xuserpremium.com Open in urlscan Pro
2606:4700:3035::6815:35fe  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://cutt.us/R5LqQ Page URL
2. https://xpremiumuser.com/givenitro Page URL
3. https://xuserpremium.com/givenitro Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	R5LqQ Show response cutt.us/	3 KB 2 KB	272ms 35ms	Document text/html	69.61.26.121 GLOBALCOMPASS
General Check archive.org Show headers Download Go to Full URL https://cutt.us/R5LqQ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.61.26.121 Atlanta, United States, ASN22653 (GLOBALCOMPASS, US), Reverse DNS Software Hotcores.com / Resource Hash a4c75bf335e15bcfa3cee48e8d01cc7988f616d21d6fbdfd3683d4d281ca88fd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Cache-Control no-cache, must-revalidate, max-age=0 Connection keep-alive Content-Encoding gzip Content-Type text/html; Charset=UTF-8;charset=UTF-8 Date Mon, 10 Jul 2023 00:25:01 GMT I-AM Alpha Pragma no-cache Server Hotcores.com Strict-Transport-Security max-age=31536000; includeSubdomains; Transfer-Encoding chunked Vary Accept-Encoding X-Robots-Tag noindex, nofollow
GET H2	200	gpt.js Show response www.googletagservices.com/tag/js/	75 KB 26 KB	59ms 30ms	Script text/javascript	2607:f8b0:4006:817::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: cutt.us URL: https://cutt.us/R5LqQ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:817::2002 Flushing, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 6881a82b8a218045039d364cd728644890ca74f2811017db7f9403c6ec6c4dbe Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://cutt.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 10 Jul 2023 00:31:37 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 25800 x-xss-protection 0 server cafe etag 124 / 19548 / 31075865 / config-hash: 12381638052069933206 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Mon, 10 Jul 2023 00:31:37 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	177 KB 65 KB	72ms 47ms	Script application/javascript	2607:f8b0:4006:821::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-31510493-1 Requested by Host: cutt.us URL: https://cutt.us/R5LqQ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:821::2008 Flushing, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e632e7754a535f8b6b99683fd6c202b310ca18edae62f67d635ed883467e516a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://cutt.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 10 Jul 2023 00:31:37 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 65791 x-xss-protection 0 last-modified Mon, 10 Jul 2023 00:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 10 Jul 2023 00:31:37 GMT
GET H2	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307050101/	392 KB 125 KB	42ms 4ms	Script text/javascript	2607:f8b0:4006:824::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307050101/pubads_impl.js?cb=31075865 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0407c967f9b56d97e40232370eda7a905d27c980d1ddcfdf55c719bae9c3b444 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://cutt.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sun, 09 Jul 2023 15:36:32 GMT content-encoding br x-content-type-options nosniff age 32105 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 127640 x-xss-protection 0 server cafe etag 3200400604667924725 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Mon, 08 Jul 2024 15:36:32 GMT
GET H2	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	29 B 574 B	55ms 21ms	XHR application/json	2607:f8b0:4006:824::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=cutt.us Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9485e103a1f890385ba2aeab76aa5b1c5adcb872527ea4ad64492edc137a4814 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://cutt.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 10 Jul 2023 00:31:37 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 32 x-xss-protection 0 expires Mon, 10 Jul 2023 00:31:37 GMT
GET H2	200	js www.googletagmanager.com/gtag/	215 KB 76 KB	50ms 47ms	Script application/javascript	2607:f8b0:4006:821::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-ZBQ2JYBBZ5&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-31510493-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:821::2008 Flushing, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://cutt.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 10 Jul 2023 00:31:37 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 77895 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 10 Jul 2023 00:31:37 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	38ms 7ms	Script text/javascript	2607:f8b0:4006:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-31510493-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80f::200e Flushing, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://cutt.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Mon, 10 Jul 2023 00:11:08 GMT last-modified Mon, 12 Jun 2023 18:23:07 GMT server Golfe2 age 1229 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Mon, 10 Jul 2023 02:11:08 GMT
GET H2	200	integrator.js adservice.google.com/adsid/	107 B 456 B	296ms 24ms	Script application/javascript	2607:f8b0:4006:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=cutt.us Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307050101/pubads_impl.js?cb=31075865 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80b::2002 Flushing, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://cutt.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 10 Jul 2023 00:31:37 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H2	200	ads securepubads.g.doubleclick.net/gampad/	665 B 698 B	52ms 51ms	XHR text/plain	2607:f8b0:4006:824::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2284219942650528&correlator=3084494947830663&eid=31075865&output=ldjh&gdfp_req=1&vrg=202307050101&ptt=17&impl=fif&iu_parts=5837603%2CCutt_360&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x360&ifi=1&adks=1933368604&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1688949097301&lmt=1688949097&dlt=1688949097053&idt=179&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fcutt.us%2FR5LqQ&frm=20&vis=1&psz=300x63&msz=0x0&fws=128&ohw=0&ga_vid=1535837765.1688949097&ga_sid=1688949097&ga_hid=749278648&ga_fc=false Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307050101/pubads_impl.js?cb=31075865 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://cutt.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 10 Jul 2023 00:31:37 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 332 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://cutt.us cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html 0540cf2ec8b8aa1ca8076f4f8e51b3fc.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6BB7	6 KB 3 KB	60ms 24ms	Document text/html	2607:f8b0:4006:817::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://0540cf2ec8b8aa1ca8076f4f8e51b3fc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307050101/pubads_impl.js?cb=31075865 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://cutt.us/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Mon, 10 Jul 2023 00:31:37 GMT expires Tue, 09 Jul 2024 00:31:37 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
