www.fforfree.net Open in urlscan Pro
2a00:1450:4001:830::2013 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html
Submission: On November 17 via api (November 17th 2022, 12:01:45 pm UTC) from RU — Scanned from DE

Summary HTTP 152 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 36 IPs in 4 countries across 29 domains to perform 152 HTTP transactions. The main IP is 2a00:1450:4001:830::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.fforfree.net.
TLS certificate: Issued by GTS CA 1D4 on October 8th 2022. Valid for: 3 months.

This is the only time www.fforfree.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2a00:1450:400... 2a00:1450:4001:830::2013	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:806::2009	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	88.221.168.23 88.221.168.23	16625 (AKAMAI-AS) (AKAMAI-AS)
10	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
5	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
6	23.3.108.146 23.3.108.146	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:225... 2600:9000:2250:da00:1d:d7f6:39d2:2dc1	16509 (AMAZON-02) (AMAZON-02)
18	172.66.42.247 172.66.42.247	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	23.35.236.23 23.35.236.23	16625 (AKAMAI-AS) (AKAMAI-AS)
27	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	88.221.169.143 88.221.169.143	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:303... 2606:4700:3037::ac43:d5af	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::6819:d60e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.66.41.9 172.66.41.9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
4	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:400c:c1b::9a	15169 (GOOGLE) (GOOGLE)
2	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
152	36

2 2a00:1450:4001:830::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.fforfree.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:806::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img1.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img2.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

netdna.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.221.168.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-168-23.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

adhitzads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p3.adhitzads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
themes.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.3.108.146 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-3-108-146.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-public.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:da00:1d:d7f6:39d2:2dc1 (United States)

ASN16509 (AMAZON-02, US)

images-eu.ssl-images-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 172.66.42.247 (United States)

ASN13335 (CLOUDFLARENET, US)

resources.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
router.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rt3066.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-23.deploy.static.akamaitechnologies.com

lg3.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

p3.adhitzads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.221.169.143 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-169-143.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:d5af (United States)

ASN13335 (CLOUDFLARENET, US)

axm.am	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::6819:d60e (United States)

ASN13335 (CLOUDFLARENET, US)

www.alexamaster.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.66.41.9 (United States)

ASN13335 (CLOUDFLARENET, US)

rt3066.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	adhitzads.com adhitzads.com — Cisco Umbrella Rank: 238284 p3.adhitzads.com — Cisco Umbrella Rank: 272420	2 MB
19	infolinks.com resources.infolinks.com — Cisco Umbrella Rank: 6735 router.infolinks.com — Cisco Umbrella Rank: 2500 rt3066.infolinks.com — Cisco Umbrella Rank: 102781	327 KB
13	blogger.com www.blogger.com — Cisco Umbrella Rank: 8797	275 KB
10	blogspot.com 1.bp.blogspot.com — Cisco Umbrella Rank: 10122 3.bp.blogspot.com — Cisco Umbrella Rank: 12751 4.bp.blogspot.com — Cisco Umbrella Rank: 12985	92 KB
10	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 tpc.googlesyndication.com — Cisco Umbrella Rank: 136	251 KB
8	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 14288 lh3.googleusercontent.com — Cisco Umbrella Rank: 74 themes.googleusercontent.com — Cisco Umbrella Rank: 11248	106 KB
7	google.com adservice.google.com — Cisco Umbrella Rank: 72 play.google.com — Cisco Umbrella Rank: 23 www.google.com — Cisco Umbrella Rank: 2	25 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com	395 KB
6	twitter.com platform.twitter.com — Cisco Umbrella Rank: 725 syndication.twitter.com — Cisco Umbrella Rank: 990	150 KB
5	addthis.com s7.addthis.com — Cisco Umbrella Rank: 1569 m.addthis.com — Cisco Umbrella Rank: 1549 api-public.addthis.com — Cisco Umbrella Rank: 4303	149 KB
4	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2536 www.google-analytics.com — Cisco Umbrella Rank: 36	20 KB
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 304 imasdk.googleapis.com — Cisco Umbrella Rank: 413	276 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 stats.g.doubleclick.net — Cisco Umbrella Rank: 78	5 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 139	90 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8709 www.google.de — Cisco Umbrella Rank: 5922	1 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 106	9 KB
2	blogblog.com img1.blogblog.com — Cisco Umbrella Rank: 77640 img2.blogblog.com — Cisco Umbrella Rank: 131903	578 B
2	media.net contextual.media.net — Cisco Umbrella Rank: 535 lg3.media.net — Cisco Umbrella Rank: 4170	564 B
2	bootstrapcdn.com netdna.bootstrapcdn.com — Cisco Umbrella Rank: 2963	48 KB
2	fforfree.net www.fforfree.net	106 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 374	61 KB
1	addthisedge.com v1.addthisedge.com — Cisco Umbrella Rank: 1764	207 B
1	alexamaster.net www.alexamaster.net	551 B
1	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 715	6 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 860	463 B
1	axm.am axm.am	782 B
1	moatads.com z.moatads.com — Cisco Umbrella Rank: 406	1 KB
1	ssl-images-amazon.com images-eu.ssl-images-amazon.com — Cisco Umbrella Rank: 5505	1 MB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 53	75 KB
152	29

