urlscan.io logo urlscan.io
SecurityTrails logo

7r6.com Open in urlscan Pro
2606:4700:30::6812:3f03  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bit.ly/34bvzwd
Effective URL: http://7r6.com/eWPTX-1
Submission: On December 31 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 3 countries across 15 domains to perform 40 HTTP transactions. The main IP is 2606:4700:30::6812:3f03, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is 7r6.com.
This is the only time 7r6.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.11 396982 (GOOGLE-PR...)
7 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 35.190.50.89 15169 (GOOGLE)
6 88.85.66.163 35415 (WEBZILLA)
4 88.85.82.189 35415 (WEBZILLA)
1 142.91.159.202 7979 (SERVERS)
6 78.140.191.85 35415 (WEBZILLA)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 188.42.160.59 35415 (WEBZILLA)
40 15
1    67.199.248.11 (United States)

ASN396982 (GOOGLE-PRIVATE-CLOUD - Google LLC, US)
PTR: bit.ly
bit.ly
7    2606:4700:30::6812:3f03 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
7r6.com
1    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
3    35.190.50.89 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 89.50.190.35.bc.googleusercontent.com
www.predictivdisplay.com
6    88.85.66.163 (Netherlands)

ASN35415 (WEBZILLA, NL)
native.propellerclick.com
4    88.85.82.189 (Netherlands)

ASN35415 (WEBZILLA, NL)
deloplen.com
1    142.91.159.202 (Netherlands)

ASN7979 (SERVERS - Servers.com, Inc., US)
presbanise.pw
6    78.140.191.85 (Netherlands)

ASN35415 (WEBZILLA, NL)
pushqwer.com
1    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.recaptcha.net
3    2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
2    2606:4700::6811:c66b (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdnondemand.org
1    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.gstatic.com
1    2606:4700:30::6812:3647 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ufpcdn.com
2    2a00:1450:4001:820::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    188.42.160.59 (Amsterdam, Netherlands)

ASN35415 (WEBZILLA, NL)
my.rtmark.net
Domain Requested by
7 7r6.com 7r6.com
6 pushqwer.com 7r6.com
pushqwer.com
6 native.propellerclick.com 7r6.com
native.propellerclick.com
4 deloplen.com 7r6.com
deloplen.com
3 fonts.gstatic.com 7r6.com
3 www.predictivdisplay.com 7r6.com
www.predictivdisplay.com
2 www.google.com www.gstatic.com
2 cdnondemand.org 7r6.com
1 my.rtmark.net pushqwer.com
1 ufpcdn.com 7r6.com
1 www.gstatic.com www.recaptcha.net
1 www.recaptcha.net 7r6.com
1 presbanise.pw 7r6.com
1 fonts.googleapis.com 7r6.com
1 bit.ly 1 redirects
0 onclicksuper.com Failed 7r6.com
40 16

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
Subject Issuer Validity Valid
misc.google.com
GTS CA 1O1		 2019-12-03 -
2020-02-25		 3 months crt.sh
*.pushqwer.com
Let's Encrypt Authority X3		 2019-12-20 -
2020-03-19		 3 months crt.sh
*.google.com
GTS CA 1O1		 2019-12-03 -
2020-02-25		 3 months crt.sh
www.google.com
GTS CA 1O1		 2019-12-03 -
2020-02-25		 3 months crt.sh
my.rtmark.net
Let's Encrypt Authority X3		 2019-12-09 -
2020-03-08		 3 months crt.sh

This page contains 9 frames:

Primary Page: http://7r6.com/eWPTX-1
Frame ID: C98322A5B29AB39778402F803550CFEA
Requests: 33 HTTP requests in this frame

Frame: http://www.predictivdisplay.com/a/display.php?r=2344503&treqn=334297044&runauction=1&crr=0061148f5fd3174a7381tHPhIy4i5qp75H7s_Kv6uuumunvmunfnvnProiKt883e641af22640da1706&rtid=5e0b59abaf68f&cbrandom=0.9172005367176101&cbtitle=R7%20UrlShort&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=earn%20money%2C%20short%20link%2C%20get%20paid&cbref=
Frame ID: 12F1B02CAA09901337A22F80F134C4A1
Requests: 1 HTTP requests in this frame

Frame: http://www.predictivdisplay.com/a/display.php?r=2344503&treqn=334297044&runauction=1&crr=0061148f5fd3174a7381tHPhIy4i5qp75H7s_Kv6uuumunvmunfnvnProiKt883e641af22640da1706&rtid=5e0b59abaf68f&cbrandom=0.03807202805906251&cbtitle=R7%20UrlShort&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=earn%20money%2C%20short%20link%2C%20get%20paid&cbref=
Frame ID: E9B4803CBECA6CF91B29BE79477BDB0E
Requests: 1 HTTP requests in this frame

Frame: http://deloplen.com/fac.php
Frame ID: 993E9EF2F3E43CB9E8091534DB18D2FD
Requests: 1 HTTP requests in this frame

Frame: http://ufpcdn.com/script/identify.html?frmt=0
Frame ID: 7CE795A182812147A0CEB754F8C29DAC
Requests: 1 HTTP requests in this frame

