urlscan.io logo urlscan.io
SecurityTrails logo

adfoc.us Open in urlscan Pro
2606:4700:20::ac43:4a55  Public Scan

Go To Rescan Add Verdict Report
URL: http://adfoc.us/serve/?id=68071792570683
Submission: On February 11 via manual from HK — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 2 countries across 13 domains to perform 36 HTTP transactions. The main IP is 2606:4700:20::ac43:4a55, located in United States and belongs to CLOUDFLARENET, US. The main domain is adfoc.us. The Cisco Umbrella rank of the primary domain is 831403.
This is the only time adfoc.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

4    2606:4700:20::ac43:4a55 (United States)

ASN13335 (CLOUDFLARENET, US)
adfoc.us
1    2607:f8b0:4006:816::200a (United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    2607:f8b0:4006:820::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    2607:f8b0:4006:817::2002 (United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    146.75.36.193 (Reston, United States)

ASN54113 (FASTLY, US)
i.imgur.com
1    104.18.35.189 (None, )

ASN13335 (CLOUDFLARENET, US)
click.bounceads.net
3    172.67.69.96 (United States)

ASN13335 (CLOUDFLARENET, US)
bestmusicfileapps.com
4    2607:f8b0:4006:809::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2607:f8b0:4006:80b::2002 (United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2607:f8b0:4004:c09::9b (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    104.26.11.198 (None, )

ASN13335 (CLOUDFLARENET, US)
javascriptcdnlive.com
1    2607:f8b0:4006:820::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2606:4700:10::ac43:2832 (United States)

ASN13335 (CLOUDFLARENET, US)
app.posthog.com
1    2607:f8b0:4006:81d::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2607:f8b0:4006:816::2001 (United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2607:f8b0:4006:80f::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 114
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
227 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
4 adfoc.us
adfoc.us — Cisco Umbrella Rank: 831403
10 KB
3 posthog.com
app.posthog.com — Cisco Umbrella Rank: 8095
38 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
stats.g.doubleclick.net — Cisco Umbrella Rank: 80
5 KB
3 bestmusicfileapps.com
bestmusicfileapps.com
43 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
234 KB
2 imgur.com
i.imgur.com — Cisco Umbrella Rank: 7290
13 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 366
fonts.googleapis.com — Cisco Umbrella Rank: 31
36 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 gstatic.com
fonts.gstatic.com
48 KB
1 javascriptcdnlive.com
javascriptcdnlive.com
7 KB
1 bounceads.net
click.bounceads.net
190 B
36 13
Domain Requested by
6 pagead2.googlesyndication.com adfoc.us
pagead2.googlesyndication.com
tpc.googlesyndication.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 adfoc.us adfoc.us
ajax.googleapis.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 app.posthog.com bestmusicfileapps.com
app.posthog.com
3 bestmusicfileapps.com adfoc.us
bestmusicfileapps.com
3 www.googletagmanager.com adfoc.us
www.googletagmanager.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 i.imgur.com adfoc.us
1 www.google.com tpc.googlesyndication.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com bestmusicfileapps.com
1 javascriptcdnlive.com bestmusicfileapps.com
1 stats.g.doubleclick.net www.google-analytics.com
1 click.bounceads.net 1 redirects
1 ajax.googleapis.com adfoc.us
36 16

This site contains links to these domains. Also see Links.

Domain
www.survivalservers.com
github.com
Subject Issuer Validity Valid
*.google-analytics.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.imgur.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-13 -
2024-03-12		 a year crt.sh
bestmusicfileapps.com
GTS CA 1P5		 2024-01-19 -
2024-04-18		 3 months crt.sh
javascriptcdnlive.com
GTS CA 1P5		 2024-01-26 -
2024-04-25		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-15 -
2024-04-14		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh

This page contains 6 frames:

Primary Page: http://adfoc.us/serve/?id=68071792570683
Frame ID: BBE02B87F7C9EFE4FCC4C1FF5B30C55A
Requests: 20 HTTP requests in this frame

