utilitybillsservices.com Open in urlscan Pro
2606:4700:3033::ac43:c43c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://risu.io/Cki0P
Effective URL:
https://utilitybillsservices.com/?s1=352188&s2=1239122226&s3=7443&s5=&s6=&s7=&s4=1
Submission: On October 11 via manual (October 11th 2024, 11:27:43 am UTC) from US — Scanned from US

Summary HTTP 52 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 16 IPs in 2 countries across 10 domains to perform 52 HTTP transactions. The main IP is 2606:4700:3033::ac43:c43c, located in United States and belongs to CLOUDFLARENET, US. The main domain is utilitybillsservices.com.
TLS certificate: Issued by WE1 on September 6th 2024. Valid for: 3 months.

This is the only time utilitybillsservices.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 7	2606:4700:310... 2606:4700:3108::ac42:2afe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4f49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.98.102.251 34.98.102.251	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2607:f8b0:400... 2607:f8b0:4004:c19::61	15169 (GOOGLE) (GOOGLE)
1 4	2607:f8b0:400... 2607:f8b0:400d:c0b::65	15169 (GOOGLE) (GOOGLE)
1	31.222.255.6 31.222.255.6	49392 (ASBAXETN) (ASBAXETN)
1	2607:f8b0:400... 2607:f8b0:400d:c04::8b	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c1b::9d	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c0b::9d	15169 (GOOGLE) (GOOGLE)
1 24	2606:4700:303... 2606:4700:3033::ac43:c43c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4004:c0b::5f	15169 (GOOGLE) (GOOGLE)
1	3.166.192.81 3.166.192.81	16509 (AMAZON-02) (AMAZON-02)
2	3.227.99.211 3.227.99.211	14618 (AMAZON-AES) (AMAZON-AES)
1	3.166.192.44 3.166.192.44	16509 (AMAZON-02) (AMAZON-02)
1	13.249.91.120 13.249.91.120	16509 (AMAZON-02) (AMAZON-02)
4	54.85.103.82 54.85.103.82	14618 (AMAZON-AES) (AMAZON-AES)
52	16

7 2606:4700:3108::ac42:2afe (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

risu.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.102.251 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 251.102.98.34.bc.googleusercontent.com

assets.risu.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c19::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:400d:c0b::65 (Morganton, United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.222.255.6 (Seychelles)

ASN49392 (ASBAXETN, RU)

inclinecliff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c04::8b (Morganton, United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1b::9d (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c0b::9d (Morganton, United States)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2606:4700:3033::ac43:c43c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

utilitybillsservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c0b::5f (Washington, United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.166.192.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-166-192-81.phl51.r.cloudfront.net

api.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.227.99.211 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-227-99-211.compute-1.amazonaws.com

trc.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.166.192.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-166-192-44.phl51.r.cloudfront.net

api.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.249.91.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-91-120.jfk52.r.cloudfront.net

cdn.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.85.103.82 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-103-82.compute-1.amazonaws.com

psp.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	utilitybillsservices.com 1 redirects utilitybillsservices.com	6 MB
9	pushnami.com api.pushnami.com — Cisco Umbrella Rank: 9642 trc.pushnami.com — Cisco Umbrella Rank: 10338 cdn.pushnami.com — Cisco Umbrella Rank: 16416 psp.pushnami.com — Cisco Umbrella Rank: 22665	354 KB
9	risu.io 1 redirects risu.io assets.risu.io	15 KB
4	google-analytics.com 1 redirects www.google-analytics.com — Cisco Umbrella Rank: 34	22 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	274 KB
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 136 td.doubleclick.net — Cisco Umbrella Rank: 192	548 B
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 412	33 KB
1	google.com analytics.google.com — Cisco Umbrella Rank: 147
1	inclinecliff.com inclinecliff.com	579 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 683	7 KB
52	10

	Domain	Requested by
24	utilitybillsservices.com	1 redirects inclinecliff.com utilitybillsservices.com
7	risu.io	1 redirects risu.io static.cloudflareinsights.com
4	psp.pushnami.com	cdn.pushnami.com api.pushnami.com
4	www.google-analytics.com	1 redirects www.googletagmanager.com www.google-analytics.com
3	www.googletagmanager.com	risu.io www.googletagmanager.com www.google-analytics.com
2	trc.pushnami.com	api.pushnami.com
2	api.pushnami.com	utilitybillsservices.com api.pushnami.com
2	assets.risu.io	risu.io
1	cdn.pushnami.com	api.pushnami.com
1	ajax.googleapis.com	utilitybillsservices.com
1	td.doubleclick.net	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	inclinecliff.com	assets.risu.io
1	static.cloudflareinsights.com	risu.io
52	15

This site contains links to these domains. Also see Links.

Domain
web.willowpays.com

Subject Issuer	Validity	Valid
risu.io WE1	`2024-08-18` - `2024-11-16`	3 months	crt.sh
cloudflareinsights.com WE1	`2024-09-03` - `2024-12-02`	3 months	crt.sh
assets.risu.io WR3	`2024-09-19` - `2024-12-18`	3 months	crt.sh
*.google-analytics.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
inclinecliff.com R11	`2024-08-25` - `2024-11-23`	3 months	crt.sh
*.google.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.doubleclick.net WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
utilitybillsservices.com WE1	`2024-09-06` - `2024-12-05`	3 months	crt.sh
upload.video.google.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.pushnami.com Amazon RSA 2048 M02	`2024-02-03` - `2025-03-03`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://utilitybillsservices.com/?s1=352188&s2=1239122226&s3=7443&s5=&s6=&s7=&s4=1
Frame ID: D7368AB13048CC9DA95F6C4877FA9B9B
Requests: 42 HTTP requests in this frame

Frame: https://risu.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js
Frame ID: CDEB82BD7DCFCB1E5D074BD67F933E17
Requests: 3 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-ZH634PL121&gacid=1447825405.1728646055&gtm=45je4a90v9134562597za200&dma=0&gcd=13l3l3l3l2l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101671035~101686685&z=954251618
Frame ID: 4421E460BFA64B683276FDA05A174A06
Requests: 1 HTTP requests in this frame

Frame: https://utilitybillsservices.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js
Frame ID: 0B426AF647C378FA8D27DBF7F332BCD4
Requests: 2 HTTP requests in this frame

Frame: https://api.pushnami.com/scripts/v1/hub
Frame ID: 4DAF9317DF63FD41F73A9F548EDB2303
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Willow Pays

Page URL History Show full URLs

https://risu.io/Cki0P Page URL
https://inclinecliff.com/0/0/0/50ee73fa0b9b417c3fbc116e8f759435 Page URL
https://utilitybillsservices.com/?s1=352188&s2=1239122226&s3=7443&s5=&s6=&s7=&s4=1 Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Ahoy (Analytics) Expand

Overall confidence: 100%
Detected patterns

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Pushnami (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

api\.pushnami\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

52
Requests

94 %
HTTPS

56 %
IPv6

10
Domains

15
Subdomains

16
IPs

2
Countries

6379 kB
Transfer

7240 kB
Size

14
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://web.willowpays.com/?var1=352188&var2=1239122226&var3=7443&var4=1&var5=82396%7C59667%7C22927
Title: Let Willow Pay Today

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://risu.io/Cki0P Page URL
https://inclinecliff.com/0/0/0/50ee73fa0b9b417c3fbc116e8f759435 Page URL
https://utilitybillsservices.com/?s1=352188&s2=1239122226&s3=7443&s5=&s6=&s7=&s4=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://risu.io/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://risu.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js

Request Chain 13

https://www.google-analytics.com/g/collect?v=2&tid=G-H814P3QJ03&gtm=45je4a90v883701885z8812733088za200zb812733088&_p=1728646054957&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101671035~101686685&cid=1447825405.1728646055&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1728646055&sct=1&seg=0&dl=https%3A%2F%2Frisu.io%2FCki0P&dt=%E7%9F%AD%E7%B6%B2%E5%9D%80%E3%80%82%E8%A1%8C%E9%8A%B7%E3%80%82%E5%88%86%E6%9E%90%20-%20Risu.io&en=page_view&_fv=1&_nsi=1&_ss=1&_c=1&tfd=1624 HTTP 302
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1447825405.1728646055&dbk=17523738458366535002&dma=0&en=page_view&gtm=45je4a90v883701885z8812733088za200zb812733088&npa=0&tid=G-H814P3QJ03&dl=https%3A%2F%2Frisu.io%3F