Frame: http://deloplen.com/fac.php
Frame ID: E8E32115B450F9E2C37C31846D80B4D5
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfxmIcUAAAAAJeWRBIQSR_fckBSYUcmXVOeqJ97&co=aHR0cDovLzdyNi5jb206ODA.&hl=en&v=mhgGrlTs_PbFQOW4ejlxlxZn&size=normal&cb=xjar62be2gj4
Frame ID: 31CDCE95C2CC83EF5A0DE5577E2D3825
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=mhgGrlTs_PbFQOW4ejlxlxZn&k=6LfxmIcUAAAAAJeWRBIQSR_fckBSYUcmXVOeqJ97&cb=161noudtfqlk
Frame ID: 79EDC77DEC00DB032AD8587AC6ECD0A4
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: D961DF2280AB371F165981B85F504556
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://bit.ly/34bvzwd HTTP 301
    http://7r6.com/eWPTX-1 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

40
Requests

25 %
HTTPS

53 %
IPv6

15
Domains

16
Subdomains

15
IPs

3
Countries

692 kB
Transfer

1637 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bit.ly/34bvzwd HTTP 301
    http://7r6.com/eWPTX-1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

40 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set eWPTX-1
7r6.com/
Redirect Chain
  • http://bit.ly/34bvzwd
  • http://7r6.com/eWPTX-1
27 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://7r6.com/eWPTX-1
Protocol
HTTP/1.1
Server
2606:4700:30::6812:3f03 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d84a1e1a2839eaab9e463d40e593ab689a21d533465bf71352bd834fb9da91a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
7r6.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 31 Dec 2019 14:22:35 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d84f3d73ebb0ef7e972d38a4d18cd677a1577802155; expires=Thu, 30-Jan-20 14:22:35 GMT; path=/; domain=.7r6.com; HttpOnly; SameSite=Lax AppSession=jc30qclijgodo2e0kskntjk0n1; path=/; HttpOnly csrfToken=5b94f1e3831ad3fee217fcdb426efcced1c1111bdbd9c91de11097e93553a227ada8868260c9afdeb81e4a281c59921ad66e5f9d5cfe87ab15dbee4ff87c6d33; path=/; HttpOnly
Vary
Accept-Encoding
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Cache
HIT from Backend
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
54dce80f5bb1c281-FRA
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Tue, 31 Dec 2019 14:22:35 GMT
Content-Type
text/html; charset=utf-8
Content-Length
109
Cache-Control
private, max-age=90
Location
http://7r6.com/eWPTX-1
Set-Cookie
_bit=jbvemz-58115a007ae8b95a57-00z; Domain=bit.ly; Expires=Sun, 28 Jun 2020 14:22:35 GMT
Via
1.1 google
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400
Requested by
Host: 7r6.com
URL: http://7r6.com/eWPTX-1
Protocol
HTTP/1.1
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
dc026efee3fb257f51e7e7ad8b3d2df4558a328b746252c568aaa10050e202af
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://7r6.com/eWPTX-1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 31 Dec 2019 14:22:35 GMT
Content-Encoding
gzip
Last-Modified
Tue, 31 Dec 2019 14:22:35 GMT
Server
ESF
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding
chunked
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection
0
Expires
Tue, 31 Dec 2019 14:22:35 GMT
styles.min.css
7r6.com/modern_theme/build/css/ 		187 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://7r6.com/modern_theme/build/css/styles.min.css?ver=6.3.0
Requested by
Host: 7r6.com
URL: http://7r6.com/eWPTX-1
Protocol
HTTP/1.1
Server
2606:4700:30::6812:3f03 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b386764e2b714f6fe617daaedd1946a7161fc2ae5f9bd0bf606f76287121ee1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://7r6.com/eWPTX-1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 31 Dec 2019 14:22:35 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
CF-Cache-Status
HIT
Age
2773
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 02 Sep 2019 21:32:44 GMT
Server
cloudflare
ETag
W/"2ec69-59198b6681dd4"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
max-age=14400
CF-RAY
54dce810ad6cc2e5-FRA
display.php
www.predictivdisplay.com/a/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.predictivdisplay.com/a/display.php?r=2344503
Requested by
Host: 7r6.com
URL: http://7r6.com/eWPTX-1
Protocol
HTTP/1.1
Server
35.190.50.89 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
89.50.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
ae0069f9d5d44701df27646e333c8474c53d215d6de5550030d3ae04207171c4

Request headers

Referer
http://7r6.com/eWPTX-1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 31 Dec 2019 14:22:35 GMT
Via
1.1 google
Referrer-Policy
no-referrer
Server
openresty
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Content-Encoding
gzip
Link
<//www.predictivdisplay.com>; rel=dns-prefetch,<//www.predictivdisplay.com>; rel=preconnect
1
native.propellerclick.com/ 		8 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://native.propellerclick.com/1?z=2620132&eid=
Requested by
Host: 7r6.com
URL: http://7r6.com/eWPTX-1
Protocol
HTTP/1.1
Server
88.85.66.163 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
ebc41cd8703a4b67c7802979274cd702baf1b4d0e01435d280c55bffed83198d