Frame: https://bestmusicfileapps.com/NLP1/?source=adfcs1&click=6331b848d561d0f1de0c9e6dbfb451b0&filename=Setup.exe
Frame ID: 6739F43FCB1009B12E1B64FF9090B37B
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20190131/zrt_lookup_fy2021.html
Frame ID: 17A8A8FBAF8809F325504BA54BEEC1C8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9854779124424507&output=html&adk=1812271804&adf=3025194257&lmt=1707693399&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x945_l%7C500x945_r&format=0x0&url=http%3A%2F%2Fadfoc.us%2Fserve%2F%3Fid%3D68071792570683&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&dt=1707693399688&bpp=3&bdt=393&idt=277&shv=r20240207&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1148323566941&frm=20&pv=2&ga_vid=1069304413.1707693400&ga_sid=1707693400&ga_hid=1365026376&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31080797%2C31081025%2C31081034%2C44795921%2C44809531%2C95324581%2C95324155%2C95324160%2C21065724&oid=2&pvsid=4469543271401873&tmod=1941499450&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=295
Frame ID: 6A377BD064B3DCC2F6C14822532781FF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CE079950BC9E48D9904D9FE5FDB30081
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C5BE5E60DC5A83D00136607B5260E7A4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

AdFoc.us

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

36
Requests

86 %
HTTPS

75 %
IPv6

13
Domains

16
Subdomains

15
IPs

2
Countries

683 kB
Transfer

1722 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://click.bounceads.net/click.php?ID=adfcs1&sub=adfcs1&subid=680717 HTTP 302
  • https://bestmusicfileapps.com/NLP1/?source=adfcs1&click=6331b848d561d0f1de0c9e6dbfb451b0&filename=Setup.exe

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
adfoc.us/serve/ 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://adfoc.us/serve/?id=68071792570683
Protocol
HTTP/1.1
Server
2606:4700:20::ac43:4a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c438081c822b6f49c933f81f464f9784358cb7cd1e4bd2c61c240765d3428d7a
Security Headers
Name Value
Strict-Transport-Security max-age=0;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
85404d00382dc411-EWR
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sun, 11 Feb 2024 23:16:39 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Pragma
no-cache
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D7n2JVEArB2oM0kyn95d7YDB0TXM%2FqmJIwjo70ZFg8JT7gub0PYAEpNJueYqB%2FRXxwXaGDiNZKpbqEaCpz8frwAVaEEVlq2e2Cdj4YC6n3grxiJzCdCWNWv7mdeyvmCF9Y87eIoV"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Strict-Transport-Security
max-age=0;
Transfer-Encoding
chunked
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.2/ 		91 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
Requested by
Host: adfoc.us
URL: http://adfoc.us/serve/?id=68071792570683
Protocol
HTTP/1.1
Server
2607:f8b0:4006:816::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://adfoc.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Fri, 09 Feb 2024 00:06:41 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
256198
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy
cross-origin
Content-Length
33621
X-XSS-Protection
0
Last-Modified
Tue, 03 Mar 2020 19:15:00 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="hosted-libraries-pushers"
Vary
Accept-Encoding
Report-To
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Sat, 08 Feb 2025 00:06:41 GMT
js
www.googletagmanager.com/gtag/ 		240 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-J8F7TKSJKP
Requested by
Host: adfoc.us
URL: http://adfoc.us/serve/?id=68071792570683
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1c30d5a0fabd7448cbbc2c8f971d0774c7cba430b1f887d777d7346a44bcfe03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://adfoc.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 23:16:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85297
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 11 Feb 2024 23:16:39 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9854779124424507
Requested by
Host: adfoc.us
URL: http://adfoc.us/serve/?id=68071792570683
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a095e01010d85b47c674b04244032adabc5b8214459ef275b963c1500feefc26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://adfoc.us/
Origin
http://adfoc.us
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 23:16:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51266
x-xss-protection
0
server
cafe
etag
8644537069443745644
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sun, 11 Feb 2024 23:16:39 GMT
HwWdTWQ.png
i.imgur.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/HwWdTWQ.png
Requested by
Host: adfoc.us
URL: http://adfoc.us/serve/?id=68071792570683
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.36.193 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
d445189ae78dbe5660070df11ed954f1bdf532428eba6f1fcf34a51281a46a70
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://adfoc.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 23:16:39 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD89-P1
age
1068501
x-cache
Miss from cloudfront, HIT
content-length
3648
x-served-by
cache-iad-kcgs7200144-IAD
last-modified
Sun, 08 Aug 2021 17:47:47 GMT
server
cat factory 1.0
x-timer
S1707693400.508697,VS0,VE2
etag
"721d8b9379c7dbfb932a52ca59ee160b"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
11k4iSt9zvKgzlls8XGtVbWLqscLk7AtP2euswrSdE9YWzLshSmZ9A==
x-cache-hits
1
akCDAH0.png
i.imgur.com/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/akCDAH0.png
Requested by
Host: adfoc.us
URL: http://adfoc.us/serve/?id=68071792570683
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.36.193 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
7d68f7060a450edcdd1b616c0f10348c5560714ed66dd8209f566af42b413c91
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://adfoc.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 23:16:39 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD55-P2
age
1682121
x-cache
Miss from cloudfront, HIT
content-length
9304
x-served-by
cache-iad-kcgs7200144-IAD
last-modified
Tue, 05 Nov 2019 22:29:54 GMT
server
cat factory 1.0
x-timer
S1707693400.508684,VS0,VE17
etag
"49ea7b9a6fcd466267838aff1d01b013"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
FOwA0YGCWvOiSavjwuNzx6XIazrk6UDQit7p4KDS4PoBdLElrNWCKw==
x-cache-hits
1
5e7d05c2_skip.png
adfoc.us/uploads/users/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://adfoc.us/uploads/users/5e7d05c2_skip.png
Requested by
Host: adfoc.us
URL: http://adfoc.us/serve/?id=68071792570683
Protocol
HTTP/1.1
Server
2606:4700:20::ac43:4a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a76ab027d5d90fc1dba969f3162cd74cecbcf41404b9730b8bb8ac5a33d25387
Security Headers
Name Value
Strict-Transport-Security max-age=0;

