clfgq.app.link Open in urlscan Pro
2600:9000:24f5:d400:19:9934:6a80:93a1  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://cutt.us/KjXNsq5P4 Page URL
2. https://l.wl.co/l?u=https://clfgq.app.link/h2lpTE0RYCb&h=ZhvYeD6HF9scjmzqAdVbgPSLK4NQUra3EJ7wGWxBMTCkf8pX2y9390482011706578280mCpeUWtzGMA5DZKNH2qR39Pdw6y7rfLxQkJ8FaunsgjhYB Page URL
3. https://clfgq.app.link/h2lpTE0RYCb Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	KjXNsq5P4 Show response cutt.us/	4 KB 2 KB	7640ms 7471ms	Document text/html	69.61.26.123 GLOBALCOMPASS
General Check archive.org Show headers Download Go to Full URL https://cutt.us/KjXNsq5P4 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.61.26.123 Atlanta, United States, ASN22653 (GLOBALCOMPASS, US), Reverse DNS Software Hotcores.com / Resource Hash 7dbc39652150d2e71c4a9fc1580e5d139378a9a48dcf70df82734b6a353a4168 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Cache-Control no-cache, must-revalidate, max-age=0 Connection keep-alive Content-Encoding gzip Content-Type text/html; Charset=UTF-8;charset=UTF-8 Date Mon, 13 Nov 2023 05:53:52 GMT I-AM Gamma Pragma no-cache Server Hotcores.com Strict-Transport-Security max-age=31536000; includeSubdomains; Transfer-Encoding chunked Vary Accept-Encoding X-Robots-Tag noindex, nofollow
GET H2	200	gpt.js Show response www.googletagservices.com/tag/js/	102 KB 31 KB	134ms 60ms	Script text/javascript	2607:f8b0:4004:c09::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: cutt.us URL: https://cutt.us/KjXNsq5P4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 71f60414f9438644ad3c81f5a9b7511199664a5912029ddf28631002bf373d4c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://cutt.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Mon, 13 Nov 2023 06:02:01 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31445 x-xss-protection 0 server cafe etag 282 / 19674 / 31079511 / config-hash: 5108900474499610176 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Mon, 13 Nov 2023 06:02:01 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	186 KB 67 KB	121ms 46ms	Script application/javascript	2607:f8b0:4004:c09::61 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-31510493-1 Requested by Host: cutt.us URL: https://cutt.us/KjXNsq5P4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::61 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 9f8806ef37c74d6c5bf2ec6d9060a39f8315100b4560e9f7498037340628beac Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://cutt.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Mon, 13 Nov 2023 06:02:01 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 68609 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 13 Nov 2023 06:02:01 GMT
GET H2	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311060101/	427 KB 134 KB	117ms 36ms	Script text/javascript	2607:f8b0:4004:c07::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311060101/pubads_impl.js?cb=31079511 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 97099da6fb4c43aa8cd1fa2cfb9dfefe93b07b3eac3fc20fc7094ff482871d39 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://cutt.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Mon, 13 Nov 2023 04:50:01 GMT content-encoding br x-content-type-options nosniff age 4320 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 136817 x-xss-protection 0 server cafe etag 14142176788290477171 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Tue, 12 Nov 2024 04:50:01 GMT