Request headers

Referer
http://7r6.com/eWPTX-1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Dec 2019 14:22:35 GMT
Content-Encoding
gzip
X-Sc
qKhCGOrYvxIZlIRyha4jUr9bDDf_Dh5WypwjNG4C20guKPCSj_HbLI3pT0U5GasMHZmOsPZKTswhkAFiyuhguai5SCE=
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
text/javascript
Access-Control-Allow-Origin
Access-Control-Expose-Headers
X-Sc
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Expires
Mon, 26 Jul 1997 05:00:00 GMT
apu.php
deloplen.com/ 		98 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://deloplen.com/apu.php?zoneid=2620135
Requested by
Host: 7r6.com
URL: http://7r6.com/eWPTX-1
Protocol
HTTP/1.1
Server
88.85.82.189 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
bd086405a719f0f50fba261ea9891e12cb6627bae00412f1f6a0d9bb476b2034
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://7r6.com/eWPTX-1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 31 Dec 2019 14:22:35 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
keep-alive
X-Trace-Id
a32775f91aa4de2cad5a92419ee7ff24
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=1
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Authorization
Cache-Control
no-transform, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
*, *
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
Expires
Tue, 11 Jan 1994 10:00:00 GMT
11198
presbanise.pw/rrzrEbvfFcH/ 		5 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://presbanise.pw/rrzrEbvfFcH/11198
Requested by
Host: 7r6.com
URL: http://7r6.com/eWPTX-1
Protocol
HTTP/1.1
Server
142.91.159.202 , Netherlands, ASN7979 (SERVERS - Servers.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a

Request headers

Referer
http://7r6.com/eWPTX-1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 31 Dec 2019 14:22:35 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
http://7r6.com
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Keep-Alive
timeout=20
ntfc.php
pushqwer.com/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pushqwer.com/ntfc.php?p=2620133
Requested by
Host: 7r6.com
URL: http://7r6.com/eWPTX-1
Protocol
HTTP/1.1
Server
78.140.191.85 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
64d8c805702fb471b2fa9519165481ff18ebdc984cc41f4f12f749ad7ce3519a

Request headers

Referer
http://7r6.com/eWPTX-1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Dec 2019 14:22:35 GMT
Content-Encoding
gzip
Content-Type
application/javascript; charset=utf-8
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Max-Age
86400
Cache-Control
private, max-age=0, no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires
Mon, 26 Jul 1997 05:00:00 GMT
ads.js
7r6.com/js/ 		191 B
645 B 		Script
General
Check archive.org
Download Go to
Full URL
http://7r6.com/js/ads.js
Requested by
Host: 7r6.com
URL: http://7r6.com/eWPTX-1
Protocol
HTTP/1.1
Server
2606:4700:30::6812:3f03 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
347f6365abfcb020615486b3d7e0a6021a507bc720e5fc70efb8bacce6a160ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://7r6.com/eWPTX-1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 31 Dec 2019 14:22:35 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
CF-Cache-Status
REVALIDATED
Last-Modified
Mon, 02 Sep 2019 21:32:35 GMT
Server
cloudflare
ETag
W/"bf-59198b5da44cb"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
54dce810bfb9c281-FRA
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
script.min.js
7r6.com/modern_theme/build/js/ 		202 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://7r6.com/modern_theme/build/js/script.min.js?ver=6.3.0
Requested by
Host: 7r6.com
URL: http://7r6.com/eWPTX-1
Protocol
HTTP/1.1
Server
2606:4700:30::6812:3f03 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
852593ea1830ce3d6821822385a17af199442f4938b588ed7c84942c351d9f16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://7r6.com/eWPTX-1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 31 Dec 2019 14:22:35 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
CF-Cache-Status
HIT
Age
2773
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 02 Sep 2019 21:32:59 GMT
Server
cloudflare
ETag
W/"32956-59198b7424268"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=14400
CF-RAY
54dce810bd9dc2e5-FRA
api.js
www.recaptcha.net/recaptcha/ 		797 B
841 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
Requested by
Host: 7r6.com
URL: http://7r6.com/eWPTX-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
81558315292f8e7bc161bb57bf26d2efe29ad87e92145e0d85e1797ea03aa4a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://7r6.com/eWPTX-1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 14:22:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
487
x-xss-protection
1; mode=block
expires
Tue, 31 Dec 2019 14:22:35 GMT
header.jpg
7r6.com/modern_theme/build/img/ 		80 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://7r6.com/modern_theme/build/img/header.jpg
Requested by
Host: 7r6.com
URL: http://7r6.com/eWPTX-1
Protocol
HTTP/1.1
Server
2606:4700:30::6812:3f03 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c8b1a83b2e623562fa3691de48714809313208b7a25b3940524a2e8bc4dfadc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://7r6.com/modern_theme/build/css/styles.min.css?ver=6.3.0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 31 Dec 2019 14:22:35 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
CF-Cache-Status
HIT
Age
2773
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 02 Sep 2019 21:32:53 GMT
Server
cloudflare
ETag
W/"13f48-59198b6f2a34b"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
max-age=14400
CF-RAY
54dce810ee08c2e5-FRA
7Auwp_0qiz-afTLGLQjUwkQ.woff2
fonts.gstatic.com/s/muli/v19/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/muli/v19/7Auwp_0qiz-afTLGLQjUwkQ.woff2
Requested by
Host: 7r6.com
URL: http://7r6.com/eWPTX-1
Protocol
HTTP/1.1
Server
2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
8a71c8749cc0bb450f96766d4cab3b2b9c4d5a9b30c3683f3a5863d8d2ed9c9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400
Origin
http://7r6.com

Response headers

Date
Thu, 05 Dec 2019 19:48:06 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 05 Dec 2019 19:00:42 GMT
Server
sffe
Age
2226869
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
24884
X-XSS-Protection
0
Expires
Fri, 04 Dec 2020 19:48:06 GMT
JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v14/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/montserrat/v14/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
Requested by
Host: 7r6.com
URL: http://7r6.com/eWPTX-1
Protocol
HTTP/1.1
Server
2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400
Origin
http://7r6.com