Request headers

accept-language
en-US,en;q=0.9
Referer
http://adfoc.us/serve/?id=68071792570683
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Sun, 11 Feb 2024 23:16:39 GMT
Strict-Transport-Security
max-age=0;
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1045
Connection
keep-alive
Content-Length
2347
Last-Modified
Tue, 21 Sep 2021 08:18:00 GMT
Server
cloudflare
ETag
"61499538-92b"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MpNIVCSicKslYNLE5nYCzhuGmjAV2qDPsgCoib9kIVeP09YxsP%2Fpit%2F8yL1Jcx16a3R9z7QRrO2%2BxhhBVUGWbMRbrQGKS3YoQhu2BYq2b3LsEaH7DGOoCLje9Csoca32kVWKp00J"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=3600
Accept-Ranges
bytes
CF-RAY
85404d02aa8cc411-EWR
interstitial.js
adfoc.us/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://adfoc.us/js/interstitial.js
Requested by
Host: adfoc.us
URL: http://adfoc.us/serve/?id=68071792570683
Protocol
HTTP/1.1
Server
2606:4700:20::ac43:4a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
453e2b757d975f8e689e82a248c0dc0361e3c973de3d6536499f929ca514d1fa
Security Headers
Name Value
Strict-Transport-Security max-age=0;