POST H2	200	collect www.google-analytics.com/j/	1 B 200 B	22ms 21ms	XHR text/plain	2607:f8b0:4006:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=749278648&t=pageview&_s=1&dl=https%3A%2F%2Fcutt.us%2FR5LqQ&ul=en-us&de=UTF-8&dt=R5LqQ&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAI~&jid=1687921104&gjid=239996310&cid=1535837765.1688949097&tid=UA-31510493-1&_gid=740256541.1688949097&_r=1&gtm=457e3750&jsscut=1&z=2107579240 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80f::200e Flushing, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://cutt.us/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 10 Jul 2023 00:31:37 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://cutt.us cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	collect www.google-analytics.com/g/	0 17 B	18ms 17ms	Ping text/plain	2607:f8b0:4006:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-ZBQ2JYBBZ5&gtm=45je3750&_p=749278648&cid=1535837765.1688949097&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1688949097&sct=1&seg=0&dl=https%3A%2F%2Fcutt.us%2FR5LqQ&dt=R5LqQ&en=page_view&_fv=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-ZBQ2JYBBZ5&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80f::200e Flushing, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers accept-language en-US,en;q=0.9 Referer https://cutt.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Mon, 10 Jul 2023 00:31:37 GMT server Golfe2 content-type text/plain access-control-allow-origin https://cutt.us cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	givenitro xpremiumuser.com/	85 B 397 B	1655ms 120ms	Document text/html	185.106.93.4 GALAXY-AS
General Check archive.org Show headers Download Go to Full URL https://xpremiumuser.com/givenitro Requested by Host: cutt.us URL: https://cutt.us/R5LqQ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.106.93.4 Moscow Oblast, Russian Federation, ASN211409 (GALAXY-AS, RU), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash Request headers Referer https://cutt.us/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Access-Control-Allow-Headers * Connection keep-alive Content-Encoding gzip Content-Type text/html Date Mon, 10 Jul 2023 00:31:39 GMT ETag W/"64a9bbab-55" Last-Modified Sat, 08 Jul 2023 19:40:27 GMT Server nginx/1.18.0 (Ubuntu) Transfer-Encoding chunked
GET H2	200	sodar pagead2.googlesyndication.com/getconfig/	15 KB 12 KB	63ms 33ms	XHR application/json	2607:f8b0:4006:807::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307050101&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307050101/pubads_impl.js?cb=31075865 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:807::2002 Flushing, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://cutt.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 10 Jul 2023 00:31:37 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11825 x-xss-protection 0
GET H2	200	sodar2.js tpc.googlesyndication.com/sodar/	17 KB 7 KB	67ms 65ms	Script text/javascript	2607:f8b0:4006:817::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307050101/pubads_impl.js?cb=31075865 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://cutt.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 10 Jul 2023 00:31:37 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Mon, 10 Jul 2023 00:31:37 GMT
GET H2	200	runner.html tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5C3A	13 KB 5 KB	9ms 8ms	Document text/html	2607:f8b0:4006:817::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://cutt.us/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes age 29711 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Sun, 09 Jul 2023 16:16:26 GMT expires Mon, 08 Jul 2024 16:16:26 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe www.google.com/recaptcha/api2/ Frame C0C3	783 B 1 KB	84ms 26ms	Document text/html	2607:f8b0:4006:816::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:816::2004 Flushing, United States, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-fDvDnxNGE7yPhrWBXaoYsg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://cutt.us/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-length 512 content-security-policy script-src 'report-sample' 'nonce-fDvDnxNGE7yPhrWBXaoYsg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Mon, 10 Jul 2023 00:31:37 GMT expires Mon, 10 Jul 2023 00:31:37 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js pagead2.googlesyndication.com/bg/ Frame 5C3A	37 KB 14 KB	16ms 4ms	Script text/javascript	2607:f8b0:4006:807::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:807::2002 Flushing, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sun, 09 Jul 2023 01:57:26 GMT content-encoding br x-content-type-options nosniff age 81251 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14698 x-xss-protection 0 last-modified Mon, 26 Jun 2023 15:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 08 Jul 2024 01:57:26 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame C0C3	0 0	33ms 32ms	Image text/html	2607:f8b0:4006:807::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307050101&jk=2284219942650528&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:807::2002 Flushing, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers accept-language en-US,en;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 5C3A	0 10 B	5ms 5ms	Image text/plain	2607:f8b0:4006:817::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?liH4kg Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers accept-language en-US,en;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 10 Jul 2023 00:31:38 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	33ms 33ms	Image text/html	