GET H2	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	40 B 583 B	130ms 52ms	XHR application/json	2607:f8b0:4004:c07::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=cutt.us Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4c5969602269c88c8d96c66d29f7b5e9b04bc062c9a47f3efd6b648cd018d331 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://cutt.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Mon, 13 Nov 2023 06:02:01 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 41 x-xss-protection 0 expires Mon, 13 Nov 2023 06:02:01 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	222 KB 79 KB	46ms 46ms	Script application/javascript	2607:f8b0:4004:c09::61 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-ZBQ2JYBBZ5&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-31510493-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::61 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 43fef12fe9a3d8964cf270bc3704166c3a63d87596e6b53062afbe213e0c97f3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://cutt.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Mon, 13 Nov 2023 06:02:01 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 80583 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 13 Nov 2023 06:02:01 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	110ms 36ms	Script text/javascript	2607:f8b0:4004:c08::8b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-31510493-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c08::8b Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://cutt.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Mon, 13 Nov 2023 04:46:12 GMT last-modified Mon, 12 Jun 2023 18:23:07 GMT server Golfe2 age 4549 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Mon, 13 Nov 2023 06:46:12 GMT
POST H2	204	collect www.google-analytics.com/g/	0 165 B	45ms 44ms	Ping text/plain	2607:f8b0:4004:c08::8b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-ZBQ2JYBBZ5&gtm=45je3b81v9124577564&_p=1699855321046&gcd=11l1l1l1l1&dma=0&cid=265524131.1699855321&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1699855321&sct=1&seg=0&dl=https%3A%2F%2Fcutt.us%2FKjXNsq5P4&dt=KjXNsq5P4&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=7988 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-ZBQ2JYBBZ5&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c08::8b Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://cutt.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers pragma no-cache date Mon, 13 Nov 2023 06:02:01 GMT server Golfe2 content-type text/plain access-control-allow-origin https://cutt.us cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	1 B 91 B	45ms 45ms	XHR text/plain	2607:f8b0:4004:c08::8b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2033486299&t=pageview&_s=1&dl=https%3A%2F%2Fcutt.us%2FKjXNsq5P4&ul=en-us&de=UTF-8&dt=KjXNsq5P4&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=829643169&gjid=322525879&cid=265524131.1699855321&tid=UA-31510493-1&_gid=371875976.1699855321&_r=1&gtm=457e3b81&gcd=11l1l1l1l1&dma=0&jsscut=1&z=1800880046 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c08::8b Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://cutt.us/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 13 Nov 2023 06:02:01 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://cutt.us cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	670 B 697 B	72ms 71ms	Fetch text/plain	2607:f8b0:4004:c07::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2270432743465292&correlator=1020596494931287&eid=31079511%2C31079527&output=ldjh&gdfp_req=1&vrg=202311060101&ptt=17&impl=fif&iu_parts=5837603%2CCutt_360&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x360&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1699855321469&lmt=1699855321&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcutt.us%2FKjXNsq5P4&vis=1&psz=300x63&msz=0x0&fws=128&ohw=0&ga_vid=265524131.1699855321&ga_sid=1699855321&ga_hid=2033486299&ga_fc=true&dlt=1699855321005&idt=433&adks=1933368604&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311060101/pubads_impl.js?cb=31079511 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0322cfe67f8c1d109359fd03dfda0e555c482aff2727e9f271482e2c3d6e0f47 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://cutt.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Mon, 13 Nov 2023 06:02:01 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 331 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://cutt.us cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response e856470ce4efdb20c68e0a7892809b60.