Request headers

accept-language
en-US,en;q=0.9
Referer
http://adfoc.us/serve/?id=68071792570683
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Sun, 11 Feb 2024 23:16:39 GMT
Strict-Transport-Security
max-age=0;
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2393
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Fri, 20 Mar 2020 18:50:40 GMT
Server
cloudflare
ETag
W/"5e751080-100e"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rgep1Kjp11eIN38gjRwUOaEa3STlS2Ka%2BbkYgWHyQh1YTnfqr%2F4g9ZP5mr%2F0EeFsEp3omJfU%2FirodkYP0pAsC7Sv7r96uCp34T11JcxJiz%2BoJrwT1JrFrv2uNIFbzrL4fP3Qkyqh"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=3600
CF-RAY
85404d031a6c6a55-EWR
/
bestmusicfileapps.com/NLP1/ Frame 6739
Redirect Chain
  • https://click.bounceads.net/click.php?ID=adfcs1&sub=adfcs1&subid=680717
  • https://bestmusicfileapps.com/NLP1/?source=adfcs1&click=6331b848d561d0f1de0c9e6dbfb451b0&filename=Setup.exe
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bestmusicfileapps.com/NLP1/?source=adfcs1&click=6331b848d561d0f1de0c9e6dbfb451b0&filename=Setup.exe
Requested by
Host: adfoc.us
URL: http://adfoc.us/serve/?id=68071792570683
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
1d161414b7a2565ef2aad2c91454cd794079728e46467862bd63dea86e9dab1b

Request headers

Referer
http://adfoc.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
85404d055c8f42b8-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 11 Feb 2024 23:16:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BHXemnFKfq4ZWT9nR62m%2FK5Vf7g1sUPSoVkwTcySSVTjh0l3wkYBKL6kAAEN8Nv3gfWjt0zxtH8czCqUZvvzkpvXhBlsnvn9S%2Ff4FP4FqFtbkyOeeK4JW7I9BBTPXUS7UpwFzBOROQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
85404d03b8a16991-PHL
content-type
text/html; charset=UTF-8
date
Sun, 11 Feb 2024 23:16:39 GMT
location
https://bestmusicfileapps.com/NLP1/?source=adfcs1&click=6331b848d561d0f1de0c9e6dbfb451b0&filename=Setup.exe
server
cloudflare
collect
www.google-analytics.com/g/ 		0
165 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-J8F7TKSJKP&gtm=45je4270v9125519291za200&_p=1707693399434&gcd=13l3l3l3l1&npa=0&dma=0&cid=1069304413.1707693400&ul=en-us&sr=1600x1200&pscdl=noapi&_s=1&sid=1707693399&sct=1&seg=0&dl=http%3A%2F%2Fadfoc.us%2Fserve%2F%3Fid%3D68071792570683&dt=AdFoc.us&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=716
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J8F7TKSJKP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
http://adfoc.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Feb 2024 23:16:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://adfoc.us
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		192 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-207987135-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J8F7TKSJKP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3d25a36098d26620b29a8cd7e678a79790eb37c95a15c424644496a02667bec7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://adfoc.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 23:16:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70712
x-xss-protection
0
last-modified
Sun, 11 Feb 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 11 Feb 2024 23:16:39 GMT
credit
adfoc.us/serve/ 		0
762 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://adfoc.us/serve/credit
Requested by
Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
Protocol
HTTP/1.1
Server
2606:4700:20::ac43:4a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0;