Request Chain 40

https://utilitybillsservices.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://utilitybillsservices.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js

52 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Cki0P Show response
risu.io/ 5 KB
3 KB 1022ms
801ms Document
text/html 2606:4700:3108::ac42:2afe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://risu.io/Cki0P

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06c268756582b4fdb9bc05d7ef93fde94ca04617b9098aa746744a4d4c3cb8c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8d0e806d8fd26991-PHL
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 11 Oct 2024 11:27:34 GMT
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
server-timing: cfCacheStatus;desc="DYNAMIC"
vary: Accept-Encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: d95ffbd0-e5a0-43ff-9b2f-4fbf16f8a003
x-runtime: 0.032672
x-xss-protection: 1; mode=block

GET
H3 200 rocket-loader.min.js Show response
risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 32ms
30ms Script
application/javascript 2606:4700:3108::ac42:2afe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: risu.io
URL: https://risu.io/Cki0P

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://risu.io/Cki0P

Response headers

cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"67055fd4-302c"
x-content-type-options: nosniff
cf-ray: 8d0e80729e7d6991-PHL
expires: Sun, 13 Oct 2024 11:27:34 GMT
date: Fri, 11 Oct 2024 11:27:34 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2024 16:37:40 GMT
vary: Accept-Encoding
server: cloudflare
x-frame-options: DENY

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 146ms
51ms Script
text/javascript 2606:4700::6810:4f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: risu.io
URL: https://risu.io/Cki0P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://risu.io
Referer: https://risu.io/

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2024.6.1"
cross-origin-resource-policy: cross-origin
cf-ray: 8d0e80733d0143f9-EWR
access-control-allow-origin: *
date: Fri, 11 Oct 2024 11:27:34 GMT
content-type: text/javascript;charset=UTF-8
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 url_redirect-783f9e05338a4e26293395677999bbd16ece44428d5985ca2fc9986dd01694b8.js
assets.risu.io/assets/ 95 B
190 B 403ms
216ms Script
application/javascript 34.98.102.251
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.risu.io/assets/url_redirect-783f9e05338a4e26293395677999bbd16ece44428d5985ca2fc9986dd01694b8.js
Requested by: Host: risu.io
URL: https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.102.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 251.102.98.34.bc.googleusercontent.com
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://risu.io/

Response headers

cache-control: public,max-age=3600
content-encoding: gzip
age: 18550
via: 1.1 google
access-control-allow-origin: https://risu.io
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94
date: Fri, 11 Oct 2024 06:18:25 GMT
last-modified: Sat, 17 Feb 2024 07:03:57 GMT
content-type: application/javascript
server: nginx
vary: Accept-Encoding

GET
H3

200

main.js Show response
risu.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/ Frame CDEB
Redirect Chain

https://risu.io/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://risu.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js?

8 KB
4 KB

40ms
39ms

Script
application/javascript

2606:4700:3108::ac42:2afe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://risu.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js?

Protocol

Server

2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a3660303bb5ece3c13652f810df646adf805c4c68897e807e491b7d30704415

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding: br
x-content-type-options: nosniff
cf-ray: 8d0e8073dff36991-PHL
alt-svc: h3=":443"; ma=86400
date: Fri, 11 Oct 2024 11:27:35 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare

Redirect headers

cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js?
cf-ray: 8d0e80738f9f6991-PHL
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 11 Oct 2024 11:27:34 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 222 KB
80 KB 185ms
59ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MR8WJDJ

Requested by

Host: risu.io
URL: https://risu.io/Cki0P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1d9a6f8e75e44329895e57e783f80642e82270800eb7bccf652b35dd6109cec1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://risu.io/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Fri, 11 Oct 2024 11:27:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 11 Oct 2024 11:27:35 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 11 Oct 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 80933
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 logo-140d23c26269417067ca5c36ad591e3a13da19b3854209bc82ea477cc54e9986.png
assets.risu.io/assets/ 2 KB
2 KB 106ms
33ms Other
image/png 34.98.102.251
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.risu.io/assets/logo-140d23c26269417067ca5c36ad591e3a13da19b3854209bc82ea477cc54e9986.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.102.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 251.102.98.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 140d23c26269417067ca5c36ad591e3a13da19b3854209bc82ea477cc54e9986

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://risu.io/

Response headers

cache-control: public,max-age=3600
age: 61080
via: 1.1 google
access-control-allow-origin: https://risu.io
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1954
date: Thu, 10 Oct 2024 18:29:35 GMT
last-modified: Sat, 17 Feb 2024 07:03:57 GMT
content-type: image/png
server: nginx

POST
H3 200 8d0e806d8fd26991 Show response
risu.io/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame CDEB 0
658 B 51ms
43ms XHR
text/plain 2606:4700:3108::ac42:2afe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://risu.io/cdn-cgi/challenge-platform/h/b/jsd/r/8d0e806d8fd26991
Requested by: Host: risu.io
URL: https://risu.io/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

cf-ray: 8d0e8074c90d6991-PHL
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 11 Oct 2024 11:27:35 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare

GET
H2 200 js
www.googletagmanager.com/gtag/ 288 KB
99 KB 57ms
56ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H814P3QJ03&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MR8WJDJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://risu.io/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 11 Oct 2024 11:27:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 11 Oct 2024 11:27:35 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 101152
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.js
www.google-analytics.com/ 52 KB
21 KB 172ms
40ms Script
text/javascript 2607:f8b0:400d:c0b::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MR8WJDJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0b::65 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://risu.io/

Response headers

content-encoding: gzip
age: 3616
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Fri, 11 Oct 2024 12:27:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 11 Oct 2024 10:27:19 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H/1.1 200
OK 50ee73fa0b9b417c3fbc116e8f759435
inclinecliff.com/0/0/0/ 145 B
579 B 1155ms
551ms Document
text/html 31.222.255.6
ASBAXETN

General

Check archive.org

Show headers Download Go to

Full URL

https://inclinecliff.com/0/0/0/50ee73fa0b9b417c3fbc116e8f759435

Requested by

Host: assets.risu.io
URL: https://assets.risu.io/assets/url_redirect-783f9e05338a4e26293395677999bbd16ece44428d5985ca2fc9986dd01694b8.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

31.222.255.6 , Seychelles, ASN49392 (ASBAXETN, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 11 Oct 2024 11:27:36 GMT
server: nginx/1.12.2
strict-transport-security: max-age=16000000; includeSubDomains; preload;
transfer-encoding: chunked
vary: Accept-Encoding

POST
H3 200 8d0e806d8fd26991
risu.io/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame CDEB 0
658 B 50ms
44ms XHR
text/plain 2606:4700:3108::ac42:2afe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://risu.io/cdn-cgi/challenge-platform/h/b/jsd/r/8d0e806d8fd26991
Requested by: Host: risu.io
URL: https://risu.io/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

cf-ray: 8d0e8075fab06991-PHL
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 11 Oct 2024 11:27:35 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare

POST
H3 204 rum
risu.io/cdn-cgi/ 0
135 B 41ms
38ms XHR
text/plain 2606:4700:3108::ac42:2afe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://risu.io/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: application/json
Referer: https://risu.io/Cki0P

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
x-content-type-options: nosniff
cf-ray: 8d0e8075fabd6991-PHL
access-control-allow-origin: https://risu.io
date: Fri, 11 Oct 2024 11:27:35 GMT
vary: Origin
server: cloudflare
x-frame-options: DENY

GET
H2

204

https://www.google-analytics.com/g/collect?v=2&tid=G-H814P3QJ03&gtm=45je4a90v883701885z8812733088za200zb812733088&_p=1728646054957&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101671035~101686685&cid=14478...
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1447825405.1728646055&dbk=17523738458366535002&dma=0&en=page_view&gtm=45je4a90v883701885z8812733088za200zb812733088&npa...