2607:f8b0:4006:807::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307050101&jk=2284219942650528&bg=!goGlgdXNAAb90kgr3dI7ADkAdvg8Wv6lrVPknZ-DdBOI4gCgD_xKDVg6WaFN9tgpFJ1yGco3xRPy86qqYGzoFxpyBhYF44G2DwICAAACQ1IAAAAZaAEHmQKTCIBGwsBA9xMO6W4QFdfk6lmaOvB4iPTZxp6V3k5TE1MDvUWcAXKplCIDuNS_MhMpndlAoP8sPBQlUBkp6Mb65aSlYVDqip53fT33a6RwqWF4bWZuv1-ZJLxGReRBNhKnT4dm9EOrYHiFHdl0Ts0cUwEaEIU4EyYXiGTkmVdvkFj-Qa_nemkljilI7awkrYTNZn1Tz1sYUvMb67DKsY5Z_hk3ObZnKAfD1pN5LLcPG_Rc9zqF7iPod6DAwfLEDIcFXKatu6LW669xWegpRKX6PvgVWG19tzNepnclRTeSUXAf__GWXcpNUmPgO1WE18aSzdKZV9r8w53_7ipDZsAFAzPc-mlALixpNV2nvqcbxU8Qi02xBLLhvqYFGSobmHST38mEUdZDDG7bFcLE-8G1frCM6YH3jipeWpvQc3l-iVAB9cr4WTG9pY7kKYxsHiIZJoIH_VrxIZqzRLz_GoPhg8mn9K_hvuCk3pzoljJabIbrDR_S_ARzCQFYdd_iPpS7GYPupWE1Dt2R0LlfSnnSsMVrYdxOQFqoH6E46qOSqmU79TcsgQ4GGJZHcIns9oxe-q4ykA-nC-XxJp6MrmUNB3EBrzkrbIpv2DZS1ueedGplpcdqyBf6p1fNIuBQvpa2a8OtLUfQtVY0lJrYVUDHUo1g6G69_mdz6dd6nOBssx9jIUiRaky41iyIsEmbYAxvC7VfnYF2qmBHf7a-hR8pJdNgwjGG8epbjuriTFGdrAp234oNqtDy3s-yLhZYVUSMZK8ihKgVtF2O44QJyR4rLR_sy9suRJymQa7MExk0MA9vzp8hQPbWgz7JANyzkpofVkpOiUrAIrUHOASUOIK2DiztT1BjZcppBDWokD2PIXdZy_4 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:807::2002 Flushing, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers accept-language en-US,en;q=0.9 Referer https://cutt.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers
POST		collect www.google-analytics.com/g/	0 0
GET H2	200	Primary Request givenitro Show response xuserpremium.com/	15 KB 5 KB	312ms 249ms	Document text/html	2606:4700:3035::6815:35fe CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xuserpremium.com/givenitro Requested by Host: xpremiumuser.com URL: https://xpremiumuser.com/givenitro Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:35fe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2d5502da509399119d872d8fe6278356e1baf8b5e60ea1fc8450863821cbe621 Request headers Referer https://xpremiumuser.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language en-US,en;q=0.9 Response headers access-control-allow-headers * alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7e44b47f4efa4291-EWR content-encoding br content-type text/html date Mon, 10 Jul 2023 00:31:39 GMT last-modified Sat, 08 Jul 2023 15:25:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zbAhKLQUbiG18tpBpVLdaoFUy%2B7MI9dN%2FFKkWRX7m7mTaVLvOxvy9vZ5LbL8nSgXAWvsLjtL7wrF0nOejjrA2qDTD8p6APMVg1HCwRjbVPtRSmI7eQZO%2FhEsusSOExtjivIG88c6rtlbzrgZcR6K"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	200	5c957a62d16168b4174fadb7835cd9f9ca63c7c75f10.css xuserpremium.com/6647bbb7e960e5931770c3283428f6242bd738fcaad9/	20 KB 6 KB	259ms 244ms	Stylesheet text/css	2606:4700:3035::6815:35fe CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xuserpremium.com/6647bbb7e960e5931770c3283428f6242bd738fcaad9/5c957a62d16168b4174fadb7835cd9f9ca63c7c75f10.css Requested by Host: xuserpremium.com URL: https://xuserpremium.com/givenitro Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:35fe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e72bfd5b2451298de330b65ffbf950c8f830c5d373435f26fce733e1264bef5d Request headers accept-language en-US,en;q=0.9 Referer https://xuserpremium.com/givenitro User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 10 Jul 2023 00:31:39 GMT content-encoding br cf-cache-status REVALIDATED last-modified Sat, 04 Jun 2022 16:46:02 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"629b8c4a-510d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o1mft3aybiUqHoYcTZSSOTxqa%2BihkIY0gIepZJIZ9uSJNdER5iCWBBuA2MvzHYE0Uyucl9T4fLS6Z4GYDwwrd6LjqpDIJoNaYLLnLZ2voLg14FacoqBIhOxaevGZ%2BtC61%2BD6aSBo7u9AOQ%2B%2BSsmp"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7e44b481090f4291-EWR access-control-allow-headers * alt-svc h3=":443"; ma=86400
GET H2	200	19b1da0eece9ed94f2c38d5934446aaff44b6789eba1.css xuserpremium.com/6647bbb7e960e5931770c3283428f6242bd738fcaad9/	75 KB 18 KB	266ms 252ms	Stylesheet text/css	2606:4700:3035::6815:35fe CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xuserpremium.com/6647bbb7e960e5931770c3283428f6242bd738fcaad9/19b1da0eece9ed94f2c38d5934446aaff44b6789eba1.css Requested by Host: xuserpremium.com URL: https://xuserpremium.com/givenitro Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:35fe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c2815908a70bff8204d9c9dc034dd649f3f560a90112b11ddd5e0e53583bd39c Request headers accept-language en-US,en;q=0.9 Referer https://xuserpremium.com/givenitro User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 10 Jul 2023 00:31:39 GMT content-encoding br cf-cache-status REVALIDATED last-modified Mon, 14 Feb 2022 14:17:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"620a6494-12d95" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R4rArqdKc2pfb2lD3KiB5WdSLwwAxu%2F1TLVZXL%2FxLreDUeV%2Fof8uP6jy4qVbMIFS6JCrNDW64YZCm%2BZzVRu34TDvPW8rfgUTsS4kXDZezNNzLACzEtRIUdWffU7AZn6%2BH8AfgniIYCn2qwJHJleR"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7e44b48109134291-EWR access-control-allow-headers * alt-svc h3=":443"; ma=86400
GET H2	200	a3851da56ed9fca672267b618c9cff42d18e58464db4.css xuserpremium.com/6647bbb7e960e5931770c3283428f6242bd738fcaad9/	20 KB 4 KB	265ms 251ms	Stylesheet text/css	2606:4700:3035::6815:35fe CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xuserpremium.com/6647bbb7e960e5931770c3283428f6242bd738fcaad9/a3851da56ed9fca672267b618c9cff42d18e58464db4.css Requested by Host: xuserpremium.com URL: https://xuserpremium.com/givenitro Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:35fe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dbdcded3c4261a3c9d79cb3cf9e641744ad1f2db504690f3a1a06f6b3893dda4 Request headers accept-language en-US,en;q=0.9 Referer https://xuserpremium.com/givenitro User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 10 Jul 2023 00:31:39 GMT content-encoding br cf-cache-status REVALIDATED last-modified Mon, 14 Feb 2022 14:17:57 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"620a6495-4e0e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aKcDkoCgSOTWR381OVh8emTeNpVtQRE%2BSfhyZKcQpT%2B0moqBNdwhQYTDpVWCQGGRh6kmLe8DWT1GoCdBVuBXoG9%2B1Eq15%2B5A8ucjCYfVSdYGNlzMjbvtNDTcPgjEk1nj6fCD1khX0RHNW8jI9OhR"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7e44b48109144291-EWR access-control-allow-headers * alt-svc h3=":443"; ma=86400