Request headers

Accept
*/*
Referer
http://adfoc.us/serve/?id=68071792570683
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 11 Feb 2024 23:16:39 GMT
Strict-Transport-Security
max-age=0;
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6YCRptnMJt13euzHRk2zgS4fHLIoBRMQeD6k1X5iy5G%2B1hqw6zdyOEFBEMJuN1n0PoeFAKD3uTEjnIVcO32MsimOGoJRE%2BQOb8JJPI3F3wdJS8VgYhVLMKXWIsXMbh5gPzkwXRC7"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
CF-RAY
85404d03db576a55-EWR
Expires
Thu, 19 Nov 1981 08:52:00 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401310101/ 		406 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401310101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9854779124424507
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
142a96730cd43a27ddbc20a16dcbf0d7e0d1708e2395db4674a2989466454de1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://adfoc.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 23:16:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140857
x-xss-protection
0
server
cafe
etag
16420315178574853866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Feb 2024 23:16:39 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240207/r20190131/ Frame 17A8 		9 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240207/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9854779124424507
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://adfoc.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
18459
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 11 Feb 2024 18:09:00 GMT
etag
3890843268177463596
expires
Sun, 25 Feb 2024 18:09:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		230 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VLFLGFN55V&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-207987135-1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2e61ca26a0a59e4f7172a5004dc4381d9f9c4d544f71fc3422d69f18891618a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://adfoc.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 23:16:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83036
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 11 Feb 2024 23:16:39 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-207987135-1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://adfoc.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 11 Feb 2024 22:06:18 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4221
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 12 Feb 2024 00:06:18 GMT
collect
www.google-analytics.com/j/ 		2 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1365026376&t=pageview&_s=1&dl=http%3A%2F%2Fadfoc.us%2Fserve%2F%3Fid%3D68071792570683&ul=en-us&de=UTF-8&dt=AdFoc.us&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=778032995&gjid=426818509&cid=1069304413.1707693400&tid=UA-207987135-1&_gid=1143114034.1707693400&_r=1&gtm=457e4270za200&gcd=13l3l3l3l1&dma=0&jsscut=1&z=2083434042
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://adfoc.us/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 11 Feb 2024 23:16:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://adfoc.us
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-VLFLGFN55V&gtm=45je4270v9130480928za200&_p=1707693399434&gcd=13l3l3l3l1&npa=0&dma=0&cid=1069304413.1707693400&ul=en-us&sr=1600x1200&pscdl=noapi&_eu=AAAI&_s=1&sid=1707693399&sct=1&seg=0&dl=http%3A%2F%2Fadfoc.us%2Fserve%2F%3Fid%3D68071792570683&dt=AdFoc.us&en=page_view&_fv=1&_ss=1&tfd=944
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VLFLGFN55V&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
http://adfoc.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Feb 2024 23:16:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://adfoc.us
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-207987135-1&cid=1069304413.1707693400&jid=778032995&gjid=426818509&_gid=1143114034.1707693400&_u=YADAAUAAAAAAACAAI~&z=520387408
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://adfoc.us/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 11 Feb 2024 23:16:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://adfoc.us
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 6A37 		603 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9854779124424507&output=html&adk=1812271804&adf=3025194257&lmt=1707693399&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x945_l%7C500x945_r&format=0x0&url=http%3A%2F%2Fadfoc.us%2Fserve%2F%3Fid%3D68071792570683&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&dt=1707693399688&bpp=3&bdt=393&idt=277&shv=r20240207&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1148323566941&frm=20&pv=2&ga_vid=1069304413.1707693400&ga_sid=1707693400&ga_hid=1365026376&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31080797%2C31081025%2C31081034%2C44795921%2C44809531%2C95324581%2C95324155%2C95324160%2C21065724&oid=2&pvsid=4469543271401873&tmod=1941499450&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=295
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401310101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://adfoc.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 11 Feb 2024 23:16:40 GMT
expires
Sun, 11 Feb 2024 23:16:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dl.min.js
javascriptcdnlive.com/ Frame 6739 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://javascriptcdnlive.com/dl.min.js
Requested by
Host: bestmusicfileapps.com
URL: https://bestmusicfileapps.com/NLP1/?source=adfcs1&click=6331b848d561d0f1de0c9e6dbfb451b0&filename=Setup.exe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f878295a13ab9f922ba046207c3cb9da598d0e00cca7d488ef0cd15fc866c574

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bestmusicfileapps.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 23:16:40 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=alYxTd5DTLVF4tOn8Zd2oGo9wtmrAguBrOiHN8BGE76XnqL6OaAZfj1yrzGt3K4oYj7Vc87wPOx72mbw8VQrxDGm2JQBOpPDJtFfqj%2B1FBoo%2FI3xKuMk0DINvMxqaI%2F1Yi5RbpHKng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
85404d07db244400-EWR
css2
fonts.googleapis.com/ Frame 6739 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400&display=swap
Requested by
Host: bestmusicfileapps.com
URL: https://bestmusicfileapps.com/NLP1/?source=adfcs1&click=6331b848d561d0f1de0c9e6dbfb451b0&filename=Setup.exe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8bd8a746efd5972536245f2f2c6e4213360405be048112ee66e3a2612edb43bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bestmusicfileapps.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 11 Feb 2024 23:16:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 11 Feb 2024 23:16:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 11 Feb 2024 23:16:40 GMT
steps.png
bestmusicfileapps.com/NLP1/img/ Frame 6739 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bestmusicfileapps.com/NLP1/img/steps.png
Requested by
Host: bestmusicfileapps.com
URL: https://bestmusicfileapps.com/NLP1/?source=adfcs1&click=6331b848d561d0f1de0c9e6dbfb451b0&filename=Setup.exe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
a895c9befb38c055f1342e615480cbd29c82421c04afc2e8428d962eb8b91b05