0
0

65ms
65ms

Fetch
text/plain

2607:f8b0:400d:c0b::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1447825405.1728646055&dbk=17523738458366535002&dma=0&en=page_view&gtm=45je4a90v883701885z8812733088za200zb812733088&npa=0&tid=G-H814P3QJ03&dl=https%3A%2F%2Frisu.io%3F
Protocol: H2
Server: 2607:f8b0:400d:c0b::65 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://risu.io/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgnc:90:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgnc:90:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Fri, 11 Oct 2024 11:27:35 GMT
content-type: text/plain
server: Golfe2

Redirect headers

cache-control: no-cache, no-store, must-revalidate
location: https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1447825405.1728646055&dbk=17523738458366535002&dma=0&en=page_view&gtm=45je4a90v883701885z8812733088za200zb812733088&npa=0&tid=G-H814P3QJ03&dl=https%3A%2F%2Frisu.io%3F
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 473
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 11 Oct 2024 11:27:35 GMT
content-type: text/html; charset=UTF-8
server: Golfe2

POST
H2 200 collect
www.google-analytics.com/j/ 15 B
428 B 42ms
42ms XHR
text/plain 2607:f8b0:400d:c0b::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1223647447&t=pageview&_s=1&dl=https%3A%2F%2Frisu.io%2FCki0P&ul=en-us&de=UTF-8&dt=%E7%9F%AD%E7%B6%B2%E5%9D%80%E3%80%82%E8%A1%8C%E9%8A%B7%E3%80%82%E5%88%86%E6%9E%90%20-%20Risu.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=452836175&gjid=263437243&cid=1447825405.1728646055&tid=UA-146086888-1&_gid=2031445649.1728646055&_r=1&_slc=1&gtm=45He4a90n81MR8WJDJv812733088za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&z=493503704

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0b::65 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://risu.io/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 11 Oct 2024 11:27:35 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://risu.io
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 15
server: Golfe2

GET
H3 200 js
www.googletagmanager.com/gtag/ 272 KB
96 KB 63ms
63ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZH634PL121&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://risu.io/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 11 Oct 2024 11:27:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 11 Oct 2024 11:27:35 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 97832
x-xss-protection: 0
server: Google Tag Manager

POST
H2 204 collect
analytics.google.com/g/ 0
0 261ms
99ms Fetch
text/plain 2607:f8b0:400d:c04::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-ZH634PL121&gtm=45je4a90v9134562597za200&_p=1728646054957&_gaz=1&gcd=13l3l3l3l2l1&npa=0&dma=0&tag_exp=101671035~101686685&ul=en-us&sr=1600x1200&cid=1447825405.1728646055&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Frisu.io%2FCki0P&dt=%E7%9F%AD%E7%B6%B2%E5%9D%80%E3%80%82%E8%A1%8C%E9%8A%B7%E3%80%82%E5%88%86%E6%9E%90%20-%20Risu.io&sid=1728646055&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1905
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZH634PL121&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400d:c04::8b Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://risu.io/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://risu.io
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 11 Oct 2024 11:27:35 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
548 B 178ms
48ms Ping
text/plain 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ZH634PL121&cid=1447825405.1728646055&gtm=45je4a90v9134562597za200&aip=1&dma=0&gcd=13l3l3l3l2l1&npa=0&frm=0&tag_exp=101671035~101686685
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZH634PL121&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://risu.io/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://risu.io
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 11 Oct 2024 11:27:35 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 4421 0
0 174ms
60ms Document
text/html 2607:f8b0:400d:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-ZH634PL121&gacid=1447825405.1728646055&gtm=45je4a90v9134562597za200&dma=0&gcd=13l3l3l3l2l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101671035~101686685&z=954251618

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZH634PL121&cx=c&_slc=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0b::9d Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 11 Oct 2024 11:27:35 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 Primary Request / Show response
utilitybillsservices.com/ 11 KB
4 KB 710ms
430ms Document
text/html 2606:4700:3033::ac43:c43c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://utilitybillsservices.com/?s1=352188&s2=1239122226&s3=7443&s5=&s6=&s7=&s4=1

Requested by

Host: inclinecliff.com
URL: https://inclinecliff.com/0/0/0/50ee73fa0b9b417c3fbc116e8f759435

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:c43c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba83bede5179177a4c94a9e156758ea78d2ea702d969923b0fe22d616d294d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://inclinecliff.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8d0e807eaf65c34d-EWR
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Fri, 11 Oct 2024 11:27:37 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FCfZOLlSSOZRsgGX5ZVwEjXJPKuoF3L2m3HB8wpIAqOYLjn2kiunmx0l%2B8KebhZKeQoefl82PP9c5iyuw9JboWTKTdiuNT5ZN0iszGJ%2FcMaKq9s%2BIi7AmDVSNyoP85%2B4TdihNxPMq4UgszkhdggLDgxsJH4Xxrk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 speculation
utilitybillsservices.com/cdn-cgi/ 128 B
488 B 36ms
33ms Other
application/speculationrules+json 2606:4700:3033::ac43:c43c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utilitybillsservices.com/cdn-cgi/speculation
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c43c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://utilitybillsservices.com
Referer: https://utilitybillsservices.com/?s1=352188&s2=1239122226&s3=7443&s5=&s6=&s7=&s4=1

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QhxWNWq49q1hkPW%2F659KdELB46SS7bc4gA%2B9GEfbPbsZ4WcqDAp9oIcD0uxhNh06So7Z2fXyY8n1oZzHcxwRY3moK5BjwqfO34yCWs9O%2Fk3RHtWdbscEFlPmifh4%2FEiDv2NEY3Z5fVmu3YWyFoaOaN1CGXG%2FfKE%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d0e80815917c34d-EWR
access-control-allow-origin: https://utilitybillsservices.com
alt-svc: h3=":443"; ma=86400
content-length: 128
date: Fri, 11 Oct 2024 11:27:37 GMT
content-type: application/speculationrules+json
vary: Origin, Accept-Encoding
server: cloudflare

GET
H2 200 bootstrap.css
utilitybillsservices.com/assets/ 194 KB
28 KB 42ms
40ms Stylesheet
text/css 2606:4700:3033::ac43:c43c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://utilitybillsservices.com/assets/bootstrap.css

Requested by

Host: utilitybillsservices.com
URL: https://utilitybillsservices.com/?s1=352188&s2=1239122226&s3=7443&s5=&s6=&s7=&s4=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:c43c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fd7f15e18740cacae91badbd1ccb819e431cdb510d8af3eef4510083de2e733

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://utilitybillsservices.com/?s1=352188&s2=1239122226&s3=7443&s5=&s6=&s7=&s4=1

Response headers

content-encoding: zstd
cf-cache-status: HIT
age: 120536
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SsaYYmB9PiERc9KDAC%2Fx5O3zOEZwFT%2BZEzymvBDSh92F2Etr84FkwnD%2FuCw1q3NfC9Dzca%2Bb86nDaMyl7sqerlhNnKjFyCZYpuXvnZPqPoSFtCWqkWzI9Pze7nkvxACD%2Bm1PAxoGx1ppfAnM86E8GbuQrrgP7qE%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 17 Oct 2024 01:58:41 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 11 Oct 2024 11:27:37 GMT
content-type: text/css
last-modified: Wed, 10 Jul 2024 15:51:47 GMT
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d0e80815915c34d-EWR
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 common.css
utilitybillsservices.com/assets/ 4 KB
1 KB 53ms
51ms Stylesheet
text/css 2606:4700:3033::ac43:c43c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://utilitybillsservices.com/assets/common.css

Requested by

Host: utilitybillsservices.com
URL: https://utilitybillsservices.com/?s1=352188&s2=1239122226&s3=7443&s5=&s6=&s7=&s4=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:c43c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d610fcca767aac299e02cf3da944a295922181488d3ca72247aac2d353174fd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://utilitybillsservices.com/?s1=352188&s2=1239122226&s3=7443&s5=&s6=&s7=&s4=1

Response headers

content-encoding: zstd
cf-cache-status: HIT
age: 120536
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vmF24693ITBEProskQy5j2z03Yh9GrRRc7bH3Z6XaLUD4QM8TXviQR83knOJcpIvaG%2Bnha6cyXTIbxzuaoy84hJy2VDJZSmWnPS452yhGRnrgXr4d7CYeS5YaxqCbb12JLIrWHve%2Faav8oIcGWyMYuppaomGKWs%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 17 Oct 2024 01:58:41 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 11 Oct 2024 11:27:37 GMT
content-type: text/css
last-modified: Wed, 10 Jul 2024 15:51:47 GMT
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d0e80815916c34d-EWR
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ 90 KB
33 KB 158ms
45ms Script
text/javascript 2607:f8b0:4004:c0b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js

Requested by

Host: utilitybillsservices.com
URL: https://utilitybillsservices.com/?s1=352188&s2=1239122226&s3=7443&s5=&s6=&s7=&s4=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://utilitybillsservices.com/

