdwT3CkmY5p3v%2BFVbgQ6epNJTX6nd9zWAoULQh6iWHftfdEB9XAWkTkmap53HgaZIJthG3%2FT"}],"group":"cf-nel","max_age":604800}
Content-Type
application/x-javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
Accept-Ranges
bytes
CF-RAY
6ac1207ae9b81967-EWR
expires
Wed, 17 Nov 2021 17:05:12 GMT
display
babblecase.com/ad/ Frame 8EA7
Redirect Chain
  • http://usfinf.net/rtb/show/7846d115e89b46d0496dce301c81c8cb/?k=610358&cs=vkNmTcMh3ZLWjYMT2BICiNw1i4dCWOQziYODiNIuyAMjTLc15kNzTLYl11O2SbIyshI2nQYgykIyjborwNLWCZJHmBZSmZYrilOGjbQgxwMCzTYN5RMFDSAL3hMC...
  • http://babblecase.com/ad/display?ad_id=1102017
515 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://babblecase.com/ad/display?ad_id=1102017
Requested by
Host: usfinf.net
URL: http://usfinf.net/rtb/validate/7846d115e89b46d0496dce301c81c8cb/?type=1&user_id=21795659&k=610358&c=1
Protocol
HTTP/1.1
Server
104.21.9.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / adfly
Resource Hash
759ea8c435fa432849342268df2c56eb35528e02cfca57cfd5484806117b567d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
about:blank

Response headers

Date
Wed, 10 Nov 2021 17:51:05 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
x-powered-by
adfly
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
CF-Cache-Status
DYNAMIC
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6VZz3LK7mU78I4v11PLIL8%2FjGiSBS3T5cFCwRi4ef5%2FIc38wYV9xgJnUT8wDWamGK%2FhpHw9nK85fR%2Bu5fImEeniU%2BTYjRmdXE43vD%2BwPW10cxJQ1WKHYQVuy18Pi4dL2pQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
6ac1207c987feff1-EWR
Content-Encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date
Wed, 10 Nov 2021 17:51:05 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
x-powered-by
PHP/7.3.27
location
http://babblecase.com/ad/display?ad_id=1102017
cache-control
no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by
LiteSpeed
CF-Cache-Status
DYNAMIC
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qw3qOLOr37ev92Dh749qGDXe9gByy7K0HQ%2F%2FSpQiXQNYhlRFQTwRvqH0f3aOk%2FzNP188vd3aAO5EMuO8f5%2FOF8Dy1%2BlzEgTwvaw%2BkLI0qtyG3EGfIUCpUv8DPj9%2F"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
6ac1207c0c991967-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
paxful_banner_1_qsudos.png
res.cloudinary.com/dwz0thxh5/image/upload/v1591257261/ Frame 8EA7 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/dwz0thxh5/image/upload/v1591257261/paxful_banner_1_qsudos.png
Requested by
Host: babblecase.com
URL: http://babblecase.com/ad/display?ad_id=1102017
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
ee05ef5c212ee54009ca5640ea2dfe7f165710d839c19c5d63467be0b68d41f3
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://babblecase.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 17:51:05 GMT
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 07:54:22 GMT
server
Cloudinary
etag
"a3810d5a9fc206cebca928c0a550b7ea"
strict-transport-security
max-age=604800
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=2592000
server-timing
fastly;dur=2;cpu=1;start=2021-11-10T17:51:05.863Z;desc=hit,rtt;dur=1
accept-ranges
bytes
timing-allow-origin
*
content-length
32657

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/sodar/sodar2.js

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler boolean| frame_check object| antiClickjack function| $ function| jQuery number| LAST_CORRECT_EVENT_TIME number| _2005463505 number| _2328677372 function| fa string| tkn string| log_token string| user_id string| url_id string| ysmm string| ref_url string| waitmsg string| skip_button number| intpop string| adfly_id number| pat string| bindElement function| o6xx function| A6VV string| jmbdd boolean| adfly_google_compliant object| _gaq function| goal object| adReporter function| removeCookieNotice function| getCookie function| z000 function| MD5 function| decryptUrl number| countdown boolean| counter_started boolean| loaded boolean| opera number| t boolean| abd number| fail_timer number| fail_count function| handleAdbClick function| onMessage function| md5_hh object| abC function| getFlyMessage function| bit_rol string| dn string| key_a function| md5_ii object| xhr function| V function| md5_gg function| M function| md5_ff function| md5_cmn function| safe_add function| cookieCheck function| Y function| X function| base64_decode_view function| k9WW function| checkstart function| stCntr function| cnt number| iinf object| _gat object| gaGlobal

17 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.cutt.us/ Name: __gads
Value: ID=d150c852f42dd3e7-22f10b0e75cc00f1:T=1636566664:S=ALNI_MZGTANfdFUJm9oTorqdJ306le77PQ
.cutt.us/ Name: _ga
Value: GA1.2.873942843.1636566665
.cutt.us/ Name: _gid
Value: GA1.2.850120800.1636566665
.cutt.us/ Name: _gat_gtag_UA_31510493_1
Value: 1
fumacrom.com/ Name: FLYSESSID
Value: ar8n79cpgh3inqmmhm1h0deer8
usfinf.net/ Name: FLYSESSID
Value: 4g5r9qtk65q3c5s28k0cg8h7jj
.usfinf.net/ Name: yp1
Value: f8e8b5ee92a2719325a56f943e5cc5bb
.usfinf.net/ Name: yp2
Value: 134cbe5a44206a966bd6362c52080c11
.usfinf.net/ Name: yp3
Value: 3257167644
usfinf.net/ Name: market_1102017
Value: 3894859
usfinf.net/ Name: adfly_ad_report
Value: 1102017_3894859
.usfinf.net/ Name: __utma
Value: 185573165.1645813376.1636566665.1636566665.1636566665.1
.usfinf.net/ Name: __utmc
Value: 185573165
.usfinf.net/ Name: __utmz
Value: 185573165.1636566665.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.usfinf.net/ Name: __utmt
Value: 1
.usfinf.net/ Name: __utmb
Value: 185573165.1.10.1636566665