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bestmusicfileapps.com/NLP1/?source=adfcs1&click=6331b848d561d0f1de0c9e6dbfb451b0&filename=Setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 23:16:40 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 05 Oct 2023 21:54:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
etag
"4fee-606ff2c99ef97"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nX9Zf1bsUzDK8krbRCbZBcMdYyqTwCrSmDHl%2BmuJwpdXhyl0CAbqhITVxOxjrKfVQ2I4zIyS235g7hEpkMQraHBGvnab1qrJV42s5i0DfYNAccOo8R9aAGr5Yxkgu8e4BR9z9ycEnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cf-ray
85404d067dc442b8-EWR
content-length
20462
steps_.png
bestmusicfileapps.com/NLP1/img/ Frame 6739 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bestmusicfileapps.com/NLP1/img/steps_.png
Requested by
Host: bestmusicfileapps.com
URL: https://bestmusicfileapps.com/NLP1/?source=adfcs1&click=6331b848d561d0f1de0c9e6dbfb451b0&filename=Setup.exe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
1f0e737701f4d8318802a742ae518602eca202f24107dccd74965889385d72d8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bestmusicfileapps.com/NLP1/?source=adfcs1&click=6331b848d561d0f1de0c9e6dbfb451b0&filename=Setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 23:16:40 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 05 Oct 2023 21:54:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
etag
"53f1-606ff2cc1325f"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C8vxfZiHFqZwKGRJTSn1Xnw7i56nhRn%2Bad3klFuwgm6DxY%2B3bQqs0URbrJMMhdo7VbcTLJWO%2FTWwI7cXzeyhen3Ek1MgnpsR48dYdc8kEji6dT2n8cY%2Fm61rqa75ixa2%2FNRlHWqFLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cf-ray
85404d067dc642b8-EWR
content-length
21489
array.js
app.posthog.com/static/ Frame 6739 		121 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.posthog.com/static/array.js
Requested by
Host: bestmusicfileapps.com
URL: https://bestmusicfileapps.com/NLP1/?source=adfcs1&click=6331b848d561d0f1de0c9e6dbfb451b0&filename=Setup.exe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2832 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bb9af52d03cd54d73a631f0381e862b769d2a117274cd8352f458536f7c1ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bestmusicfileapps.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 23:16:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
202
referrer-policy
same-origin
last-modified
Sun, 11 Feb 2024 19:49:42 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"65c924d6-1e5c4"
x-frame-options
SAMEORIGIN
vary
Cookie, Accept-Encoding
content-type
text/javascript; charset="utf-8"
access-control-allow-origin
*
cache-control
public, max-age=300
cf-ray
85404d09ae564350-EWR
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ Frame 6739 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bestmusicfileapps.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 00:18:32 GMT
x-content-type-options
nosniff
age
255488
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 08 Feb 2025 00:18:32 GMT
/
app.posthog.com/e/ Frame 6739 		13 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.posthog.com/e/?ip=1&_=1707693400664&ver=1.105.7
Requested by
Host: app.posthog.com
URL: https://app.posthog.com/static/array.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2832 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://bestmusicfileapps.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sun, 11 Feb 2024 23:16:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
same-origin
cf-cache-status
DYNAMIC
server
cloudflare
cross-origin-opener-policy
same-origin
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://bestmusicfileapps.com
access-control-allow-credentials
true
cf-ray
85404d0a4eb74350-EWR
access-control-allow-headers
X-Requested-With,Content-Type
/
app.posthog.com/decide/ Frame 6739 		444 B
485 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.posthog.com/decide/?v=3&ip=1&_=1707693400666&ver=1.105.7
Requested by
Host: app.posthog.com
URL: https://app.posthog.com/static/array.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2832 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a886dd7cebaba694929aa52c831814230430d460d4a844de9f094b223d5d63f7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://bestmusicfileapps.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sun, 11 Feb 2024 23:16:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