Response headers

content-encoding: gzip
age: 269077
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options: nosniff
expires: Wed, 08 Oct 2025 08:43:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Oct 2024 08:43:00 GMT
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges: bytes
access-control-allow-origin: *
content-length: 33018
x-xss-protection: 0
server: sffe

GET
H2 200 msg_dynamic_lns.js Show response
utilitybillsservices.com/inc/ 464 B
666 B 53ms
52ms Script
application/javascript 2606:4700:3033::ac43:c43c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://utilitybillsservices.com/inc/msg_dynamic_lns.js

Requested by

Host: utilitybillsservices.com
URL: https://utilitybillsservices.com/?s1=352188&s2=1239122226&s3=7443&s5=&s6=&s7=&s4=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:c43c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f8c74add0b5905724d47f3de822f2f86ce7cdc6d37b29a7ba99689f920e3918

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://utilitybillsservices.com/?s1=352188&s2=1239122226&s3=7443&s5=&s6=&s7=&s4=1

Response headers

content-encoding: zstd
cf-cache-status: HIT
age: 120536
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v4p%2FpZn%2Fi%2BW0jIEXA3y%2Fz25f%2FvbgLTOYHbzzmOETZ94YWnAcEuC6E%2F5FrGlYyhetPIglQnucL1N1Zul3y1WUrGTRvfLORX5hg8BrLwxGcDvky9tUDriwHR0u4SgBpUPBgfl6Q04%2Bta8K0KoxDOLtrF5upzEbG6o%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 17 Oct 2024 01:58:41 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 11 Oct 2024 11:27:37 GMT
content-type: application/javascript
last-modified: Tue, 15 Nov 2022 20:30:07 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-frame-options: SAMEORIGIN
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d0e80815918c34d-EWR
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 wlogo.png
utilitybillsservices.com/assets/ 18 KB
18 KB 52ms
51ms Image
image/png 2606:4700:3033::ac43:c43c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://utilitybillsservices.com/assets/wlogo.png

Requested by

Host: utilitybillsservices.com
URL: https://utilitybillsservices.com/?s1=352188&s2=1239122226&s3=7443&s5=&s6=&s7=&s4=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:c43c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eca9cf606d4c7ac26ed546896516753c231febbbecb04cdebc4d8e2962902ebf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://utilitybillsservices.com/?s1=352188&s2=1239122226&s3=7443&s5=&s6=&s7=&s4=1

Response headers

cf-cache-status: HIT
age: 58102
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n966tfpJr0eYoIQ0t1e6mf0R9YvFoOfQ1mxB01gcVe%2FMf5iAbr4HZCZGSJk%2BvMD6opZYd5aEXq6%2FOtNIZik6J1YTz2xSWs17gceicwMlSIyLkbizC5bELQoY1r%2Ftcq7utsHUEWT9Rm8g1hlOsiXm8nyiMvpb8BY%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 17 Oct 2024 19:19:15 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 11 Oct 2024 11:27:37 GMT
content-type: image/png
last-modified: Wed, 10 Jul 2024 15:51:47 GMT
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d0e80816921c34d-EWR
accept-ranges: bytes
content-length: 18460
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 willow_girl.png
utilitybillsservices.com/assets/ 518 KB
519 KB 56ms
55ms Image
image/png 2606:4700:3033::ac43:c43c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://utilitybillsservices.com/assets/willow_girl.png

Requested by

Host: utilitybillsservices.com
URL: https://utilitybillsservices.com/?s1=352188&s2=1239122226&s3=7443&s5=&s6=&s7=&s4=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:c43c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cf62fb002adc962254d17fde51d8e14ab9751dd0992dcc17bb39d7551434677

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://utilitybillsservices.com/?s1=352188&s2=1239122226&s3=7443&s5=&s6=&s7=&s4=1

Response headers

cf-cache-status: HIT
age: 120535
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bZXwCV0qHgltCOoQQX52shCI0NDmabjnGRubUcCTXmMF%2FtnylhVnHGm%2Fd%2F%2BpwJnUJUhVaTYKdupCFy2bfzXvH%2BTiHUVKPi1HEFoP41xBIHyYAZSMZmIOcx8DN7vlRk3paQjxJmfPN3QwDl9VXTjoOADVDZHCrO4%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 17 Oct 2024 01:58:41 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 11 Oct 2024 11:27:37 GMT
content-type: image/png
last-modified: Wed, 10 Jul 2024 15:51:47 GMT
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d0e80816925c34d-EWR
accept-ranges: bytes
content-length: 530906
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 ico1.png
utilitybillsservices.com/assets/ 2 KB
3 KB 37ms
37ms Image
image/png 2606:4700:3033::ac43:c43c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://utilitybillsservices.com/assets/ico1.png

Requested by

Host: utilitybillsservices.com
URL: https://utilitybillsservices.com/?s1=352188&s2=1239122226&s3=7443&s5=&s6=&s7=&s4=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:c43c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fde50a11e6dd657948aec1505df026196cde47938b20419565d46862a313064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://utilitybillsservices.com/?s1=352188&s2=1239122226&s3=7443&s5=&s6=&s7=&s4=1

Response headers

cf-cache-status: HIT
age: 120535
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e5N5%2FsUZa3xnXIenGTdo2RgGhUVe4PRgaRjtXuO4arDHta%2BMoNs%2F0ac1YqkiI4EoUnDzAmS2BSRnxVQLhuI5G828LjXq%2FF0Vvdd59pnHRH80Hgk%2FlXfrQCA4d6WlRsZ4LNMF9r3iXkklGvjXXqDgVLOrpuySrwc%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 17 Oct 2024 01:58:42 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 11 Oct 2024 11:27:37 GMT
content-type: image/png
last-modified: Wed, 10 Jul 2024 15:51:47 GMT
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d0e8081b95bc34d-EWR
accept-ranges: bytes
content-length: 2369
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 ico2.png
utilitybillsservices.com/assets/ 4 KB
4 KB 42ms
42ms Image
image/png 2606:4700:3033::ac43:c43c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://utilitybillsservices.com/assets/ico2.png

Requested by

Host: utilitybillsservices.com
URL: https://utilitybillsservices.com/?s1=352188&s2=1239122226&s3=7443&s5=&s6=&s7=&s4=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c43c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4122f447e5ddd50fa0edb062d5f52c9bce19e8148aeb7d87ab568865e7a6ff48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://utilitybillsservices.com/?s1=352188&s2=1239122226&s3=7443&s5=&s6=&s7=&s4=1

Response headers

cf-cache-status: HIT
age: 120535
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D2D6DJfSKpSl7MEolCg6VYITSFQFw1sKYPKP6v1v5qLR8oGKPev2qnFEbErsG6ZU5x%2FfXgMwgrd%2F%2Fpu61vL2jRXjaAiDoGjfJt460u6UY%2BqLu9xV55V1807Nj%2FVHOkMZ4zNHceta1ABlmzLva%2BCTIspgwsqHmP0%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 17 Oct 2024 01:58:42 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 11 Oct 2024 11:27:37 GMT
content-type: image/png
last-modified: Wed, 10 Jul 2024 15:51:47 GMT
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d0e8081ff57423d-EWR
accept-ranges: bytes
content-length: 3844
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 ico3.png
utilitybillsservices.com/assets/ 14 KB
14 KB 39ms
39ms Image
image/png 2606:4700:3033::ac43:c43c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://utilitybillsservices.com/assets/ico3.png

Requested by

Host: utilitybillsservices.com
URL: https://utilitybillsservices.com/?s1=352188&s2=1239122226&s3=7443&s5=&s6=&s7=&s4=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c43c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6f8d8106a82f3d701df0dd06fe40ca5bb6e8390fe8b17f7ccc6057ee9453a27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://utilitybillsservices.com/?s1=352188&s2=1239122226&s3=7443&s5=&s6=&s7=&s4=1