Response headers

Date
Fri, 22 Nov 2019 01:54:32 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 23 Jul 2019 03:46:48 GMT
Server
sffe
Age
3414483
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
13708
X-XSS-Protection
0
Expires
Sat, 21 Nov 2020 01:54:32 GMT
Cookie set display.php
www.predictivdisplay.com/a/ Frame 12F1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://www.predictivdisplay.com/a/display.php?r=2344503&treqn=334297044&runauction=1&crr=0061148f5fd3174a7381tHPhIy4i5qp75H7s_Kv6uuumunvmunfnvnProiKt883e641af22640da1706&rtid=5e0b59abaf68f&cbrandom=0.9172005367176101&cbtitle=R7%20UrlShort&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=earn%20money%2C%20short%20link%2C%20get%20paid&cbref=
Requested by
Host: www.predictivdisplay.com
URL: http://www.predictivdisplay.com/a/display.php?r=2344503
Protocol
HTTP/1.1
Server
35.190.50.89 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
89.50.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Host
www.predictivdisplay.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://7r6.com/eWPTX-1
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://7r6.com/eWPTX-1

Response headers

Server
openresty
Date
Tue, 31 Dec 2019 14:22:35 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
X-Robots-Tag
noindex
Cache-Control
no-store, no-cache, no-transform, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma
no-cache
Link
<//www.predictivdisplay.com>; rel=dns-prefetch,<//www.predictivdisplay.com>; rel=preconnect,<//rdtrck2.com>; rel=dns-prefetch,<//rdtrck2.com>; rel=preconnect
Set-Cookie
acnetwork=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
Referrer-Policy
no-referrer
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Content-Encoding
gzip
Via
1.1 google
Cookie set display.php
www.predictivdisplay.com/a/ Frame E9B4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://www.predictivdisplay.com/a/display.php?r=2344503&treqn=334297044&runauction=1&crr=0061148f5fd3174a7381tHPhIy4i5qp75H7s_Kv6uuumunvmunfnvnProiKt883e641af22640da1706&rtid=5e0b59abaf68f&cbrandom=0.03807202805906251&cbtitle=R7%20UrlShort&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=earn%20money%2C%20short%20link%2C%20get%20paid&cbref=
Requested by
Host: www.predictivdisplay.com
URL: http://www.predictivdisplay.com/a/display.php?r=2344503
Protocol
HTTP/1.1
Server
35.190.50.89 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
89.50.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Host
www.predictivdisplay.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://7r6.com/eWPTX-1
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://7r6.com/eWPTX-1

Response headers

Server
openresty
Date
Tue, 31 Dec 2019 14:22:35 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
X-Robots-Tag
noindex
Cache-Control
no-store, no-cache, no-transform, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma
no-cache
Link
<//www.predictivdisplay.com>; rel=dns-prefetch,<//www.predictivdisplay.com>; rel=preconnect,<//rdtrck2.com>; rel=dns-prefetch,<//rdtrck2.com>; rel=preconnect
Set-Cookie
acnetwork=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
Referrer-Policy
no-referrer
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Content-Encoding
gzip
Via
1.1 google
apu.php
deloplen.com/ 		98 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://deloplen.com/apu.php?zoneid=2620135
Requested by
Host: 7r6.com
URL: http://7r6.com/eWPTX-1
Protocol
HTTP/1.1
Server
88.85.82.189 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
bb145b5a0d84a0cc3470fac2d63d6e4d920d6b73f92fde47b77296a3f788eb8e
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://7r6.com/eWPTX-1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 31 Dec 2019 14:22:35 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
keep-alive
X-Trace-Id
5ecaa0b1a1597e2d8a1b075a31803807
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=1
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Authorization
Cache-Control
no-transform, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
*, *
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
Expires
Tue, 11 Jan 1994 10:00:00 GMT
compatibility.js
cdnondemand.org/script/ 		12 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdnondemand.org/script/compatibility.js
Requested by
Host: 7r6.com
URL: http://7r6.com/eWPTX-1
Protocol
HTTP/1.1
Server
2606:4700::6811:c66b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
424c22882d902d767bff802920ee13a2ad43a10a5d80933359e0908c38f9b75c

Request headers

Referer
http://7r6.com/eWPTX-1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 31 Dec 2019 14:22:35 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
1111
X-GUploader-UploadID
AEnB2UrgdZkOAbXMoCRAqD-fCeg-fPWRylx6iDgei-fLniXa5MbUK5gewwwYmSzIjS5gb0uarhpKONdXeeSy99W7wNsB8MIY1A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
Connection
keep-alive
Last-Modified
Thu, 14 Nov 2019 10:12:19 GMT
Server
cloudflare
ETag
W/"4798f8dea4e1699c741550414944af68"
Vary
Accept-Encoding
x-goog-hash
crc32c=bUD+ww==, md5=R5j43qThaZx0FVBBSUSvaA==
Content-Type
application/javascript
x-goog-generation
1573726339118281
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
x-goog-stored-content-length
12119
CF-RAY
54dce811ccabdff7-FRA
Expires
Tue, 31 Dec 2019 18:22:35 GMT
footer.jpg
7r6.com/modern_theme/build/img/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://7r6.com/modern_theme/build/img/footer.jpg
Requested by
Host: 7r6.com
URL: http://7r6.com/eWPTX-1
Protocol
HTTP/1.1
Server
2606:4700:30::6812:3f03 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
80c8b789ae1e5ea87c4c39c56405da83433fe91c902932801dfad54e3ecebc3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://7r6.com/modern_theme/build/css/styles.min.css?ver=6.3.0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 31 Dec 2019 14:22:35 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
CF-Cache-Status
HIT
Age
2773
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 02 Sep 2019 21:32:53 GMT
Server
cloudflare
ETag
W/"33fd-59198b6eaee9b"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
max-age=14400
CF-RAY
54dce811b871c2e5-FRA
fontawesome-webfont.woff2
7r6.com/modern_theme/build/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://7r6.com/modern_theme/build/fonts/fontawesome-webfont.woff2
Requested by
Host: 7r6.com
URL: http://7r6.com/eWPTX-1
Protocol
HTTP/1.1
Server
2606:4700:30::6812:3f03 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://7r6.com/modern_theme/build/css/styles.min.css?ver=6.3.0
Origin
http://7r6.com