GET H2	200	6b07ae31e1f85ffd74a4472d09dd511f4bc101b3d9da.css xuserpremium.com/6647bbb7e960e5931770c3283428f6242bd738fcaad9/	12 KB 2 KB	275ms 261ms	Stylesheet text/css	2606:4700:3035::6815:35fe CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xuserpremium.com/6647bbb7e960e5931770c3283428f6242bd738fcaad9/6b07ae31e1f85ffd74a4472d09dd511f4bc101b3d9da.css Requested by Host: xuserpremium.com URL: https://xuserpremium.com/givenitro Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:35fe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6a13129c52b4af929efe3e1fddeceb315a4f8038ad01c469f8d45d5c19483ac9 Request headers accept-language en-US,en;q=0.9 Referer https://xuserpremium.com/givenitro User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 10 Jul 2023 00:31:39 GMT content-encoding br cf-cache-status REVALIDATED last-modified Mon, 12 Jun 2023 15:47:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"64873e06-2ec4" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JV5zpK%2FO1MWxi4SRO6zRwn3plFMjgJVn9s6PefhP6uHr7Z4NorUK6URb3I58ZCZyNNpqrW%2FvIAZ1U28oTM6XImzP72Pz7DIjLQSFMYAK3mz9NA1S0etCIely3JVlC2N10zgw%2BSfLfHkB5LtP43rY"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7e44b48109164291-EWR access-control-allow-headers * alt-svc h3=":443"; ma=86400
GET H2	200	a9c115d91e40fcb0c084e249e71f970e9364547b3c96.css xuserpremium.com/6647bbb7e960e5931770c3283428f6242bd738fcaad9/	10 KB 3 KB	263ms 250ms	Stylesheet text/css	2606:4700:3035::6815:35fe CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xuserpremium.com/6647bbb7e960e5931770c3283428f6242bd738fcaad9/a9c115d91e40fcb0c084e249e71f970e9364547b3c96.css Requested by Host: xuserpremium.com URL: https://xuserpremium.com/givenitro Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:35fe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 02ed5fedd4d231fd7599d828707a1af9728f3dd33876047b5b045c1cec3f5d02 Request headers accept-language en-US,en;q=0.9 Referer https://xuserpremium.com/givenitro User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 10 Jul 2023 00:31:39 GMT content-encoding br cf-cache-status REVALIDATED last-modified Mon, 14 Feb 2022 14:17:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"620a6490-2965" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ru290ZlvgpZBvu9qAOjM7xv1RdQHe8iTkaXDp4dgH0mlpPNTTnxOuK5q%2FbR76erOLBKAqpPJgHT5vlcMDAkB8tAbM3%2B1Agdgz7KSswrivUPkoW6qMlLu4w95JzTRx%2FxXiwLQqgYK2jCvdgn6PQBI"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7e44b48109184291-EWR access-control-allow-headers * alt-svc h3=":443"; ma=86400
GET H2	200	11c4f9023f23a4e53afebb9cea7b816e6bc68f418d94.css xuserpremium.com/6647bbb7e960e5931770c3283428f6242bd738fcaad9/	6 KB 2 KB	262ms 256ms	Stylesheet text/css	2606:4700:3035::6815:35fe CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xuserpremium.com/6647bbb7e960e5931770c3283428f6242bd738fcaad9/11c4f9023f23a4e53afebb9cea7b816e6bc68f418d94.css Requested by Host: xuserpremium.com URL: https://xuserpremium.com/givenitro Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:35fe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f653dbf761adb689f70bdfbc792ae65192e95b544d7e66dce483a4931b4c58e3 Request headers accept-language en-US,en;q=0.9 Referer https://xuserpremium.com/givenitro User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 10 Jul 2023 00:31:39 GMT content-encoding br cf-cache-status REVALIDATED last-modified Fri, 15 Apr 2022 15:36:03 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"625990e3-1722" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oRc45ynuk%2BX0vkF1e%2Fjbhq5auuI4XHqyK3VSQpey8%2F3UwHsxHYldr0XeQvmpapsrmjvE2qHVAE4o2FX%2Fg%2FWawxaXMyRjc9c2YVE1g13kIS%2FjADCmBTE25iIdDEDQyMmpJt2ShRlDNDHLccmPQk6Y"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7e44b48109194291-EWR access-control-allow-headers * alt-svc h3=":443"; ma=86400
GET H2	404	8d3bca11379fb13f2a1228233182f936bde6df1f3443.css xuserpremium.com/d9fdc47ed6b49defa8979184fd7afa261d5132635e6d/	0 0	263ms 257ms	Stylesheet text/html	2606:4700:3035::6815:35fe CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xuserpremium.com/d9fdc47ed6b49defa8979184fd7afa261d5132635e6d/8d3bca11379fb13f2a1228233182f936bde6df1f3443.css Requested by Host: xuserpremium.com URL: https://xuserpremium.com/givenitro Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:35fe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language en-US,en;q=0.9 Referer https://xuserpremium.com/givenitro User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 10 Jul 2023 00:31:39 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wWhY77QIKKDCkAMJHuDsG6JMUk8VRDZzpri%2F2wQHeCgPu6K9kTU9%2BIjFhbPha90uSIykP5XuTuP3Cffq3%2FuNo9NQIGiM3Cu5Cw6Z1e71q7KV6lNnWvvpBx%2F9zhFBymfDZYStdoGnUcfIst8%2FJRuM"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control max-age=14400 cf-ray 7e44b481091c4291-EWR alt-svc h3=":443"; ma=86400
GET H2	404	5b0d2b8b266880e6f88d83b49da78b928fac6c7e9cd0.css xuserpremium.com/d9fdc47ed6b49defa8979184fd7afa261d5132635e6d/	0 0	261ms 255ms	Stylesheet text/html	2606:4700:3035::6815:35fe CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xuserpremium.com/d9fdc47ed6b49defa8979184fd7afa261d5132635e6d/5b0d2b8b266880e6f88d83b49da78b928fac6c7e9cd0.css Requested by Host: xuserpremium.com URL: https://xuserpremium.com/givenitro Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:35fe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language en-US,en;q=0.9 Referer https://xuserpremium.com/givenitro User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 10 Jul 2023 00:31:39 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kS5zoKTixBSpFpdsg3P6QFZIH%2FS1VfmGqbLu337%2F5NlhOEgX6dkfKNl3oTfY1t0aAiH7XMqlgvcbMmY3u%2FqlD4I5CqUdg0pRY3DAt6MuJFSDqBSYmSniexkdmGQLkfdyDWHdPB%2Be9nThx1H1nnou"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control max-age=14400 cf-ray 7e44b481091d4291-EWR alt-svc h3=":443"; ma=86400
GET H2	404	1146b6fa3d0e1dba0374a15ab36d08cbce87c5b934dc.css xuserpremium.com/d9fdc47ed6b49defa8979184fd7afa261d5132635e6d/	0 0	272ms 266ms	Stylesheet text/html	2606:4700:3035::6815:35fe CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xuserpremium.com/d9fdc47ed6b49defa8979184fd7afa261d5132635e6d/1146b6fa3d0e1dba0374a15ab36d08cbce87c5b934dc.css Requested by Host: xuserpremium.com URL: https://xuserpremium.com/givenitro Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:35fe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language en-US,en;q=0.9 Referer https://xuserpremium.com/givenitro User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 10 Jul 2023 00:31:39 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lDVWMocognUE0IFoEyRzkFk5x7dHmV8dU5rUyluciPJAmZlwfTP1HX2AyyduI2i01xEPJh7ty%2FStkelUkEWGdk0QaOvysz66Jwx%2Fd63o%2BGv1cQWXzMWbPb5Q96qoq%2B3HD2x7Y%2FTsdvTmzO7dCxVH"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control max-age=14400 cf-ray 7e44b481091f4291-EWR alt-svc h3=":443"; ma=86400