Response headers

cf-cache-status: HIT
age: 120535
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VgI4Otr27EaFt1ncS0y2aUwbHbFjINlZ3eUq0ugLIL5KUBRA%2BcbROFuktgt4vNxpMZRA%2FRtgLFokDSgOYfLGEU2s9CJM0NZxyXsocmVwyd6XQaXQuI8AnV9Ih4JqvSdJbtqEwU3Ix9CYolpPaxYHaO9lbI4yKjU%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 17 Oct 2024 01:58:42 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 11 Oct 2024 11:27:37 GMT
content-type: image/png
last-modified: Wed, 10 Jul 2024 15:51:47 GMT
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d0e80825fae423d-EWR
accept-ranges: bytes
content-length: 14239
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 percent.png
utilitybillsservices.com/assets/ 131 KB
131 KB 44ms
43ms Image
image/png 2606:4700:3033::ac43:c43c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://utilitybillsservices.com/assets/percent.png

Requested by

Host: utilitybillsservices.com
URL: https://utilitybillsservices.com/?s1=352188&s2=1239122226&s3=7443&s5=&s6=&s7=&s4=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c43c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c10136df6491da9e05d8e3d6a691647d96295b2fe18ae4e8cc9077f96a65b64e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://utilitybillsservices.com/?s1=352188&s2=1239122226&s3=7443&s5=&s6=&s7=&s4=1

Response headers

cf-cache-status: HIT
age: 120535
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dtUlimYJY0fNQusjgSihd9V1ptrLMBx7KhXorUQk%2FJkgrwtku%2BbJE1wt8ntSI0WN0qXovARkMeYMznEx6CWnx84Nd5GYH9DghaaIl2dF2X7U0xPXEF47f1EHm2BP8sWOKR%2B8pWFEJAlr9kP6nWIdWMamwF%2FWL2E%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 17 Oct 2024 01:58:42 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 11 Oct 2024 11:27:37 GMT
content-type: image/png
last-modified: Wed, 10 Jul 2024 15:51:47 GMT
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d0e80827fcb423d-EWR
accept-ranges: bytes
content-length: 133773
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 willow_am.png
utilitybillsservices.com/assets/ 321 KB
322 KB 88ms
87ms Image
image/png 2606:4700:3033::ac43:c43c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://utilitybillsservices.com/assets/willow_am.png

Requested by

Host: utilitybillsservices.com
URL: https://utilitybillsservices.com/?s1=352188&s2=1239122226&s3=7443&s5=&s6=&s7=&s4=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c43c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce1ce4e048e0a0e94a501211ff97a5921d4f7881051f98b8307eef735f42be41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://utilitybillsservices.com/?s1=352188&s2=1239122226&s3=7443&s5=&s6=&s7=&s4=1

Response headers

cf-cache-status: HIT
age: 120535
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6tgI5CVuA12Z1%2FkWCB7faPYHy%2Fz0MjVLQ9oqexd3HTkxnrdko2HTji0b2U6D1wydTF0MlPlBVzMKww7dNWD8cXY5UzxM9Yfi6UhkLQuX5IflgAOLJRbd9UuQywgszWDa1erI4Cx0tYdwwXGc%2Fng90ofUL42hG4Q%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 17 Oct 2024 01:58:42 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 11 Oct 2024 11:27:37 GMT
content-type: image/png
last-modified: Wed, 10 Jul 2024 15:51:47 GMT
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d0e80828fdc423d-EWR
accept-ranges: bytes
content-length: 329004
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 phone.png
utilitybillsservices.com/assets/ 4 MB
4 MB 146ms
144ms Image
image/png 2606:4700:3033::ac43:c43c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://utilitybillsservices.com/assets/phone.png

Requested by

Host: utilitybillsservices.com
URL: https://utilitybillsservices.com/?s1=352188&s2=1239122226&s3=7443&s5=&s6=&s7=&s4=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c43c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49d6cd21e1d9231895690445488f65a9a30e81b921c6b674ca5cf506958f7889

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://utilitybillsservices.com/?s1=352188&s2=1239122226&s3=7443&s5=&s6=&s7=&s4=1

Response headers

cf-cache-status: HIT
age: 120535
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=heFvCF3DtmtK47hyxXGCGb53M%2Bb9M5REfSZcBsN6jQ3IgKvlg3Fx4bIDOAUbPMxPPTyJTBmRIn5B16RM%2B0Ql58UmJ%2FiL0sZl43v7oxY2pvS1r7BD6%2B3%2BnhCmDYy5UCI4JQb%2B35XBl8W0vR45Vk3SiQLxe1xm4Ws%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 17 Oct 2024 01:58:42 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 11 Oct 2024 11:27:37 GMT
content-type: image/png
last-modified: Wed, 10 Jul 2024 15:51:47 GMT
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d0e80828fdd423d-EWR
accept-ranges: bytes
content-length: 4448045
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 cashflow.png
utilitybillsservices.com/assets/ 4 KB
4 KB 554ms
552ms Image
image/png 2606:4700:3033::ac43:c43c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://utilitybillsservices.com/assets/cashflow.png

Requested by

Host: utilitybillsservices.com
URL: https://utilitybillsservices.com/?s1=352188&s2=1239122226&s3=7443&s5=&s6=&s7=&s4=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c43c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2bab9166d08d132c482ff609e141296e802d3f10a29c15862f219a811142c6c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://utilitybillsservices.com/?s1=352188&s2=1239122226&s3=7443&s5=&s6=&s7=&s4=1

Response headers

cf-cache-status: HIT
age: 120535
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hurlSJm40YsZjCZkXgh7%2Fjsc75ZK11jmjhyn%2BS7OTAQALzDIZNEAAZcCsmHfiPVxrYQ6IM1lw1VvKd%2FN9kCTDm55h1qAGPl31dwX0ZBsiIfI65LYrmxljvOOwSmoYI%2FH6YFRlpsCwThJomip%2F9naHW7mYkCR87I%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 17 Oct 2024 01:58:42 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 11 Oct 2024 11:27:37 GMT
content-type: image/png
last-modified: Wed, 10 Jul 2024 15:51:47 GMT
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d0e80828fdf423d-EWR
accept-ranges: bytes
content-length: 3625
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 calculator.png
utilitybillsservices.com/assets/ 2 KB
3 KB 555ms
553ms Image
image/png 2606:4700:3033::ac43:c43c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://utilitybillsservices.com/assets/calculator.png

Requested by

Host: utilitybillsservices.com
URL: https://utilitybillsservices.com/?s1=352188&s2=1239122226&s3=7443&s5=&s6=&s7=&s4=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c43c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80f3616b2a1ffa819d61c30329001ddfb6653d5f0f8aa10e5cfdda00617eb194

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://utilitybillsservices.com/?s1=352188&s2=1239122226&s3=7443&s5=&s6=&s7=&s4=1

Response headers

cf-cache-status: HIT
age: 120535
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DAVilj7dOjY14Cy8vI9rws%2BeYhIfXVpN9Q%2BJXjfc9bggul9mHe%2FUERrTeuZNwzNllsKr%2BrutqgsjqzCBoKuvcs%2BPhYM0q6UVGlvTfNlS3xpqGGC0rWJ%2Btb8Wonh4BxtYSpEtdkxWCdZ%2BTXg8ky%2FXhyaivLwGZPU%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 17 Oct 2024 01:58:42 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 11 Oct 2024 11:27:37 GMT
content-type: image/png
last-modified: Wed, 10 Jul 2024 15:51:47 GMT
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d0e80828fe0423d-EWR
accept-ranges: bytes
content-length: 2299
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 money.png
utilitybillsservices.com/assets/ 2 KB
3 KB 556ms
554ms Image
image/png 2606:4700:3033::ac43:c43c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://utilitybillsservices.com/assets/money.png

Requested by

Host: utilitybillsservices.com
URL: https://utilitybillsservices.com/?s1=352188&s2=1239122226&s3=7443&s5=&s6=&s7=&s4=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c43c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a9b2a02034fc443d258a48d47edf8dd3e78333f1d47aab4328f33d09df1c78b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://utilitybillsservices.com/?s1=352188&s2=1239122226&s3=7443&s5=&s6=&s7=&s4=1

Response headers

cf-cache-status: HIT
age: 120535
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=un73FZnciSg7evGMOAeBGuncyzaT9eHOCI0xapSp4J6uQpUDYOrdW0KQ03UNrNhLAZdcPRVxzw6aUP%2Bj2xBxrzsW67UzZaoLorDPd%2BGnN9%2BoWovF0KolmPbpYcY4NB2yT%2BKBXxGyulhQaOf5p67yvU%2BwVbdXnK8%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 17 Oct 2024 01:58:42 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 11 Oct 2024 11:27:37 GMT
content-type: image/png
last-modified: Wed, 10 Jul 2024 15:51:47 GMT
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d0e80828fe1423d-EWR
accept-ranges: bytes
content-length: 2249
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 calendar.png
utilitybillsservices.com/assets/ 3 KB
4 KB 555ms
553ms Image
image/png 2606:4700:3033::ac43:c43c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://utilitybillsservices.com/assets/calendar.png