Response headers

Date
Tue, 31 Dec 2019 14:22:35 GMT
X-Content-Type-Options
nosniff
CF-Cache-Status
HIT
Age
239
X-Cache
HIT from Backend
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
77160
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 02 Sep 2019 21:32:47 GMT
Server
cloudflare
ETag
"12d68-59198b6899845"
X-Frame-Options
SAMEORIGIN
Content-Type
font/woff2
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
54dce811baaac281-FRA
JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
Requested by
Host: 7r6.com
URL: http://7r6.com/eWPTX-1
Protocol
HTTP/1.1
Server
2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400
Origin
http://7r6.com

Response headers

Date
Thu, 21 Nov 2019 04:31:45 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 23 Jul 2019 03:47:06 GMT
Server
sffe
Age
3491450
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
13612
X-XSS-Protection
0
Expires
Fri, 20 Nov 2020 04:31:45 GMT
a5b56c645327406d879807dc1c521a37
native.propellerclick.com/27/ 		364 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://native.propellerclick.com/27/a5b56c645327406d879807dc1c521a37
Requested by
Host: native.propellerclick.com
URL: http://native.propellerclick.com/1?z=2620132&eid=
Protocol
HTTP/1.1
Server
88.85.66.163 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
6b280390969f61945ce02fde9420f6d8dffdf3d3154dea3d1184c689a99e6204
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://7r6.com/eWPTX-1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 31 Dec 2019 14:22:35 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 20 Dec 2019 06:30:01 GMT
Server
nginx
Strict-Transport-Security
max-age=1
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/javascript
Access-Control-Allow-Origin
Cache-Control
max-age:290304000, public
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Expires
Fri, 19 Jan 2080 06:30:01 GMT
38
native.propellerclick.com/42/ 		0
676 B 		Script
General
Check archive.org
Download Go to
Full URL
http://native.propellerclick.com/42/38?z=2620132
Requested by
Host: native.propellerclick.com
URL: http://native.propellerclick.com/1?z=2620132&eid=
Protocol
HTTP/1.1
Server
88.85.66.163 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://7r6.com/eWPTX-1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Dec 2019 14:22:35 GMT
Server
nginx
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
Access-Control-Expose-Headers
X-Sc
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Content-Length
0
Expires
Mon, 26 Jul 1997 05:00:00 GMT
fac.php
deloplen.com/ Frame 993E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://deloplen.com/fac.php
Requested by
Host: deloplen.com
URL: http://deloplen.com/apu.php?zoneid=2620135
Protocol
HTTP/1.1
Server
88.85.82.189 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Host
deloplen.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://7r6.com/eWPTX-1
Accept-Encoding
gzip, deflate
Cookie
OAID=9f871b6533794219a9bb7fe0217b70f2; oaidts=1577802155
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://7r6.com/eWPTX-1

Response headers

Server
nginx
Date
Tue, 31 Dec 2019 14:22:35 GMT
Content-Type
text/html; charset=utf8
Content-Length
197
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding
Pragma
no-cache
Cache-Control
no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires
Tue, 11 Jan 1994 10:00:00 GMT
X-Trace-Id
6cf2500aa6620c060f742fd1c51ddd5e
Strict-Transport-Security
max-age=1
X-Content-Type-Options
nosniff
Timing-Allow-Origin
*
ntfc.php
pushqwer.com/ 		121 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pushqwer.com/ntfc.php?p=2620133&r=ui&swver=3.1.142
Requested by
Host: pushqwer.com
URL: http://pushqwer.com/ntfc.php?p=2620133
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
78.140.191.85 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
46f6b93ff5d6c80a7250bce191aa1a70051a3e6e6e6654a04062235e0a9b8598

Request headers

Referer
http://7r6.com/eWPTX-1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 31 Dec 2019 14:22:35 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript; charset=utf-8
Access-Control-Max-Age
86400
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
recaptcha__en.js
www.gstatic.com/recaptcha/releases/mhgGrlTs_PbFQOW4ejlxlxZn/ 		254 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/mhgGrlTs_PbFQOW4ejlxlxZn/recaptcha__en.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
c2cca14e4dbf2994f90b91ef01ec4d6eb6b560b429d028317d624d9b5f4bdcb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://7r6.com/eWPTX-1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 19 Dec 2019 18:22:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 09 Dec 2019 05:03:14 GMT
server
sffe
age
1022394
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
92878
x-xss-protection
0
expires
Fri, 18 Dec 2020 18:22:41 GMT
Cookie set identify.html
ufpcdn.com/script/ Frame 7CE7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://ufpcdn.com/script/identify.html?frmt=0
Requested by
Host: 7r6.com
URL: http://7r6.com/eWPTX-1
Protocol
HTTP/1.1
Server
2606:4700:30::6812:3647 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Host
ufpcdn.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://7r6.com/eWPTX-1
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://7r6.com/eWPTX-1