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 76FC	6 KB 3 KB	123ms 37ms	Document text/html	2607:f8b0:4004:c07::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://e856470ce4efdb20c68e0a7892809b60.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311060101/pubads_impl.js?cb=31079511 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://cutt.us/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Mon, 13 Nov 2023 06:02:01 GMT expires Tue, 12 Nov 2024 06:02:01 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	l l.wl.co/	228 B 1 KB	307ms 226ms	Document text/html	2a03:2880:f003:c07:face:b00c:0:2 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://l.wl.co/l?u=https://clfgq.app.link/h2lpTE0RYCb&h=ZhvYeD6HF9scjmzqAdVbgPSLK4NQUra3EJ7wGWxBMTCkf8pX2y9390482011706578280mCpeUWtzGMA5DZKNH2qR39Pdw6y7rfLxQkJ8FaunsgjhYB Requested by Host: cutt.us URL: https://cutt.us/KjXNsq5P4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f003:c07:face:b00c:0:2 Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-inline' data: blob: https://*.wl.co https://*.fbcdn.net;block-all-mixed-content;upgrade-insecure-requests; X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://cutt.us/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control private, no-cache, no-store, must-revalidate content-encoding br content-security-policy default-src 'self' 'unsafe-inline' data: blob: https://*.wl.co https://*.fbcdn.net;block-all-mixed-content;upgrade-insecure-requests; content-type text/html; charset="utf-8" cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy same-origin date Mon, 13 Nov 2023 06:02:01 GMT document-policy force-load-at-top expires Sat, 01 Jan 2000 00:00:00 GMT origin-agent-cluster ?0 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() pragma no-cache referrer-policy origin refresh 1;URL=https://clfgq.app.link/h2lpTE0RYCb reporting-endpoints vary Accept-Encoding x-content-type-options nosniff x-fb-debug pjnFbvZvDurKzyjpg/5enPHWQo7+DcWqYz1/AOlrmzZ8dxFHQJPbUO9QJz9ysK43pHgPO1JwgOEbwEw3ttZqTg== x-frame-options DENY x-robots-tag noindex, nofollow x-xss-protection 0
GET H2	200	sodar pagead2.googlesyndication.com/getconfig/	16 KB 12 KB	131ms 57ms	XHR application/json	2607:f8b0:4004:c06::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311060101&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311060101/pubads_impl.js?cb=31079511 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://cutt.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Mon, 13 Nov 2023 06:02:01 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12376 x-xss-protection 0
GET H2	200	sodar2.js tpc.googlesyndication.com/sodar/	17 KB 7 KB	115ms 38ms	Script text/javascript	2607:f8b0:4004:c09::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311060101/pubads_impl.js?cb=31079511 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://cutt.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Mon, 13 Nov 2023 06:02:01 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Mon, 13 Nov 2023 06:02:01 GMT
GET H2	200	runner.html tpc.googlesyndication.com/sodar/sodar2/225/ Frame EE80	0 0	40ms 38ms	Document text/html	2607:f8b0:4004:c09::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://cutt.us/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes age 12945 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Mon, 13 Nov 2023 02:26:16 GMT expires Tue, 12 Nov 2024 02:26:16 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET		aframe www.google.com/recaptcha/api2/ Frame F738	0 0