Requested by

Host: utilitybillsservices.com
URL: https://utilitybillsservices.com/?s1=352188&s2=1239122226&s3=7443&s5=&s6=&s7=&s4=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c43c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a83ef3f0b2756b96856c36713839bd70c0726407384134ac433e6a6df5c458b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://utilitybillsservices.com/?s1=352188&s2=1239122226&s3=7443&s5=&s6=&s7=&s4=1

Response headers

cf-cache-status: HIT
age: 120535
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5%2B5ke8bHGioj%2FoS3rq0bEzadUiY6dsLyvQe%2ByQcXa0XiIuxUTy3rgi6K0vLlC3F5MUjCeak9NSRx7%2FxKpJDkIvJTloDwq77NNsM1n8pVW8Cu24U0bMzwG5YYE4feKWrv%2FLtyGTixbu3fNasXp1YYvsgiZ%2BO2uGY%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 17 Oct 2024 01:58:42 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 11 Oct 2024 11:27:37 GMT
content-type: image/png
last-modified: Wed, 10 Jul 2024 15:51:47 GMT
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d0e80828fe2423d-EWR
accept-ranges: bytes
content-length: 3153
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 logos.png
utilitybillsservices.com/assets/ 91 KB
92 KB 556ms
554ms Image
image/png 2606:4700:3033::ac43:c43c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://utilitybillsservices.com/assets/logos.png

Requested by

Host: utilitybillsservices.com
URL: https://utilitybillsservices.com/?s1=352188&s2=1239122226&s3=7443&s5=&s6=&s7=&s4=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c43c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac7876a7d5d391f6e266dda2952c636c6050cb1302077aecb7138bb19d5ce202

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://utilitybillsservices.com/?s1=352188&s2=1239122226&s3=7443&s5=&s6=&s7=&s4=1

Response headers

cf-cache-status: HIT
age: 120535
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a60qs8Pu0fR2vofmt%2Fv23uNgmE6mEmqrsVs%2BTRqFiCHqubYqf1eUbRnJ9RU7nxhki4%2F%2Frxa0xQdqJtIa60JVd3Sg2aKlOXsYi9m%2BRHkxnHZasfq60kYQJdkjrPPYiIBIgxgQmER6eZJn6JWtg5b8lVoNsBSqbrc%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 17 Oct 2024 01:58:42 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 11 Oct 2024 11:27:37 GMT
content-type: image/png
last-modified: Wed, 10 Jul 2024 15:51:47 GMT
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d0e80828fe3423d-EWR
accept-ranges: bytes
content-length: 93344
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 6081bf27dc8abe001068b44a Show response
api.pushnami.com/scripts/v1/pushnami-adv/ 95 KB
20 KB 353ms
183ms Script
application/javascript 3.166.192.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pushnami.com/scripts/v1/pushnami-adv/6081bf27dc8abe001068b44a
Requested by: Host: utilitybillsservices.com
URL: https://utilitybillsservices.com/inc/msg_dynamic_lns.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.166.192.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-166-192-81.phl51.r.cloudfront.net
Software: /
Resource Hash: 73e5e6e7be3bde54ec184964d5999017c6f0024ecbbb7c336e9a87be63afd2f1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://utilitybillsservices.com/

Response headers

cache-control: no-cache
content-encoding: gzip
via: 1.1 e4af9568d83dfb700e402ade6250ba86.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: qqVKDtQN2NaTWTPGKonYvln-ttC21u6Ya7XN4Kn6Fxlws7BjCjadEQ==
date: Fri, 11 Oct 2024 11:27:37 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding
x-amz-cf-pop: PHL51-P2

GET
H3 200 curva.png
utilitybillsservices.com/assets/ 2 KB
3 KB 546ms
546ms Image
image/png 2606:4700:3033::ac43:c43c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://utilitybillsservices.com/assets/curva.png

Requested by

Host: utilitybillsservices.com
URL: https://utilitybillsservices.com/?s1=352188&s2=1239122226&s3=7443&s5=&s6=&s7=&s4=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c43c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2205645083333b38c7033eba9d271d76effa4fbb52e841a023f8191142f8e38d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://utilitybillsservices.com/?s1=352188&s2=1239122226&s3=7443&s5=&s6=&s7=&s4=1

Response headers

cf-cache-status: HIT
age: 140727
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w2jQAL3pE3ktxm9WH%2FSCTTNsIF1MCw%2Bon77pqyH47wwmwE80BCva1xBzrpdpoxxTcHVFgqrXVIl1z%2BdofgM4utpXs1pemxf81tOJsBI0NsRR%2Fedwcih44YkP0GXdEdl2AFeOmOC5ul0k2hFq5DplLYms0wgJzPc%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 16 Oct 2024 20:22:10 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 11 Oct 2024 11:27:37 GMT
content-type: image/png
last-modified: Wed, 10 Jul 2024 15:51:47 GMT
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d0e8082aff6423d-EWR
accept-ranges: bytes
content-length: 2271
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 dots.png
utilitybillsservices.com/assets/ 122 KB
123 KB 547ms
546ms Image
image/png 2606:4700:3033::ac43:c43c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://utilitybillsservices.com/assets/dots.png

Requested by

Host: utilitybillsservices.com
URL: https://utilitybillsservices.com/?s1=352188&s2=1239122226&s3=7443&s5=&s6=&s7=&s4=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c43c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c435203fab547b60726c46354c89644ce10b43933d0fdc7177b0b6c3bba6f5b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://utilitybillsservices.com/?s1=352188&s2=1239122226&s3=7443&s5=&s6=&s7=&s4=1

Response headers

cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0k0c57jzVVHzxTJSHxMKJl9KwXwCqTwF9UvzT5Q%2FJ1PMKhBveIamOTxQFOniFVOqS8EWAOK25P%2F8RBfRwZlFTCLrpzZoT6Kuas5sE84EQigKmGNbTMR5PzE0ZBJDrIrgHkRu6qZAyYFQY4aCfNw8RWl18O2KYtQ%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Fri, 18 Oct 2024 11:27:37 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 11 Oct 2024 11:27:37 GMT
content-type: image/png
last-modified: Wed, 10 Jul 2024 15:51:47 GMT
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d0e8082aff9423d-EWR
accept-ranges: bytes
content-length: 125153
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3

200

main.js Show response
utilitybillsservices.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/ Frame 0B42
Redirect Chain

https://utilitybillsservices.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://utilitybillsservices.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js?

8 KB
4 KB

33ms
33ms

Script
application/javascript

2606:4700:3033::ac43:c43c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://utilitybillsservices.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js?

Requested by

Host: utilitybillsservices.com
URL: https://utilitybillsservices.com/?s1=352188&s2=1239122226&s3=7443&s5=&s6=&s7=&s4=1

Protocol

Server

2606:4700:3033::ac43:c43c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9848027b88d35000b6587176e48747518fabe48ed2e791214cde43da489a539a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A565SK2KrJa99k5zyVNSJQkRrSix8R%2FstHbhpxbOdlcsQYMHKpUMQH041qXVQm46mB%2BPhXZbXJxQtlWNFsHSHmWMCzIWQyxB%2Bna60bMdOP24FXLhVfhZ%2FxG1aXQnXZCqscdB8ytMntMSHotyeKZxhg%2FGx4l6l60%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8d0e80862ac8423d-EWR
alt-svc: h3=":443"; ma=86400
date: Fri, 11 Oct 2024 11:27:37 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare

Redirect headers

cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js?
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8N6gFHNxYbRUlffVv%2BWcJL6%2BSQgxfsETnE7LyJKQ91C3EEAR0UodzAiTzq0lQijFnBBiPtufM7%2Bl5gqly1G4C3xdmvcVXBqOtqxgW4rspdunRNpXJ82dnQYgLPa9bYZY0byQi21jP3sLrb4Vsc0NlLpAYI5GM4E%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d0e80830842423d-EWR
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 11 Oct 2024 11:27:37 GMT
vary: Accept-Encoding
server: cloudflare