GET H2	404	76c5c0fc475b326c37cb2c4a24382b718eba502749dc.css xuserpremium.com/d9fdc47ed6b49defa8979184fd7afa261d5132635e6d/	0 0	270ms 265ms	Stylesheet text/html	2606:4700:3035::6815:35fe CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xuserpremium.com/d9fdc47ed6b49defa8979184fd7afa261d5132635e6d/76c5c0fc475b326c37cb2c4a24382b718eba502749dc.css Requested by Host: xuserpremium.com URL: https://xuserpremium.com/givenitro Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:35fe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language en-US,en;q=0.9 Referer https://xuserpremium.com/givenitro User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 10 Jul 2023 00:31:39 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L2oFFnNDuLEvB4Ad73bDdx5DKIn7ZdIJugQkXXJ0oarUUJf14K31XSnwa9kYjT1lui4vxY5yn4DJG2da8SzGAwnLyhjNrtYKmlFkCbHJSRCB5T%2Bqxgvy24Zw6MdRqJN9OxDVxrZKhQ9PeN4%2BTXAZ"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control max-age=14400 cf-ray 7e44b48109204291-EWR alt-svc h3=":443"; ma=86400
GET H2	404	90d7a871e1a67b1430acc9fdbb30f4ed666c41fbed1e.css xuserpremium.com/d9fdc47ed6b49defa8979184fd7afa261d5132635e6d/	0 0	269ms 264ms	Stylesheet text/html	2606:4700:3035::6815:35fe CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xuserpremium.com/d9fdc47ed6b49defa8979184fd7afa261d5132635e6d/90d7a871e1a67b1430acc9fdbb30f4ed666c41fbed1e.css Requested by Host: xuserpremium.com URL: https://xuserpremium.com/givenitro Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:35fe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language en-US,en;q=0.9 Referer https://xuserpremium.com/givenitro User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 10 Jul 2023 00:31:39 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zVxsOXnE9lkhnP1ugAukcnMQjUVxpX8wO2up8K5arm5BjfL8hcVsNKclJShWYz9R7je6Fz2TtdZnh%2BLYJId3I0ywcDNCBVQOSNpODCVSH%2BnI9rFDyiQ6uU1ul7k9jpDA1YrK0o%2FId5awQCczdmq4"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control max-age=14400 cf-ray 7e44b48109214291-EWR alt-svc h3=":443"; ma=86400
GET H2	404	ce6757b49aab669a0cc3c0722e5d5d36c86012f24dc1.css xuserpremium.com/bbca1a113956ca02cb2f73b865b6f246a541dc2e9353/	0 0	265ms 260ms	Stylesheet text/html	2606:4700:3035::6815:35fe CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xuserpremium.com/bbca1a113956ca02cb2f73b865b6f246a541dc2e9353/ce6757b49aab669a0cc3c0722e5d5d36c86012f24dc1.css Requested by Host: xuserpremium.com URL: https://xuserpremium.com/givenitro Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:35fe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language en-US,en;q=0.9 Referer https://xuserpremium.com/givenitro User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 10 Jul 2023 00:31:39 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3rQqUAleHUWI8P%2FwYJIt8bAtPQWmHkfpU8vjWhMli8p51bwdtYIZ18ZpgxEFqV0z9biB%2FipQoFGWEGtCgKpSM%2FRb2igbe3rKlgCqwWENtYjb5ftx9EUTxQUqi5pv5gTCPsVVh9yM%2FXnZwnXlyV%2FE"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control max-age=14400 cf-ray 7e44b48109224291-EWR alt-svc h3=":443"; ma=86400
GET H2	404	4b69cec0bb5acaf9935ce6b573fd13687416ebe75812.css xuserpremium.com/bbca1a113956ca02cb2f73b865b6f246a541dc2e9353/	0 0	262ms 258ms	Stylesheet text/html	2606:4700:3035::6815:35fe CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xuserpremium.com/bbca1a113956ca02cb2f73b865b6f246a541dc2e9353/4b69cec0bb5acaf9935ce6b573fd13687416ebe75812.css Requested by Host: xuserpremium.com URL: https://xuserpremium.com/givenitro Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:35fe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language en-US,en;q=0.9 Referer https://xuserpremium.com/givenitro User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 10 Jul 2023 00:31:39 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bcge3p9Kos17VexkFgp2B4puax8T82KzM6SaLGYdPpkt7lcdseU6NtXbVZdWEAKdo%2BEnZG4cA2%2BkoesUsRvol04PyjOhJrqe2Vk7MCupBy0WvEK3KXdIFDQFC%2F%2FUdoEoZhw%2FCdpqBneOGak4lHFU"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control max-age=14400 cf-ray 7e44b48109254291-EWR alt-svc h3=":443"; ma=86400
GET H2	404	4c3863fb9d61e5610eae4daaef1db645f23d76fbfd95.css xuserpremium.com/bbca1a113956ca02cb2f73b865b6f246a541dc2e9353/	0 0	253ms 248ms	Stylesheet text/html	2606:4700:3035::6815:35fe CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xuserpremium.com/bbca1a113956ca02cb2f73b865b6f246a541dc2e9353/4c3863fb9d61e5610eae4daaef1db645f23d76fbfd95.css Requested by Host: xuserpremium.com URL: https://xuserpremium.com/givenitro Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:35fe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language en-US,en;q=0.9 Referer https://xuserpremium.com/givenitro User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 10 Jul 2023 00:31:39 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9owL0VQsd4CEKtucu7zGzOnduAmi2Getk%2Fhk5bqI7r4vb4hB3bPFr3Xwyaw9VD9XApqkhOFRCwxhObXYuE%2FiOhCn0R8AyonOC3iE6JY7S3ZFfXf6%2FNX65XTGySNqUcw45%2Bm0LhFsT8WfUhDwh6I9"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control max-age=14400 cf-ray 7e44b48109264291-EWR alt-svc h3=":443"; ma=86400
GET H2	404	66d5a10e77e24eab6da179e64ba4a540c71d1d5e1cd2.css xuserpremium.com/bbca1a113956ca02cb2f73b865b6f246a541dc2e9353/	0 0	267ms 263ms	Stylesheet text/html	2606:4700:3035::6815:35fe CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xuserpremium.com/bbca1a113956ca02cb2f73b865b6f246a541dc2e9353/66d5a10e77e24eab6da179e64ba4a540c71d1d5e1cd2.css Requested by Host: xuserpremium.com URL: https://xuserpremium.com/givenitro Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:35fe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language en-US,en;q=0.9 Referer https://xuserpremium.com/givenitro User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 10 Jul 2023 00:31:39 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iXcI9CiWxvZnJ4wRMbwcTt4bKvVp2lsxBtuyyd%2FroVkaW%2BMbQESPrWaGO1sh4PxTPkK8N5adY8FL88XnYjx5EZuRcvHVZ70Hr2jrXMiROBpUKn1DDFNlPxxn3%2FUYgcYtz%2BLP3UR5fWXGGkxKQL6S"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control max-age=14400 cf-ray 7e44b48109284291-EWR alt-svc h3=":443"; ma=86400
GET H2	404	cb51280da15ca1c441417129db5e27cd7a9cd0cbeafb.css xuserpremium.com/bbca1a113956ca02cb2f73b865b6f246a541dc2e9353/	0 0	277ms 272ms	Stylesheet text/html	2606:4700:3035::6815:35fe CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xuserpremium.com/bbca1a113956ca02cb2f73b865b6f246a541dc2e9353/cb51280da15ca1c441417129db5e27cd7a9cd0cbeafb.css Requested by Host: xuserpremium.com URL: https://xuserpremium.com/givenitro Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:35fe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language en-US,en;q=0.9 Referer https://xuserpremium.com/givenitro User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 10 Jul 2023 00:31:39 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rf7VrMRqlfHZtaYSQq%2BRCTNBhegk1WCuepqP10KzKBIWbj8DJGe3%2BhMbhSJGneuzDnXJBm4gj6rihwibeTrrH48Pl7NgK9w7nYnHH1N9pDK6UtuvHD3bef5iRi8m7t%2FDx%2Fv8GEi4P3%2FhA7Luc5kI"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control max-age=14400 cf-ray 7e44b48109294291-EWR alt-svc h3=":443"; ma=86400