same-origin
cf-cache-status
DYNAMIC
server
cloudflare
cross-origin-opener-policy
same-origin
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://bestmusicfileapps.com
access-control-allow-credentials
true
cf-ray
85404d0a4eb94350-EWR
access-control-allow-headers
X-Requested-With,Content-Type
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401310101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
092399419b1f06ba265af759d95be5ad0409b27c7fdd847058c16188f62cab53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://adfoc.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 23:16:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12162
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401310101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://adfoc.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 23:16:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 11 Feb 2024 23:16:40 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CE07 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://adfoc.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
11213
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 11 Feb 2024 20:09:48 GMT
expires
Mon, 10 Feb 2025 20:09:48 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C5BE 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
dbe2e71343052ed2153c1756178012891027af3be10c111ad583698623081922
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-y1dtauukNFpgyPjOhati6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://adfoc.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-y1dtauukNFpgyPjOhati6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 11 Feb 2024 23:16:41 GMT
expires
Sun, 11 Feb 2024 23:16:41 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js
pagead2.googlesyndication.com/bg/ Frame CE07 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 20:06:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
11385
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15173
x-xss-protection
0
last-modified
Mon, 05 Feb 2024 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 10 Feb 2025 20:06:56 GMT
generate_204
tpc.googlesyndication.com/ Frame CE07 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?IjqdJA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 23:16:41 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame C5BE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240207&jk=4469543271401873&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240207&jk=4469543271401873&bg=!v7ylvPPNAAaxkZ3akZE7ADQBe5WfODYeVpzFsVKGJIcQhFSq-YAsladYX8w0j5r5faxdW5DnuQrsE6p5yswQJkNUrU2yAgAAAD9SAAAAAmgBB5kCs5KtwdacbwVBqtKjRRvFZ_dGpHcD2gODE-V_WFTHp6OfON2L3W7CtY-U8RrzV8G3aHiTjUhOoWb0JiaTGlWyVxBcE_ySJ_ggPhXRY9x9pY3isOGCBh1ek7ybkhFVCX1sC3I3D4KfclQ5LG3pv3ZcPNhqrohsBN1LISnIz6M0qteoyVvsQJ3rm7gfyzeGR636_5LBHzmsEQrDrwuP8Ly7NiafdFld4PlS9_XrscNnv11YZOpkIjJ5KGPO_pdwpWH-JUHWYnJZtDeIMYsHZz4BbSS2nc0BkghoSxqYkKvMi2iV_93CrAinx8eohvV_qpB2HSkgid5ZZZR3xseZIxFx5lwaX83dmSWkeXUlpaLilPOSb3yVqguZscOACEBQGr7whuoR7XppuX7xEezh6gWPJ84r5bqpdyntRRSBcwyXTNibkV0oRB0hotJpusgZvq-NBgOGFFidf5LmQaqNMpfw4E5Gjh-VgCzwRoRzJ3ULg2kJjlXDfSdrDIKj5BhDmFwriW0EM0gCb0pGEUOonZuMnKC-lUGha1rD6JI1S0tQYCWwKkVVtY9OwXANBBaoQQX-1rxVjqGWrg0wRt_XxA6MNkdL_LigOwReznQLsSSdkLZAfaOQpoNkYgtph5DXeiDC7gEpO31meJoTCh6bTj8T0fqxqEBitqcicDP6RPLBN4AtjSQM4HhpwJBsQShopW0fVpeJtPjSN9tYveO5nlGIe_IaFdPr4jw8FLRAabrNPn-8xJweg2EnIHG6kqqmJLAK7xDMm7xpUTFJZqmyK2SBBKV_EcUSxI9qU7cirtEYREe6ZW7uwLRa9QalAMUvLv3_T-tw5IPLYlvPCFxvU4TTOm6dVivQ73nywQskwn_ULVKoDfz_7LW_sEf0l5jQCGzsahhX5F3IF1AGSIqUPB0PiR-1wpA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
http://adfoc.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 undefined| $ function| jQuery function| gtag object| dataLayer string| ad_url string| ref_url string| payout_rate string| click_url boolean| preview number| count number| counter function| timer function| showClose object| google_tag_manager object| google_tag_data object| gaGlobal function| $jQuery object| jQuery18208001856214140632 string| key object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| GoogleAnalyticsObject function| ga object| gaplugins object| gaData function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