POST
H2 200 track Show response
trc.pushnami.com/api/push/ 2 B
168 B 125ms
124ms Fetch
text/html 3.227.99.211
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/6081bf27dc8abe001068b44a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.99.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-99-211.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

key: 6081bf27dc8abe001068b44a
Referer: https://utilitybillsservices.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept: application/json, text/plain, */*
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
access-control-expose-headers: WWW-Authenticate,Server-Authorization
content-length: 2
cache-control: no-cache
date: Fri, 11 Oct 2024 11:27:38 GMT
content-type: text/html; charset=utf-8

OPTIONS
H2 204 track
trc.pushnami.com/api/push/ Frame 0
0 206ms
82ms Preflight 3.227.99.211
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.99.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-99-211.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: key
Access-Control-Request-Method: POST
Origin: https://utilitybillsservices.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,key
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers: WWW-Authenticate,Server-Authorization
access-control-max-age: 86400
cache-control: no-cache
date: Fri, 11 Oct 2024 11:27:37 GMT

POST
H3 200 8d0e807eaf65c34d Show response
utilitybillsservices.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 0B42 0
983 B 48ms
43ms XHR
text/plain 2606:4700:3033::ac43:c43c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utilitybillsservices.com/cdn-cgi/challenge-platform/h/b/jsd/r/8d0e807eaf65c34d
Requested by: Host: utilitybillsservices.com
URL: https://utilitybillsservices.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:c43c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x7Gm%2FS0FqCDO9172cxDhBCKByunWMJDMDAx2kmJL2rh460MiD6NH2%2B%2FhYJJzWCWUeQFq2j%2FOFZ4M7KgGiSp7b6KjvA%2FLNH0CDvcim4c9JoEBtJv1nW%2FUQev2phDgB68%2FCck1cH8i%2FnSs%2Btbm%2BGN6j6xST2FKfcE%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d0e80870b77423d-EWR
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 11 Oct 2024 11:27:38 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare

GET
H2 200 hub
api.pushnami.com/scripts/v1/ Frame 4DAF 0
0 179ms
65ms Document
text/html 3.166.192.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pushnami.com/scripts/v1/hub

Requested by

Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/6081bf27dc8abe001068b44a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.166.192.44 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-166-192-44.phl51.r.cloudfront.net

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' *
X-Content-Security-Policy	default-src 'unsafe-inline' *

Request headers

Referer: https://utilitybillsservices.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-origin: *
age: 3082
cache-control: no-cache
content-encoding: gzip
content-security-policy: default-src 'unsafe-inline' *
content-type: text/html; charset=utf-8
date: Fri, 11 Oct 2024 10:36:16 GMT
vary: accept-encoding
via: 1.1 01475ee98faa100145112584fc08f9ae.cloudfront.net (CloudFront)
x-amz-cf-id: 7JqyXG-5VxnsSt9hx0967GBA3mPJpS23wT1ozez1-en849t9ZBx0YA==
x-amz-cf-pop: PHL51-P2
x-cache: Hit from cloudfront
x-content-security-policy: default-src 'unsafe-inline' *
x-webkit-csp: default-src 'unsafe-inline' *

GET
H3 200 favicon.png
utilitybillsservices.com/assets/ 44 KB
45 KB 39ms
39ms Other
image/png 2606:4700:3033::ac43:c43c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://utilitybillsservices.com/assets/favicon.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c43c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24807a093075a7ef2a36f79817c550d91ec5e505b5c5bc72a39a0385763b7c3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://utilitybillsservices.com/?s1=352188&s2=1239122226&s3=7443&s5=&s6=&s7=&s4=1

Response headers

cf-cache-status: HIT
age: 120534
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NfZc6yjymmitUEWiU8fxOgWob2LZab07ogyQYbzXCl%2BVprS9yWfczaRwGGlQmhn8tsmO9upNr4vP5EaUHXCgFMo8Ak5iifw4DXr7EZLyL%2BaljodjGQGdRiUxcQJsuTtCjVFPke%2FQz%2BYpMfgPjDpI%2BTFHqODC0VU%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 17 Oct 2024 01:58:44 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 11 Oct 2024 11:27:38 GMT
content-type: image/png
last-modified: Wed, 10 Jul 2024 15:51:47 GMT
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d0e8088ad33423d-EWR
accept-ranges: bytes
content-length: 45274
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 psfpv4_client_1.128.0_e69807988e393582df7e4f36997f32ce191eefb9bae310a2b10e144b1d3638f9.js Show response
cdn.pushnami.com/js/exp/ 333 KB
334 KB 169ms
30ms Script
application/javascript 13.249.91.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pushnami.com/js/exp/psfpv4_client_1.128.0_e69807988e393582df7e4f36997f32ce191eefb9bae310a2b10e144b1d3638f9.js
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/6081bf27dc8abe001068b44a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.91.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-91-120.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e69807988e393582df7e4f36997f32ce191eefb9bae310a2b10e144b1d3638f9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://utilitybillsservices.com/

Response headers

content-encoding: utf-8
x-amz-version-id: iJVtw0MDnvg5Vkf9zg8GHQyDY6vN4ZdU
etag: "4b9f77845d59f14274d2b8d4b1112ca4"
age: 276
x-cache: Hit from cloudfront
x-amz-cf-id: ovwe0kvDmYvgfFE1BGhNFU6oS6Hmh_ZFsruPn-AzquGW7Fuh-1SX9A==
date: Fri, 11 Oct 2024 11:23:03 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Mon, 12 Aug 2024 17:22:56 GMT
via: 1.1 7002831b3049ff1090da3f99329ed2b0.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 340965
x-amz-cf-pop: JFK52-P9
server: AmazonS3
x-amz-server-side-encryption: AES256

OPTIONS
H2 204 data
psp.pushnami.com/psfp/ Frame 0
0 189ms
72ms Preflight 54.85.103.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/psfp/data
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.85.103.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-103-82.compute-1.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://utilitybillsservices.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Fri, 11 Oct 2024 11:27:39 GMT
vary: Access-Control-Request-Headers
x-powered-by: Express

POST
H2 201 data Show response
psp.pushnami.com/psfp/ 27 B
187 B 33ms
32ms Fetch
application/json 54.85.103.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/psfp/data
Requested by: Host: cdn.pushnami.com
URL: https://cdn.pushnami.com/js/exp/psfpv4_client_1.128.0_e69807988e393582df7e4f36997f32ce191eefb9bae310a2b10e144b1d3638f9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.85.103.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-103-82.compute-1.amazonaws.com
Software: / Express
Resource Hash: 872f35c442fb45b92953ee6dc5f980717f993d018097ccc0b289ae206b7b129c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/octet-stream
Referer: https://utilitybillsservices.com/

Response headers

access-control-allow-origin: *
content-length: 27
date: Fri, 11 Oct 2024 11:27:39 GMT
etag: W/"1b-D4PNCIGKzvn9yhfD0QiKW4O6wuQ"
content-type: application/json; charset=utf-8
x-powered-by: Express

OPTIONS
H2 204 psp
psp.pushnami.com/api/ Frame 0
0 31ms
31ms Preflight 54.85.103.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/api/psp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.85.103.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-103-82.compute-1.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: key
Access-Control-Request-Method: POST
Origin: https://utilitybillsservices.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: key
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Fri, 11 Oct 2024 11:27:39 GMT
vary: Access-Control-Request-Headers
x-powered-by: Express

POST
H2 200 psp Show response
psp.pushnami.com/api/ 2 B
152 B 111ms
109ms Fetch
text/html 54.85.103.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/api/psp
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/6081bf27dc8abe001068b44a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.85.103.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-103-82.compute-1.amazonaws.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

key: 6081bf27dc8abe001068b44a
Referer: https://utilitybillsservices.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept: application/json, text/plain, */*
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
content-length: 2
date: Fri, 11 Oct 2024 11:27:39 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type: text/html; charset=utf-8
x-powered-by: Express