GET H2	200	jquery-3.6.0.js Show response code.jquery.com/	282 KB 83 KB	233ms 7ms	Script application/javascript	2001:4de0:ac18::1:a:3a STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.6.0.js Requested by Host: xuserpremium.com URL: https://xuserpremium.com/givenitro Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash 1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239 Request headers Referer https://xuserpremium.com/ Origin https://xuserpremium.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 10 Jul 2023 00:31:39 GMT content-encoding gzip last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx etag W/"28feccc0-46744" vary Accept-Encoding x-hw 1688949099.dop210.ny3.t,1688949099.cds051.ny3.hn,1688949099.cds248.ny3.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 84714
GET		ruffle.js donbcfbmhbcapadipfkeojnmajbakjdc/dist/	0 0
GET H2	200	css2 fonts.googleapis.com/	28 KB 2 KB	236ms 12ms	Stylesheet text/css	2607:f8b0:4006:81c::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Inter:wght@500;700&family=Manrope:wght@400;700&family=Open+Sans:wght@400;500;600;700&family=PT+Sans:wght@400;700&family=Ubuntu:wght@400;500;700&display=swap Requested by Host: xuserpremium.com URL: https://xuserpremium.com/givenitro Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::200a Flushing, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash c7a6f3859c76953e0d792f42ddd6aab2b429b7ac715fbacabe6e56de494d95fd Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://xuserpremium.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 10 Jul 2023 00:31:39 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 10 Jul 2023 00:31:39 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 10 Jul 2023 00:31:39 GMT
GET H2	200	jquery.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/	86 KB 28 KB	195ms 10ms	Script application/javascript	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js Requested by Host: xuserpremium.com URL: https://xuserpremium.com/givenitro Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://xuserpremium.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 10 Jul 2023 00:31:39 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 3466836 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 27748 last-modified Mon, 04 May 2020 16:11:48 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ec4-15851" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CmUqo9mgK7dB4NH5qPvzYw9l5nFgcsOXQPu7NiqczEw7GIQZHlK7ioDBLd1VwSl%2BKsmgHqKaYYmD7vNfzBK9ot9prxnqGsEiV%2B4NHgkMc2ioFpJWUCi0TqY7bNFfQ9RrXFPvs34wrL4YPIHLQIxPqFDN"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 7e44b4822c66438e-EWR expires Sat, 29 Jun 2024 00:31:39 GMT
GET H2	200	jquery-ui.js Show response code.jquery.com/ui/1.11.3/	459 KB 111 KB	229ms 4ms	Script application/javascript	2001:4de0:ac18::1:a:3a STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/ui/1.11.3/jquery-ui.js Requested by Host: xuserpremium.com URL: https://xuserpremium.com/givenitro Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash d2f0522008bff05c6434e48ac8f11f7464331436a4d5d96a14a058a81a75c82e Request headers accept-language en-US,en;q=0.9 Referer https://xuserpremium.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 10 Jul 2023 00:31:39 GMT content-encoding gzip last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx etag W/"28feccc0-72b1e" vary Accept-Encoding x-hw 1688949099.dop220.ny3.t,1688949099.cds155.ny3.hn,1688949099.cds257.ny3.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 113814
GET H2	200	6257d23c5fb25be7e0b6e220_Open%20Source%20Projects%20_%20Discord-7.svg assets-global.website-files.com/6257adef93867e50d84d30e2/	6 KB 3 KB	335ms 7ms	Image image/svg+xml	2600:9000:21ea:f800:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/6257adef93867e50d84d30e2/6257d23c5fb25be7e0b6e220_Open%20Source%20Projects%20_%20Discord-7.svg Requested by Host: xuserpremium.com URL: https://xuserpremium.com/givenitro Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21ea:f800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 0bfa62bd7d54fca0e95f9b1abef2adac380d17b4c9f47805414c7a23cf2b3bbd Request headers accept-language en-US,en;q=0.9 Referer https://xuserpremium.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 13 Sep 2022 21:10:19 GMT x-amz-version-id L3xb6VYoQ.AotyKi_Z9N2_J5hV1m9MOY content-encoding br via 1.1 aaf8cf6e639b571d00317b950854b0bc.cloudfront.net (CloudFront) age 25845682 x-amz-cf-pop EWR50-C1 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Thu, 14 Apr 2022 07:50:22 GMT server AmazonS3 etag W/"af172fc4474c781e2dd37c0bf905e86a" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000, must-revalidate x-amz-cf-id faGh0vyWH-oXDqCTeD7fznbb8OuZoX_1Vt0kwmVQajlpHEO26Tdt4A==
GET H2	200	nitro.png cdn.discordapp.com/attachments/818120722869911602/883999740071657542/	7 KB 8 KB	341ms 22ms	Image image/png	162.159.134.233 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.discordapp.com/attachments/818120722869911602/883999740071657542/nitro.png Requested by Host: xuserpremium.com URL: https://xuserpremium.com/givenitro Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.134.233 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8c89c4f3023d02b04197a30ca20f42ca7eb2634e1432ffff7b9d641a1f71a066 Request headers accept-language en-US,en;q=0.9 Referer https://xuserpremium.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 10 Jul 2023 00:31:40 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 306088 alt-svc h3=":443"; ma=86400 content-length 7036 last-modified Sun, 05 Sep 2021 08:59:21 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FanIpbM8n%2BSAvUbssM4JfAHuRWaOAySGFgB%2BYOdmIEj5bfzDMZdRtkSBOqQUZa8uiSnUA6a7Emu70wZfQ1VkyJiqXcvIjxhwM4Z7WT1yqysy33qX5T%2BLRxEaqfZseo%2FJ127klA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cf-ray 7e44b4858bfa4321-EWR x-robots-tag noindex, nofollow, noarchive, nocache, noimageindex, noodp expires Tue, 09 Jul 2024 00:31:40 GMT
GET H2	200	Frame-1-1.png i.ibb.co/GTCvt23/	849 B 1 KB	333ms 5ms	Image image/png	104.243.38.177 RELIABLESITE