7 Cookies

Domain/Path Name / Value
adfoc.us/ Name: phpsessionname
Value: u3859hra5e7k2aib56b6avpj91
.adfoc.us/ Name: _ga_J8F7TKSJKP
Value: GS1.1.1707693399.1.0.1707693399.0.0.0
.adfoc.us/ Name: _gid
Value: GA1.2.1143114034.1707693400
.adfoc.us/ Name: _gat_gtag_UA_207987135_1
Value: 1
.adfoc.us/ Name: _ga_VLFLGFN55V
Value: GS1.1.1707693399.1.0.1707693399.0.0.0
.adfoc.us/ Name: _ga
Value: GA1.1.1069304413.1707693400
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

1 Console Messages

Source Level URL
Text
other warning URL: http://adfoc.us/serve/?id=68071792570683
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adfoc.us
ajax.googleapis.com
app.posthog.com
bestmusicfileapps.com
click.bounceads.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.imgur.com
javascriptcdnlive.com
pagead2.googlesyndication.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
104.18.35.189
104.26.11.198
146.75.36.193
172.67.69.96
2606:4700:10::ac43:2832
2606:4700:20::ac43:4a55
2607:f8b0:4004:c09::9b
2607:f8b0:4006:809::200e
2607:f8b0:4006:80b::2002
2607:f8b0:4006:80f::2004
2607:f8b0:4006:816::2001
2607:f8b0:4006:816::200a
2607:f8b0:4006:817::2002
2607:f8b0:4006:81d::2003
2607:f8b0:4006:820::2008
2607:f8b0:4006:820::200a
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
092399419b1f06ba265af759d95be5ad0409b27c7fdd847058c16188f62cab53
0bb9af52d03cd54d73a631f0381e862b769d2a117274cd8352f458536f7c1ebc
142a96730cd43a27ddbc20a16dcbf0d7e0d1708e2395db4674a2989466454de1
1c30d5a0fabd7448cbbc2c8f971d0774c7cba430b1f887d777d7346a44bcfe03
1d161414b7a2565ef2aad2c91454cd794079728e46467862bd63dea86e9dab1b
1f0e737701f4d8318802a742ae518602eca202f24107dccd74965889385d72d8
2e61ca26a0a59e4f7172a5004dc4381d9f9c4d544f71fc3422d69f18891618a6
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3d25a36098d26620b29a8cd7e678a79790eb37c95a15c424644496a02667bec7
453e2b757d975f8e689e82a248c0dc0361e3c973de3d6536499f929ca514d1fa
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56
7d68f7060a450edcdd1b616c0f10348c5560714ed66dd8209f566af42b413c91
8bd8a746efd5972536245f2f2c6e4213360405be048112ee66e3a2612edb43bf
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
a095e01010d85b47c674b04244032adabc5b8214459ef275b963c1500feefc26
a76ab027d5d90fc1dba969f3162cd74cecbcf41404b9730b8bb8ac5a33d25387
a886dd7cebaba694929aa52c831814230430d460d4a844de9f094b223d5d63f7
a895c9befb38c055f1342e615480cbd29c82421c04afc2e8428d962eb8b91b05
b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6
c438081c822b6f49c933f81f464f9784358cb7cd1e4bd2c61c240765d3428d7a
d445189ae78dbe5660070df11ed954f1bdf532428eba6f1fcf34a51281a46a70
dbe2e71343052ed2153c1756178012891027af3be10c111ad583698623081922
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
f878295a13ab9f922ba046207c3cb9da598d0e00cca7d488ef0cd15fc866c574