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
risu.io/	1970-01-21 09:46:46	Name: ahoy_visitor Value: 5bee9f10-5a10-469b-8101-30383eb800d8
risu.io/	1970-01-21 00:10:46	Name: ahoy_visit Value: b347fa5c-d095-4510-ac3f-2c8f35cb3d07
risu.io/	1969-12-31 23:59:59	Name: _risu_session Value: EXiKvnBe0Pd%2BTiLiWeWh1qSHgpYkejLIvJqgVXO3cak5jyk2n84F2%2Bg2YIGMJh7UCiu%2BT9Xw7W0zBxLnKIpjrISWt%2FzYoyRNpc7V--ZcjlAF2hu%2Fj%2FSnMv--aXpggDUPgfl9QxV6yGDGlA%3D%3D
.risu.io/	1970-01-21 00:10:47	Name: __cf_bm Value: 8jl5xMLgGWdFORBERD7nAjWQETCxsXEV5SRm6w_Iy9o-1728646054-1.0.1.1-UDu4vtdy4HqWCV_EPSjkHfrV9EXHBBHfYUuncyiMtmpuNFYDW_Eock8okFWsQC5DqjwvnxmXAFJBC6d22xUgoA
.risu.io/	1970-01-21 08:56:22	Name: cf_clearance Value: LVHKDCqiEgVfYZQaGi5tQ1OnqgiLOxhnAT14LxSO2IY-1728646055-1.2.1.1-25kwqegT1UGHcbx2pOOimY1onf2LdXlJKBXGiRHOEklY5j4GtOJbZNpNSO7z4E6pDP7td.sF6HHh6.aMnHtfvVSlCXLhB0QK96CFkKoYuT4s2Ad3Cc2wSI0JSObzam9hzGyHqCEUgC.LuuKAJXF3sylkk5eEloQ80_qmvxPzfuThYJaqvH0SFBSA0q5aj8O2_Jn1dRVmI9Bc8nhn2KgfOhJXnAf7NflqLNpsA_GqdkWki0QjrsjN.5__eMgV.a9YiFubU9RcxHY6WMwbodxVYqKx7WGGTVUdCK3SYu38AoLqBM_LfEnNnJOMG5QRHI0h6dJAr9wMmOhnLgv3AUQKsuL4dLaA3_1uwwuy4fxIb92HVJa4kDj5ju9mhcEHaAq9
.risu.io/	1970-01-21 09:46:46	Name: _ga Value: GA1.2.1447825405.1728646055
.risu.io/	1970-01-21 00:12:12	Name: _gid Value: GA1.2.2031445649.1728646055
.risu.io/	1970-01-21 00:10:46	Name: _gat_UA-146086888-1 Value: 1
.risu.io/	1970-01-21 09:46:46	Name: _ga_ZH634PL121 Value: GS1.2.1728646055.1.0.1728646055.60.0.0
.doubleclick.net/	1970-01-21 00:10:46	Name: test_cookie Value: CheckForPermission
inclinecliff.com/	1970-01-21 00:55:20	Name: uid7443 Value: 1239122226-20241011072736-7c50f29e131f0b566273850ddb1a0fef-0
.risu.io/	1970-01-21 09:46:46	Name: _ga_H814P3QJ03 Value: GS1.1.1728646055.1.0.1728646056.0.0.0
utilitybillsservices.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: b012eaa855f3ccf2d4089b044fd50090
.utilitybillsservices.com/	1970-01-21 08:56:22	Name: cf_clearance Value: ZPvefiidYmRzwaoFS9wxB5dWrHeGbbzA08EM7I67Gmk-1728646058-1.2.1.1-Sd7u9jO2vvI962q.tOmf4PW8OWf8u89_b4n0IgsXCAFuPz4_OY8JJu7YV2HI00a7ZcgZAZu_D.Wg0brNOa9gH1ksypKieJpJFJ_XakQGBry1rE9VQ2HVgLsgz5VPs.EtQIzzkLAqLhs_jeK4_Y8KPrRn0dLDafyKFjizBWGCoxmRGaYrvv7OBb4zvj7NtMwS180e.bfEJthdkN7F9v4LJkNRyFhcWNhRbaAmkeK.NIWmoQxB5lPXWFTWQ8_iiAt6.98UBCvZrEjkn2bx677AAStehX0_1YnfAg2rmj7n4wLNCLx8MKnR6CXDniQoS6uDsky2R57zZt46xk7Lv8dilK3pRv7A.P1orxS9.FEsO8W0tOP6RbpTADLe_WW52YWx

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.google.com
api.pushnami.com
assets.risu.io
cdn.pushnami.com
inclinecliff.com
psp.pushnami.com
risu.io
static.cloudflareinsights.com
stats.g.doubleclick.net
td.doubleclick.net
trc.pushnami.com
utilitybillsservices.com
www.google-analytics.com
www.googletagmanager.com
13.249.91.120
2606:4700:3033::ac43:c43c
2606:4700:3108::ac42:2afe
2606:4700::6810:4f49
2607:f8b0:4004:c0b::5f
2607:f8b0:4004:c19::61
2607:f8b0:4004:c1b::9d
2607:f8b0:400d:c04::8b
2607:f8b0:400d:c0b::65
2607:f8b0:400d:c0b::9d
3.166.192.44
3.166.192.81
3.227.99.211
31.222.255.6
34.98.102.251
54.85.103.82
06c268756582b4fdb9bc05d7ef93fde94ca04617b9098aa746744a4d4c3cb8c1
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
140d23c26269417067ca5c36ad591e3a13da19b3854209bc82ea477cc54e9986
1d9a6f8e75e44329895e57e783f80642e82270800eb7bccf652b35dd6109cec1
2205645083333b38c7033eba9d271d76effa4fbb52e841a023f8191142f8e38d
24807a093075a7ef2a36f79817c550d91ec5e505b5c5bc72a39a0385763b7c3f
2bab9166d08d132c482ff609e141296e802d3f10a29c15862f219a811142c6c3
2fd7f15e18740cacae91badbd1ccb819e431cdb510d8af3eef4510083de2e733
3a9b2a02034fc443d258a48d47edf8dd3e78333f1d47aab4328f33d09df1c78b
4122f447e5ddd50fa0edb062d5f52c9bce19e8148aeb7d87ab568865e7a6ff48
49d6cd21e1d9231895690445488f65a9a30e81b921c6b674ca5cf506958f7889
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5fde50a11e6dd657948aec1505df026196cde47938b20419565d46862a313064
73e5e6e7be3bde54ec184964d5999017c6f0024ecbbb7c336e9a87be63afd2f1
7cf62fb002adc962254d17fde51d8e14ab9751dd0992dcc17bb39d7551434677
80f3616b2a1ffa819d61c30329001ddfb6653d5f0f8aa10e5cfdda00617eb194
872f35c442fb45b92953ee6dc5f980717f993d018097ccc0b289ae206b7b129c
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8a3660303bb5ece3c13652f810df646adf805c4c68897e807e491b7d30704415
9848027b88d35000b6587176e48747518fabe48ed2e791214cde43da489a539a
9a83ef3f0b2756b96856c36713839bd70c0726407384134ac433e6a6df5c458b
9f8c74add0b5905724d47f3de822f2f86ce7cdc6d37b29a7ba99689f920e3918
ac7876a7d5d391f6e266dda2952c636c6050cb1302077aecb7138bb19d5ce202
ba83bede5179177a4c94a9e156758ea78d2ea702d969923b0fe22d616d294d8e
c10136df6491da9e05d8e3d6a691647d96295b2fe18ae4e8cc9077f96a65b64e
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c435203fab547b60726c46354c89644ce10b43933d0fdc7177b0b6c3bba6f5b3
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ce1ce4e048e0a0e94a501211ff97a5921d4f7881051f98b8307eef735f42be41
d610fcca767aac299e02cf3da944a295922181488d3ca72247aac2d353174fd7
d6f8d8106a82f3d701df0dd06fe40ca5bb6e8390fe8b17f7ccc6057ee9453a27
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e69807988e393582df7e4f36997f32ce191eefb9bae310a2b10e144b1d3638f9
eca9cf606d4c7ac26ed546896516753c231febbbecb04cdebc4d8e2962902ebf

utilitybillsservices.com Open in urlscan Pro 2606:4700:3033::ac43:c43c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

52 Requests

94 %HTTPS

56 %IPv6

10 Domains

15 Subdomains

16 IPs

2 Countries

6379 kBTransfer

7240 kBSize

14 Cookies

1 Outgoing links

Page URL History

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

utilitybillsservices.com Open in urlscan Pro
2606:4700:3033::ac43:c43c Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

94 %
HTTPS

56 %
IPv6

10
Domains

15
Subdomains

16
IPs

2
Countries

6379 kB
Transfer

7240 kB
Size

14
Cookies

52 HTTP transactions
0 data transactions