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/GTCvt23/Frame-1-1.png Requested by Host: xuserpremium.com URL: https://xuserpremium.com/givenitro Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.243.38.177 Wilmington, United States, ASN23470 (RELIABLESITE, US), Reverse DNS disuanqi.dadongeng.cn Software nginx / Resource Hash 87718d08590aff7ce2480b0d2e16f2a8e80480235801db01131a920b7ddf823b Request headers accept-language en-US,en;q=0.9 Referer https://xuserpremium.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 10 Jul 2023 00:31:40 GMT last-modified Mon, 21 Nov 2022 20:04:10 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 849 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	404	moneya139f37d18ce2121.gif s8.gifyu.com/images/	31 KB 31 KB	436ms 108ms	Image image/png	65.21.74.205 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://s8.gifyu.com/images/moneya139f37d18ce2121.gif Requested by Host: xuserpremium.com URL: https://xuserpremium.com/givenitro Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.21.74.205 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.205.74.21.65.clients.your-server.de Software nginx/1.18.0 (Ubuntu) / Resource Hash 00ee7dba82f915d3871a147b1a69772da41b6d0d15c4e6b6f1be5632131358cd Request headers accept-language en-US,en;q=0.9 Referer https://xuserpremium.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 10 Jul 2023 00:31:40 GMT server nginx/1.18.0 (Ubuntu) etag "5f4266be-7c6f" content-length 31855 content-type image/png
GET H2	200	Better-Emoji.png i.ibb.co/8NjDXH6/	110 KB 110 KB	333ms 6ms	Image image/png	104.243.38.177 RELIABLESITE
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/8NjDXH6/Better-Emoji.png Requested by Host: xuserpremium.com URL: https://xuserpremium.com/givenitro Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.243.38.177 Wilmington, United States, ASN23470 (RELIABLESITE, US), Reverse DNS disuanqi.dadongeng.cn Software nginx / Resource Hash a7573620866f77f817a21fdb3fc3c5a3cb013b36c88a2fe72cb74fd9541e886f Request headers accept-language en-US,en;q=0.9 Referer https://xuserpremium.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 10 Jul 2023 00:31:40 GMT last-modified Mon, 21 Nov 2022 20:05:30 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 112531 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	Personal-Profile.png i.ibb.co/zQgYtrC/	81 KB 81 KB	349ms 22ms	Image image/png	104.243.38.177 RELIABLESITE
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/zQgYtrC/Personal-Profile.png Requested by Host: xuserpremium.com URL: https://xuserpremium.com/givenitro Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.243.38.177 Wilmington, United States, ASN23470 (RELIABLESITE, US), Reverse DNS disuanqi.dadongeng.cn Software nginx / Resource Hash 49e0e1ee241fa6b9fb36abaa64439790ba732d4c857a36630e6f9ffe44b2be5f Request headers accept-language en-US,en;q=0.9 Referer https://xuserpremium.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 10 Jul 2023 00:31:40 GMT last-modified Mon, 21 Nov 2022 20:09:05 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 82976 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	Support-a-Server.png i.ibb.co/6gPT9dj/	124 KB 124 KB	333ms 6ms	Image image/png	104.243.38.177 RELIABLESITE
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/6gPT9dj/Support-a-Server.png Requested by Host: xuserpremium.com URL: https://xuserpremium.com/givenitro Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.243.38.177 Wilmington, United States, ASN23470 (RELIABLESITE, US), Reverse DNS disuanqi.dadongeng.cn Software nginx / Resource Hash d4521f7da9ba4e288b6a1345de019b08582161704051dd9c1e56e9ccb1da79a2 Request headers accept-language en-US,en;q=0.9 Referer https://xuserpremium.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 10 Jul 2023 00:31:40 GMT last-modified Mon, 21 Nov 2022 20:10:10 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 126624 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	Rep-Your-Support.png i.ibb.co/dgLLkLF/	74 KB 74 KB	349ms 23ms	Image image/png	104.243.38.177 RELIABLESITE
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/dgLLkLF/Rep-Your-Support.png Requested by Host: xuserpremium.com URL: https://xuserpremium.com/givenitro Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.243.38.177 Wilmington, United States, ASN23470 (RELIABLESITE, US), Reverse DNS disuanqi.dadongeng.cn Software nginx / Resource Hash cd57a8bb5c6aa4fdbdcf2a2bf49c4c3def63a6944eac9d4b18cb9ce58e75f1e9 Request headers accept-language en-US,en;q=0.9 Referer https://xuserpremium.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 10 Jul 2023 00:31:40 GMT last-modified Mon, 21 Nov 2022 20:08:12 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 75888 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	Bigger-Uploads.png i.ibb.co/Kr2yyWP/	123 KB 123 KB	348ms 22ms	Image image/png	104.243.38.177 RELIABLESITE
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/Kr2yyWP/Bigger-Uploads.png Requested by Host: xuserpremium.com URL: https://xuserpremium.com/givenitro Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.243.38.177 Wilmington, United States, ASN23470 (RELIABLESITE, US), Reverse DNS disuanqi.dadongeng.cn Software nginx / Resource Hash 981e3a18d73a8efba599e4b20974f3350649531da588298afa8099d757c31a68 Request headers accept-language en-US,en;q=0.9 Referer https://xuserpremium.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 10 Jul 2023 00:31:40 GMT last-modified Mon, 21 Nov 2022 20:09:38 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 125850 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	HD-Video.png i.ibb.co/z6LnhXb/	95 KB 95 KB	241ms 5ms	Image image/png	104.243.38.177 RELIABLESITE
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/z6LnhXb/HD-Video.png Requested by Host: xuserpremium.com URL: https://xuserpremium.com/givenitro Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.243.38.177 Wilmington, United States, ASN23470 (RELIABLESITE, US), Reverse DNS disuanqi.dadongeng.cn Software nginx / Resource Hash 1fdb7835d388537d12dccb1304f7eed709ec71aac7a7134d9b0974f1e00a1365 Request headers accept-language en-US,en;q=0.9 Referer https://xuserpremium.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 10 Jul 2023 00:31:40 GMT last-modified Mon, 21 Nov 2022 20:10:40 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 97015 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	404	238deba8fbc272873c1f563a823ec99572d447a7d39f.js xuserpremium.com/878d600519c689394f92e576136143538c2cf811a964/	0 0	263ms 249ms	Script text/html	2606:4700:3035::6815:35fe CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xuserpremium.com/878d600519c689394f92e576136143538c2cf811a964/238deba8fbc272873c1f563a823ec99572d447a7d39f.js Requested by Host: xuserpremium.com URL: https://xuserpremium.com/givenitro Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:35fe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language en-US,en;q=0.9 Referer https://xuserpremium.com/givenitro User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 10 Jul 2023 00:31:40 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xRR%2FUii7LoCSqZm8x%2BazHuRptOrDQX1E%2BwbRNBuJxRbS39ebFmmZz55DGujaPVHKnVJkVoEzqZdkEAnRDo2N6lE47sAZV5Vw8U5t%2FmaJI2DxSFmt7vud%2BO238PI8c7a5UN4RvjUmMmryKdQ2J4%2B%2F"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control max-age=14400 cf-ray 7e44b482dd2c4414-EWR alt-svc h3=":443"; ma=86400