Response headers

Date
Tue, 31 Dec 2019 14:22:36 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d7a9a2ada3d3b55b4aa9a1a60a352a4b31577802155; expires=Thu, 30-Jan-20 14:22:35 GMT; path=/; domain=.ufpcdn.com; HttpOnly; SameSite=Lax
Last-Modified
Tue, 15 May 2018 06:39:25 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
54dce812d86cdff7-FRA
Content-Encoding
gzip
fac.php
deloplen.com/ Frame E8E3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://deloplen.com/fac.php
Requested by
Host: deloplen.com
URL: http://deloplen.com/apu.php?zoneid=2620135
Protocol
HTTP/1.1
Server
88.85.82.189 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Host
deloplen.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://7r6.com/eWPTX-1
Accept-Encoding
gzip, deflate
Cookie
OAID=9f871b6533794219a9bb7fe0217b70f2; oaidts=1577802155
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://7r6.com/eWPTX-1

Response headers

Server
nginx
Date
Tue, 31 Dec 2019 14:22:36 GMT
Content-Type
text/html; charset=utf8
Content-Length
197
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding
Pragma
no-cache
Cache-Control
no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires
Tue, 11 Jan 1994 10:00:00 GMT
X-Trace-Id
b300f6079b45eb7b046f43b4717c0aa3
Strict-Transport-Security
max-age=1
X-Content-Type-Options
nosniff
Timing-Allow-Origin
*
14
native.propellerclick.com/ 		12 B
893 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://native.propellerclick.com/14?rnd=3250245269&z=2620132&tp=zone
Requested by
Host: native.propellerclick.com
URL: http://native.propellerclick.com/27/a5b56c645327406d879807dc1c521a37
Protocol
HTTP/1.1
Server
88.85.66.163 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
7f4762beb1ecd3754bf7de79546042a1a61766c85189e05d413d2da06c740670

Request headers

Referer
http://7r6.com/eWPTX-1
Origin
http://7r6.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Tue, 31 Dec 2019 14:22:36 GMT
X-Sc
yJfHxI84j8CVyvJqgmVkqqEskUV0GsmOM7agOq0wtOaH8Ul-VNlOG_Al6yiG8Gu6e6StuaHKnt6XDgIXqrADzaqFPpo=
Server
nginx
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/json
Access-Control-Allow-Origin
http://7r6.com
Access-Control-Expose-Headers
X-Sc
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Content-Length
12
Expires
Mon, 26 Jul 1997 05:00:00 GMT
9
native.propellerclick.com/ 		0
482 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://native.propellerclick.com/9?z=2620132&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1600&sh=1200&pl=http%3A%2F%2F7r6.com%2FeWPTX-1&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=7&sah=1200&drf=&hil=2&ist=0
Requested by
Host: native.propellerclick.com
URL: http://native.propellerclick.com/27/a5b56c645327406d879807dc1c521a37
Protocol
HTTP/1.1
Server
88.85.66.163 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
http://7r6.com
Referer
http://7r6.com/eWPTX-1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Pragma
no-cache
Date
Tue, 31 Dec 2019 14:22:36 GMT
Server
nginx
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
http://7r6.com
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Expires
Mon, 26 Jul 1997 05:00:00 GMT
suurl.php
onclicksuper.com/script/ 		0
0
chrome.js
cdnondemand.org/script/ 		18 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdnondemand.org/script/chrome.js
Requested by
Host: 7r6.com
URL: http://7r6.com/eWPTX-1
Protocol
HTTP/1.1
Server
2606:4700::6811:c66b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd185dfbf9ab9c108d634166de89aed49aa428db7b7a50d7eb8e23faf81196ca

Request headers

Referer
http://7r6.com/eWPTX-1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 31 Dec 2019 14:22:36 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
2610
X-GUploader-UploadID
AEnB2Uq3O7XRoRoYiBT_l696OXBYFXNchowmoGIchLVozs4yI39_mU1QgfdM2MB6RVi3gMku5EGF0pkGjKhfWM9CLjFwOyr9wg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
Connection
keep-alive
Last-Modified
Thu, 31 Oct 2019 10:14:31 GMT
Server
cloudflare
ETag
W/"2990eae17895f67de9f4fbca62475041"
Vary
Accept-Encoding
x-goog-hash
crc32c=hVwIww==, md5=KZDq4XiV9n3p9PvKYkdQQQ==
Content-Type
application/javascript
x-goog-generation
1572516871888329
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
x-goog-stored-content-length
18777
CF-RAY
54dce8141cbddff7-FRA
Expires
Tue, 31 Dec 2019 18:22:36 GMT
anchor
www.google.com/recaptcha/api2/ Frame 31CD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfxmIcUAAAAAJeWRBIQSR_fckBSYUcmXVOeqJ97&co=aHR0cDovLzdyNi5jb206ODA.&hl=en&v=mhgGrlTs_PbFQOW4ejlxlxZn&size=normal&cb=xjar62be2gj4
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/mhgGrlTs_PbFQOW4ejlxlxZn/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Q2mudCS7GV/St8QQiNDT4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LfxmIcUAAAAAJeWRBIQSR_fckBSYUcmXVOeqJ97&co=aHR0cDovLzdyNi5jb206ODA.&hl=en&v=mhgGrlTs_PbFQOW4ejlxlxZn&size=normal&cb=xjar62be2gj4
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
http://7r6.com/eWPTX-1
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://7r6.com/eWPTX-1