GET H2	404	Primary Request h2lpTE0RYCb Show response clfgq.app.link/	570 B 1 KB	211ms 107ms	Document text/html	2600:9000:24f5:d400:19:9934:6a80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://clfgq.app.link/h2lpTE0RYCb Requested by Host: l.wl.co URL: https://l.wl.co/l?u=https://clfgq.app.link/h2lpTE0RYCb&h=ZhvYeD6HF9scjmzqAdVbgPSLK4NQUra3EJ7wGWxBMTCkf8pX2y9390482011706578280mCpeUWtzGMA5DZKNH2qR39Pdw6y7rfLxQkJ8FaunsgjhYB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:24f5:d400:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software openresty / Resource Hash a136bedd558fdca90e29d5ffe25fd8747e107f1bb031ca56e5d8ab07982bf3b1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://l.wl.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ch Sec-CH-UA-Platform-Version,Sec-CH-UA-Model content-length 570 content-type text/html; charset=utf-8 date Mon, 13 Nov 2023 06:02:02 GMT etag W/"23a-3eWCEaoMUZ/tK0d8r+lEePtYlPc" last-modified Mon, 13 Nov 2023 06:02:02 GMT server openresty strict-transport-security max-age=31536000; includeSubDomains via 1.1 d1dad7d3c339d87d553c26a84c9ca5d2.cloudfront.net (CloudFront) x-amz-cf-id vWZ_rrJ01ZP1yuyCM-pxZIdUdacssiDQxNh_cLIVhzMueYs21qOiZQ== x-amz-cf-pop IAD55-P4 x-cache Error from cloudfront
GET H2	200	styles.css cdn.branch.io/static/	3 KB 3 KB	122ms 38ms	Stylesheet text/css	13.32.208.81 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.branch.io/static/styles.css Requested by Host: clfgq.app.link URL: https://clfgq.app.link/h2lpTE0RYCb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.208.81 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-208-81.iad66.r.cloudfront.net Software AmazonS3 / Resource Hash fc49ee589da45d4d7728dff1001a8d3a75cc7525721e8a8f4c5ecfae64572e08 Request headers accept-language en-US,en;q=0.9 Referer https://clfgq.app.link/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sun, 12 Nov 2023 07:39:01 GMT x-amz-version-id bkyd00Urs8vXdFWDBEZGzwxDpnDg88D6 via 1.1 b9c7ee7ef5bcece32a3a0ac817ab1f96.cloudfront.net (CloudFront) last-modified Fri, 26 Apr 2019 15:23:35 GMT server AmazonS3 x-amz-cf-pop IAD66-C1 age 80582 etag "a34a7b6f5d98f6640a5b37cb980d2941" x-cache Hit from cloudfront content-type text/css content-length 2642 x-amz-cf-id GaIhQgHSuqt2_gaYIzauQq4bVWKf_QJq3ueLlPlLT0dkZS7FyaDj0A==
GET H2	200	broken_branch.png cdn.branch.io/static/	13 KB 13 KB	127ms 44ms	Image image/png	13.32.208.81 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.branch.io/static/broken_branch.png Requested by Host: clfgq.app.link URL: https://clfgq.app.link/h2lpTE0RYCb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.208.81 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-208-81.iad66.r.cloudfront.net Software AmazonS3 / Resource Hash c38e17678b75d6322783f3ae05b436c8cce5ffdbd2ae50660a6f1b4940c30b30 Request headers accept-language en-US,en;q=0.9 Referer https://clfgq.app.link/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sun, 12 Nov 2023 07:25:36 GMT x-amz-version-id 8zhbp2AeSEr8GC_847MLXmOGXiX_jkaQ via 1.1 b9c7ee7ef5bcece32a3a0ac817ab1f96.cloudfront.net (CloudFront) last-modified Fri, 26 Apr 2019 15:23:35 GMT server AmazonS3 x-amz-cf-pop IAD66-C1 age 81387 etag "ec6fceab0f3b37db4831f0f0a8dd5e2a" x-cache Hit from cloudfront content-type image/png content-length 12882 x-amz-cf-id iSOxneCrb7x8KCwUCS_VEMxpLPlkmXSfHhWfusvmmeXBEBgIPTTdRQ==
GET H2	200	branch_badge.png cdn.branch.io/static/	29 KB 30 KB	133ms 49ms	Image image/png	13.32.208.81 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.branch.io/static/branch_badge.png Requested by Host: clfgq.app.link URL: https://clfgq.app.link/h2lpTE0RYCb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.208.81 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-208-81.iad66.r.cloudfront.net Software AmazonS3 / Resource Hash 09dda3b2da09d2f0384118965daeaace7682773aac620441f5e5b3c60e909f98 Request headers accept-language en-US,en;q=0.9 Referer https://clfgq.app.link/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers x-amz-version-id Es5MSn91friSbrViEDLBVwrCo_2JUs4M date Sun, 12 Nov 2023 11:35:03 GMT via 1.1 b9c7ee7ef5bcece32a3a0ac817ab1f96.cloudfront.net (CloudFront) last-modified Fri, 26 Apr 2019 15:23:35 GMT server AmazonS3 x-amz-cf-pop IAD66-C1 age 66420 etag "65a36bc8bfe4cbe75182c610ef6cd7e9" x-cache Hit from cloudfront content-type image/png content-length 30204 x-amz-cf-id yofExfkFmY571SickDlX2FRfKDKhWWuQaxd2OUfYxR8OZ-hx-mFffg==