GET H3	404	aae645dea630cb27abb51134b503afa32c99bb71f5e8.js xuserpremium.com/e1df6ec5a5c8e152e1429080d98271d49edfe19e041a/	0 0	275ms 260ms	Script text/html	2606:4700:3035::6815:35fe CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xuserpremium.com/e1df6ec5a5c8e152e1429080d98271d49edfe19e041a/aae645dea630cb27abb51134b503afa32c99bb71f5e8.js Requested by Host: xuserpremium.com URL: https://xuserpremium.com/givenitro Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:35fe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language en-US,en;q=0.9 Referer https://xuserpremium.com/givenitro User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 10 Jul 2023 00:31:40 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2BCeJkjzO5QyM2cOFPiwzIWgEZQZzXDpmLJOZ%2FmJ8IcUY7UoNgVljgTwxgKyr9JJINMghWXGNpQpk1i5u86ET%2FAPRbGY6JQlrNLOET7XSUQm48ByzDn4yWO5LIjMpm19vslMGVXHylAtksOTHwyE"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control max-age=14400 cf-ray 7e44b4831d7c4414-EWR alt-svc h3=":443"; ma=86400
GET H3	200	60f3e81764ac333992e6f615b5725aadbf4f22071880.js Show response xuserpremium.com/c0f23afd03309280912885da7a943c18c56789da3e14/	313 KB 114 KB	23ms 21ms	Script application/javascript	2606:4700:3035::6815:35fe CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xuserpremium.com/c0f23afd03309280912885da7a943c18c56789da3e14/60f3e81764ac333992e6f615b5725aadbf4f22071880.js Requested by Host: cutt.us URL: https://cutt.us/R5LqQ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:35fe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5638af2be5b3f870b92758c6537349a737c7f218af3c99885856a47e1293d53a Request headers Referer https://xuserpremium.com/givenitro Origin https://xuserpremium.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 10 Jul 2023 00:31:40 GMT content-encoding br cf-cache-status HIT last-modified Mon, 12 Jun 2023 15:47:21 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 4467 etag W/"64873e09-4e2f7" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dr80h296LzurBpf8Gp3lw0UKTJJ8h90XqsBuplATIAKQkmpz7eoZv0CwORGPsqVgpbHcdsiOwBuX%2BKJhPuw9MF2%2F%2FEGjY70Ok2FVjUVjEHo%2Bmi1Nvy%2B41SeIwPi%2BerHqfx%2F4s4qFAB7aT2MnmCpv"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7e44b4839e084414-EWR access-control-allow-headers * alt-svc h3=":443"; ma=86400
GET H2	200	fon.png i.ibb.co/TqQhnNb/	27 KB 27 KB	241ms 4ms	Image image/png	104.243.38.177 RELIABLESITE
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/TqQhnNb/fon.png Requested by Host: xuserpremium.com URL: https://xuserpremium.com/givenitro Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.243.38.177 Wilmington, United States, ASN23470 (RELIABLESITE, US), Reverse DNS disuanqi.dadongeng.cn Software nginx / Resource Hash 720bccc8d03a6192e023050bf09fb1e6d06bcc3089e65a129195ee6b2f6b36aa Request headers accept-language en-US,en;q=0.9 Referer https://xuserpremium.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 10 Jul 2023 00:31:40 GMT last-modified Tue, 31 May 2022 20:42:01 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 27467 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	4iCv6KVjbNBYlgoCxCvjsGyN.woff2 fonts.gstatic.com/s/ubuntu/v20/	29 KB 30 KB	31ms 10ms	Font font/woff2	2607:f8b0:4006:820::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Inter:wght@500;700&family=Manrope:wght@400;700&family=Open+Sans:wght@400;500;600;700&family=PT+Sans:wght@400;700&family=Ubuntu:wght@400;500;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://xuserpremium.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 08 Jul 2023 05:15:13 GMT x-content-type-options nosniff age 155787 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29752 x-xss-protection 0 last-modified Wed, 27 Apr 2022 17:05:11 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 07 Jul 2024 05:15:13 GMT
GET H2	200	4iCs6KVjbNBYlgoKfw72.woff2 fonts.gstatic.com/s/ubuntu/v20/	34 KB 34 KB	53ms 32ms	Font font/woff2	2607:f8b0:4006:820::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Inter:wght@500;700&family=Manrope:wght@400;700&family=Open+Sans:wght@400;500;600;700&family=PT+Sans:wght@400;700&family=Ubuntu:wght@400;500;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://xuserpremium.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 08 Jul 2023 10:31:07 GMT x-content-type-options nosniff age 136833 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 34852 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:31:23 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 07 Jul 2024 10:31:07 GMT
GET H3	200	metrica.php Show response xuserpremium.com/	0 451 B	561ms 546ms	XHR text/html	2606:4700:3035::6815:35fe CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xuserpremium.com/metrica.php?method=LoadedCount&url=https%3A%2F%2Fxuserpremium.com%2Fgivenitro Requested by Host: xuserpremium.com URL: https://xuserpremium.com/c0f23afd03309280912885da7a943c18c56789da3e14/60f3e81764ac333992e6f615b5725aadbf4f22071880.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:35fe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://xuserpremium.com/givenitro User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 10 Jul 2023 00:31:40 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=urVlQeGZl6JeqH6lH3wHoTGIUeuE%2BCP%2BTd3koTIFS%2BROpsgIGNvLyVBf%2Bi%2B99UamIdNeXQ4DH194vDBwIvkwT5uEHDg3pYTJwG3ql%2FJvB82w7pg51UFg9r5BZ%2F3KDIbG5JvU7blsrZWtMMjrI38z"}],"group":"cf-nel","max_age":604800} access-control-allow-methods GET, POST access-control-allow-origin * content-type text/html; charset=UTF-8 cf-ray 7e44b48568624414-EWR access-control-allow-headers X-Requested-With, * alt-svc h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.google-analytics.com

URL

https://www.google-analytics.com/g/collect?v=2&tid=G-ZBQ2JYBBZ5&gtm=45je3750&_p=749278648&cid=1535837765.1688949097&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=2&sid=1688949097&sct=1&seg=0&dl=https%3A%2F%2Fcutt.us%2FR5LqQ&dt=R5LqQ&en=user_engagement&_et=1918

Domain

donbcfbmhbcapadipfkeojnmajbakjdc

URL

chrome-extension://donbcfbmhbcapadipfkeojnmajbakjdc/dist/ruffle.js?id=62441715742