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 31 Dec 2019 14:22:36 GMT
content-security-policy
script-src 'report-sample' 'nonce-Q2mudCS7GV/St8QQiNDT4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
8641
server
GSE
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
9
native.propellerclick.com/ 		0
717 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://native.propellerclick.com/9?z=2620132&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1600&sh=1200&pl=http%3A%2F%2F7r6.com%2FeWPTX-1&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=7&sah=1200&drf=&hil=2&ist=0
Requested by
Host: 7r6.com
URL: http://7r6.com/eWPTX-1
Protocol
HTTP/1.1
Server
88.85.66.163 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://7r6.com/eWPTX-1
Origin
http://7r6.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

Pragma
no-cache
Date
Tue, 31 Dec 2019 14:22:36 GMT
Server
nginx
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/javascript
Access-Control-Allow-Origin
http://7r6.com
Access-Control-Expose-Headers
X-Sc
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Expires
Mon, 26 Jul 1997 05:00:00 GMT
custom
pushqwer.com/ 		0
454 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pushqwer.com/custom
Requested by
Host: pushqwer.com
URL: https://pushqwer.com/ntfc.php?p=2620133&r=ui&swver=3.1.142
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
78.140.191.85 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
http://7r6.com
Referer
http://7r6.com/eWPTX-1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Date
Tue, 31 Dec 2019 14:22:38 GMT
Server
nginx
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
http://7r6.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
0
gid.js
my.rtmark.net/ 		65 B
764 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=52e8000f0f3215051dfd6a1ad2804f32&zoneId=2620133&checkDuplicate=true&ymid=&var=
Requested by
Host: pushqwer.com
URL: https://pushqwer.com/ntfc.php?p=2620133&r=ui&swver=3.1.142
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
188.42.160.59 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
08cc595c7707d2db1cc19457ff33ac46cdea7676c3b56a5d996434af1e9e5934
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://7r6.com/eWPTX-1
Origin
http://7r6.com

Response headers

Date
Tue, 31 Dec 2019 14:22:38 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://7r6.com
Access-Control-Expose-Headers
Authorization
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*, *
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
Content-Length
65
bframe
www.google.com/recaptcha/api2/ Frame 79ED 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=mhgGrlTs_PbFQOW4ejlxlxZn&k=6LfxmIcUAAAAAJeWRBIQSR_fckBSYUcmXVOeqJ97&cb=161noudtfqlk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/mhgGrlTs_PbFQOW4ejlxlxZn/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Jp8TqVy8ZAkAxdkPE0Fc3g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=en&v=mhgGrlTs_PbFQOW4ejlxlxZn&k=6LfxmIcUAAAAAJeWRBIQSR_fckBSYUcmXVOeqJ97&cb=161noudtfqlk
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
http://7r6.com/eWPTX-1
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://7r6.com/eWPTX-1

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 31 Dec 2019 14:22:36 GMT
content-security-policy
script-src 'report-sample' 'nonce-Jp8TqVy8ZAkAxdkPE0Fc3g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1116
server
GSE
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
truncated
/ Frame D961 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ad770f7303d5654daf4d143d7b1b3bb746700bc1333497c9744f4f03ce42b91

Request headers

Referer
http://7r6.com/eWPTX-1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
custom
pushqwer.com/ 		0
454 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pushqwer.com/custom
Requested by
Host: pushqwer.com
URL: https://pushqwer.com/ntfc.php?p=2620133&r=ui&swver=3.1.142
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
78.140.191.85 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
http://7r6.com
Referer
http://7r6.com/eWPTX-1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Date
Tue, 31 Dec 2019 14:22:38 GMT
Server
nginx
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
http://7r6.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
0
custom
pushqwer.com/ 		39 B
481 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pushqwer.com/custom
Requested by
Host: 7r6.com
URL: http://7r6.com/eWPTX-1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
78.140.191.85 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://7r6.com/eWPTX-1
Origin
http://7r6.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

X-Trace-Id
2603e78d06d30737cf1b98114f9eb60b
Date
Tue, 31 Dec 2019 14:22:38 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://7r6.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
39
custom
pushqwer.com/ 		39 B
481 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pushqwer.com/custom
Requested by
Host: 7r6.com
URL: http://7r6.com/eWPTX-1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
78.140.191.85 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://7r6.com/eWPTX-1
Origin
http://7r6.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

X-Trace-Id
90dd1ed0fa125d396adb9d804868d3ce
Date
Tue, 31 Dec 2019 14:22:38 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://7r6.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
39

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
onclicksuper.com
URL
http://onclicksuper.com/script/suurl.php?r=2351831&cbrandom=0.781789875867519&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=R7%20UrlShort&cbref=&cbdescription=&cbkeywords=earn%20money%2C%20short%20link%2C%20get%20paid&cbcdn=cdnondemand.org&ufp=162245423912844451131334508328