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4d7804020e49d9bae9588c63d575ab00.safeframe.googlesyndication.com
accounts.google.com
adservice.google.com
ajax.googleapis.com
babblecase.com
cdn.usfinf.net
cutt.us
d1a3jb5hjny5s4.cloudfront.net
dufai4b1ap33z.cloudfront.net
freychang.fun
fumacrom.com
jerunamendary.xyz
ouncedbi.xyz
pagead2.googlesyndication.com
res.cloudinary.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
usfinf.net
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
tpc.googlesyndication.com
104.21.80.202
104.21.9.25
142.250.80.8
142.251.40.226
172.67.128.165
172.67.153.199
18.67.76.100
2600:9000:202c:5200:1f:315e:7fc0:21
2600:9000:21ea:c600:12:c391:3100:21
2606:4700:3030::ac43:dadd
2606:4700:3031::ac43:b990
2607:f8b0:4006:807::2002
2607:f8b0:4006:80e::2001
2607:f8b0:4006:80e::200e
2607:f8b0:4006:80f::2002
2607:f8b0:4006:816::200a
2607:f8b0:4006:81c::200d
2607:f8b0:4006:81e::2002
2607:f8b0:4023:1404::9c
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42:400::393
69.61.26.122
019f82324636927da983189c4f9e9ce1695dd38aab067e7d335a441b3a4eb307
042313bf805bd8d9a1c6b2a88c90e15407004fcc6e9c5d5974c87c85c20796f3
0a607f27600e85addcfd1415ee611a370a30dce3f53ac200d3e0e25d2bdc5157
0e4f79ad5a23616e2335f51d4569acd07ec8c167f06b9f4b8fad76b94b387fb8
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
13cad7fb56a878cd12d9456a8754cf13433ac6741338371f87776b4373411b15
1a65eca7c102c3a7ec3da4f688c7fe2e88f5a3d6382a13d224938a8e66c65fac
1e4472cf4137a3e13117ce11f31bf03f7811bbebc6aa340de3ac6ee18d464a2f
27ab7efdb31ee6b311557cb2296d9bdb4c5038a230bcb4f9bc1a2409bb73863a
2fa2ba143aaedc6b6169e9b024d4f12df4acfc5995950dce175fd97644dd0c43
338845689908ee65a904fea0c319caa1749da895c3a405f0ac3909375f7e8f1f
38dcd84e21478764e18126e35bbf0303a44b017287a25fe6f315de8d6ad481bd
3c1e4cc7644ff1698616e3b394dc02cc07aa5a5e2fe94f992de85246c467dfa9
3d31d4f85ce7a98d99a5063f063de51403cc2ba3d9e25324a85c861bc0a932ea
3ed40b8659621744aed29c23d8eaf363068ac3806dd7ae70a8ae4c0aa491c3ab
447ffe4040fc9d0761f896e3ef3b37e2220744f4d3e3760ffe1f216f3d0e4e54
4b67d948e653f56aa7bc25cd403afa4fe04bafa3d8f3399ab0b84d96f1292259
5bde55d5cf3382c3735eb5a499e45375ed4e1219b20d5bf8e6992946ad8deb12
759ea8c435fa432849342268df2c56eb35528e02cfca57cfd5484806117b567d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
8f1d706754892e22a5f5f4838df397b3957c43ee39782a2414e977ca2535ebdb
938632fb472382061e62d8f1d033da03cbc84f150236e4251c8ece12241405ae
9976a6ecb3c55b071fd718a5849aa06de3cec11a5a80ff3f73ff564018d1443b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5a8c31a5b6bde17e4b0af553eb177182a9cbd47296c86ed292d6c32ade34d3c
a713376b08fd74e7edb469234b525ba596d7c5317793ffd8a9a5eb83d05832bf
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a84956aa983e7d398b0f4346769e35792af58f217f5dcc535dcd7ab5996b999a
b281ad15b8eae8656a12eb97b8fea4002f82f70a9031ae5bc9af3d0cc177a85b
b51453b356d6b372c9dc23c72d7f31bd62ced388b0697c8c4034e714f38da66f
be0e2481b9bc9814a6aaae787d8ebaf01ec26f9716f7ea226a3f745c8276639a
c4485bca81f0c2d9fe62a63f0b0c6f91675cb6ee166b3c3759929ac577036aa2
c90d133d8781031905e8ca7b870e057bf3dacad058720efc4a2ec848cb40d2df
ca1eaf84ac267f2aade9da574267875fc074a95f8ce7c9f9dc8554c40389f985
cea05571d808be1ab05aa745d31fe2d5fa7a1ab0f58e5ee3e85e09d774ab1b8f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee05ef5c212ee54009ca5640ea2dfe7f165710d839c19c5d63467be0b68d41f3
ef8721967f0cca2539ee60f9cad0e8c1ef89f18a53964a4e6101033d23a4ba29