GET H2	200	css fonts.googleapis.com/	11 KB 1 KB	121ms 47ms	Stylesheet text/css	2607:f8b0:4004:c17::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700 Requested by Host: cdn.branch.io URL: https://cdn.branch.io/static/styles.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 575bbbf8b2076fd27f1020084ed48b141c1045ad0165c4154643bc1ae0476a65 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://cdn.branch.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 13 Nov 2023 06:02:02 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 13 Nov 2023 05:50:50 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 13 Nov 2023 06:02:02 GMT
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v36/	47 KB 48 KB	110ms 36ms	Font font/woff2	2607:f8b0:4004:c17::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://clfgq.app.link accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Thu, 09 Nov 2023 05:42:59 GMT x-content-type-options nosniff age 346743 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48432 x-xss-protection 0 last-modified Thu, 14 Sep 2023 00:40:31 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 08 Nov 2024 05:42:59 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.google.com

URL

https://www.google.com/recaptcha/api2/aframe

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.cutt.us/	1970-01-21 01:46:55	Name: _ga_ZBQ2JYBBZ5 Value: GS1.1.1699855321.1.0.1699855321.0.0.0
			.cutt.us/	1970-01-21 01:46:55	Name: _ga Value: GA1.2.265524131.1699855321
			.cutt.us/	1970-01-20 16:12:21	Name: _gid Value: GA1.2.371875976.1699855321
			.cutt.us/	1970-01-20 16:10:55	Name: _gat_gtag_UA_31510493_1 Value: 1
			.doubleclick.net/	1970-01-20 16:10:56	Name: test_cookie Value: CheckForPermission
			.cutt.us/	1970-01-21 01:32:31	Name: __gads Value: ID=e356849a30402262:T=1699855321:RT=1699855321:S=ALNI_MbCbpiwAUxekwob0GbjYAHokF3U3w
			.cutt.us/	1970-01-21 01:32:31	Name: __gpi Value: UID=00000a00252ed55a:T=1699855321:RT=1699855321:S=ALNI_MbQPm7EtiTpoObgte9vIE9X8h9d1A
			.app.link/	1970-01-21 00:56:31	Name: _s Value: N5hhZ9CE4xeriUMuNV2VmUZcgH31M2GxUOpDkYTjr9wUEg8%2Fh9yC%2Fmr%2BdsOp8Pa9

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
network	error	URL: https://clfgq.app.link/h2lpTE0RYCb Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.branch.io
clfgq.app.link
cutt.us
e856470ce4efdb20c68e0a7892809b60.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
l.wl.co
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.google.com
13.32.208.81
2600:9000:24f5:d400:19:9934:6a80:93a1
2607:f8b0:4004:c06::9b
2607:f8b0:4004:c07::84
2607:f8b0:4004:c07::9d
2607:f8b0:4004:c08::8b
2607:f8b0:4004:c09::61
2607:f8b0:4004:c09::84
2607:f8b0:4004:c09::9c
2607:f8b0:4004:c17::5e
2607:f8b0:4004:c17::5f
2a03:2880:f003:c07:face:b00c:0:2
69.61.26.123
0322cfe67f8c1d109359fd03dfda0e555c482aff2727e9f271482e2c3d6e0f47
09dda3b2da09d2f0384118965daeaace7682773aac620441f5e5b3c60e909f98
43fef12fe9a3d8964cf270bc3704166c3a63d87596e6b53062afbe213e0c97f3
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4c5969602269c88c8d96c66d29f7b5e9b04bc062c9a47f3efd6b648cd018d331
575bbbf8b2076fd27f1020084ed48b141c1045ad0165c4154643bc1ae0476a65
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
71f60414f9438644ad3c81f5a9b7511199664a5912029ddf28631002bf373d4c
7dbc39652150d2e71c4a9fc1580e5d139378a9a48dcf70df82734b6a353a4168
97099da6fb4c43aa8cd1fa2cfb9dfefe93b07b3eac3fc20fc7094ff482871d39
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9f8806ef37c74d6c5bf2ec6d9060a39f8315100b4560e9f7498037340628beac
a136bedd558fdca90e29d5ffe25fd8747e107f1bb031ca56e5d8ab07982bf3b1
c38e17678b75d6322783f3ae05b436c8cce5ffdbd2ae50660a6f1b4940c30b30
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fc49ee589da45d4d7728dff1001a8d3a75cc7525721e8a8f4c5ecfae64572e08