Verdicts & Comments Add Verdict or Comment

104 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| inIframe function| checkDocumentBody function| documentAsyncWriteElementFromHtml function| ReopenUrlBuilder object| browser object| builder string| url string| content object| adcashMacros object| zoneSett object| urls object| _0x7894 function| acPrefetch object| CTABPu string| bTuOoHPZywis string| FPUMNQEAQr number| IuPgcUihjG number| EqztQcTVfE number| RPoKMiVYsh number| PyVqnKoGNc function| VMgmBjwVUD object| UbVhPlxXgr number| c2 number| c1 object| asbIIAe7RuYv function| huZJsyZuBD object| zfgformats boolean| zfgloadednative boolean| _retranberw string| k object| _5nxqpq7w01m function| onClickTrigger boolean| zfgloadedpopup string| optionsAxXB324Fe string| laryAxXB324Fe boolean| zfgloadedpushopt object| app_vars object| e object| wow function| fixHeight undefined| captchaShort undefined| captchaContact undefined| captchaSignin undefined| captchaSignup undefined| captchaForgotpassword number| captchaShortlink undefined| invisibleCaptchaShort undefined| invisibleCaptchaContact undefined| invisibleCaptchaSignin undefined| invisibleCaptchaSignup undefined| invisibleCaptchaForgotpassword undefined| invisibleCaptchaShortlink function| onloadRecaptchaCallback function| setCookie function| getCookie object| go_popup function| checkAdblockUser function| checkAdsbypasserUser function| checkPrivateMode object| body string| ad_type object| counter_start_object undefined| selectedTab undefined| clipboard function| setTooltip function| cookie_accept function| $ function| jQuery function| WOW function| ClipboardJS object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client object| _0x9379 function| ufpAttach object| CTAMAT object| adcashUfp object| _rqhxxguzfar object| regeneratorRuntime object| __core-js_shared__ object| core function| setImmediate function| clearImmediate boolean| _babelPolyfill function| _retranber function| _o405vt object| _0x1638 function| _0x38b6 object| ntfcSDK object| recaptcha object| closure_lm_799654 boolean| installOnFly boolean| zfgloadedpush boolean| zfgloadedpushcode object| _0x10e2 object| Cnac object| stamat function| NqPnfu2649641764881878 function| NqPnfu object| NqpnfuVfNOrggreArgjbex boolean| _0x90aa object| onClickExcludes

0 Cookies

4 Console Messages

Source Level URL
Text
console-api warning URL: https://pushqwer.com/ntfc.php?p=2620133&r=ui&swver=3.1.142(Line 1)
Message:
undefined
console-api warning URL: https://pushqwer.com/ntfc.php?p=2620133&r=ui&swver=3.1.142(Line 1)
Message:
TypeError: Cannot read property 'getItem' of null
console-api warning URL: https://pushqwer.com/ntfc.php?p=2620133&r=ui&swver=3.1.142(Line 1)
Message:
TypeError: Cannot read property 'getItem' of null
console-api log URL: https://pushqwer.com/ntfc.php?p=2620133&r=ui&swver=3.1.142(Line 1)
Message:
Error: TIMEOUT_ERROR

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7r6.com
bit.ly
cdnondemand.org
deloplen.com
fonts.googleapis.com
fonts.gstatic.com
my.rtmark.net
native.propellerclick.com
onclicksuper.com
presbanise.pw
pushqwer.com
ufpcdn.com
www.google.com
www.gstatic.com
www.predictivdisplay.com
www.recaptcha.net
onclicksuper.com
142.91.159.202
188.42.160.59
2606:4700:30::6812:3647
2606:4700:30::6812:3f03
2606:4700::6811:c66b
2a00:1450:4001:800::2003
2a00:1450:4001:806::2003
2a00:1450:4001:809::200a
2a00:1450:4001:817::2003
2a00:1450:4001:820::2004
35.190.50.89
67.199.248.11
78.140.191.85
88.85.66.163
88.85.82.189
08cc595c7707d2db1cc19457ff33ac46cdea7676c3b56a5d996434af1e9e5934
0ad770f7303d5654daf4d143d7b1b3bb746700bc1333497c9744f4f03ce42b91
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
0d84a1e1a2839eaab9e463d40e593ab689a21d533465bf71352bd834fb9da91a
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
347f6365abfcb020615486b3d7e0a6021a507bc720e5fc70efb8bacce6a160ca
424c22882d902d767bff802920ee13a2ad43a10a5d80933359e0908c38f9b75c
46f6b93ff5d6c80a7250bce191aa1a70051a3e6e6e6654a04062235e0a9b8598
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
64d8c805702fb471b2fa9519165481ff18ebdc984cc41f4f12f749ad7ce3519a
6b280390969f61945ce02fde9420f6d8dffdf3d3154dea3d1184c689a99e6204
6c8b1a83b2e623562fa3691de48714809313208b7a25b3940524a2e8bc4dfadc
7f4762beb1ecd3754bf7de79546042a1a61766c85189e05d413d2da06c740670
80c8b789ae1e5ea87c4c39c56405da83433fe91c902932801dfad54e3ecebc3b
81558315292f8e7bc161bb57bf26d2efe29ad87e92145e0d85e1797ea03aa4a7
852593ea1830ce3d6821822385a17af199442f4938b588ed7c84942c351d9f16
8a71c8749cc0bb450f96766d4cab3b2b9c4d5a9b30c3683f3a5863d8d2ed9c9a
ae0069f9d5d44701df27646e333c8474c53d215d6de5550030d3ae04207171c4
b386764e2b714f6fe617daaedd1946a7161fc2ae5f9bd0bf606f76287121ee1d
bb145b5a0d84a0cc3470fac2d63d6e4d920d6b73f92fde47b77296a3f788eb8e
bd086405a719f0f50fba261ea9891e12cb6627bae00412f1f6a0d9bb476b2034
c2cca14e4dbf2994f90b91ef01ec4d6eb6b560b429d028317d624d9b5f4bdcb0
cd185dfbf9ab9c108d634166de89aed49aa428db7b7a50d7eb8e23faf81196ca
d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a
dc026efee3fb257f51e7e7ad8b3d2df4558a328b746252c568aaa10050e202af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebc41cd8703a4b67c7802979274cd702baf1b4d0e01435d280c55bffed83198d
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881