	Domain	Requested by
28	p3.adhitzads.com	adhitzads.com p3.adhitzads.com www.fforfree.net
13	www.blogger.com	www.fforfree.net www.blogger.com
9	resources.infolinks.com	www.fforfree.net resources.infolinks.com
7	rt3066.infolinks.com	resources.infolinks.com
7	pagead2.googlesyndication.com	www.fforfree.net pagead2.googlesyndication.com cdn.jsdelivr.net tpc.googlesyndication.com
6	blogger.googleusercontent.com	www.fforfree.net
5	www.google.com	www.blogger.com www.fforfree.net www.gstatic.com www.google.com tpc.googlesyndication.com
4	www.gstatic.com	www.google.com www.gstatic.com
4	platform.twitter.com	s7.addthis.com platform.twitter.com
4	adhitzads.com	www.fforfree.net
4	1.bp.blogspot.com	www.fforfree.net
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	router.infolinks.com	resources.infolinks.com
3	fonts.gstatic.com	www.fforfree.net www.google.com
3	4.bp.blogspot.com	www.fforfree.net
3	s7.addthis.com	www.fforfree.net s7.addthis.com
3	3.bp.blogspot.com	www.fforfree.net
3	ajax.googleapis.com	www.fforfree.net
2	syndication.twitter.com	platform.twitter.com www.fforfree.net
2	connect.facebook.net	s7.addthis.com connect.facebook.net
2	www.google-analytics.com	www.fforfree.net www.google-analytics.com
2	www.facebook.com	www.fforfree.net connect.facebook.net
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	region1.google-analytics.com	www.googletagmanager.com
2	netdna.bootstrapcdn.com	www.fforfree.net netdna.bootstrapcdn.com
2	www.fforfree.net	www.fforfree.net
1	cdn.jsdelivr.net	www.fforfree.net
1	www.google.de	www.fforfree.net
1	imasdk.googleapis.com	resources.infolinks.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	api-public.addthis.com	s7.addthis.com
1	play.google.com	www.blogger.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	www.alexamaster.net	axm.am
1	static.xx.fbcdn.net	www.facebook.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	axm.am	www.fforfree.net
1	z.moatads.com	s7.addthis.com
1	lg3.media.net	www.fforfree.net
1	themes.googleusercontent.com	www.fforfree.net
1	images-eu.ssl-images-amazon.com	www.fforfree.net
1	lh3.googleusercontent.com	www.fforfree.net
1	img2.blogblog.com	www.fforfree.net
1	img1.blogblog.com	www.fforfree.net
1	contextual.media.net	www.fforfree.net
1	www.googletagmanager.com	www.fforfree.net
152	49

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
t.me
twitter.com
feeds.feedburner.com
www.youtube.com
www.kooapp.com
waitlist.gummys.io
www.blogger.com
blogger.com

Subject Issuer	Validity	Valid
www.fforfree.net GTS CA 1D4	`2022-10-08` - `2023-01-06`	3 months	crt.sh
*.blogger.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
images-na.ssl-images-amazon.com DigiCert Global CA G2	`2022-10-26` - `2023-10-14`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-08-26` - `2022-11-24`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.alexamaster.net E1	`2022-10-23` - `2023-01-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-06` - `2023-11-06`	a year	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
www.google.de GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh

This page contains 23 frames:

Primary Page: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html
Frame ID: 07C1DF21693085A8100B4DEC2A6F8733
Requests: 95 HTTP requests in this frame

Frame: https://p3.adhitzads.com/637622a19b77d347038715gfforfree.net63609
Frame ID: 3D97B7EE73676DE8EDA84B0F030C88F8
Requests: 5 HTTP requests in this frame

Frame: https://www.blogger.com/comment/frame/5101816747547580259?po=2928172597917634208&hl=en&blogspotRpcToken=2327324
Frame ID: 6A48CE902956541312D16D77A158B817
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: C4AE8B05500923FE47A46840D28B3A99
Requests: 1 HTTP requests in this frame

Frame: https://p3.adhitzads.com/637622a1b69cd164841657gfforfree.net63609
Frame ID: FA6C8332CE53D219F0B4D0D8461749D1
Requests: 5 HTTP requests in this frame

Frame: https://p3.adhitzads.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1668686400
Frame ID: 47324E77FCD5758CD0305F508DB8EDC6
Requests: 3 HTTP requests in this frame

Frame: https://p3.adhitzads.com/637622a1e22ea894959702gfforfree.net63609
Frame ID: BF087C34980157F606D54F278AC34236
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/F4Free&width=402&height=255&colorscheme=light&show_faces=true&show_border=false&stream=false&header=false
Frame ID: 6D940CED3E19FE67844F9D2D44F33D04
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2070990276345347&output=html&adk=1812271804&adf=3025194257&lmt=1668669556&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwww.fforfree.net%2F2022%2F11%2Fwin-from-1000000-prize-pool-using.html&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=1&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=1000&asna=5&asnd=5&asnp=5&asns=5&asmat=0.4&asptt=-1&aspe=0&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668686497738&bpp=3&bdt=403&idt=274&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5196308042567&frm=20&pv=2&ga_vid=1591039200.1668686498&ga_sid=1668686498&ga_hid=883580109&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C42531705%2C44770880%2C44779077&oid=2&pvsid=1675036644218695&tmod=890533972&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=309
Frame ID: 79404BE842A05D0C5BC9CDD48B8D872E
Requests: 1 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=3178660&wsid=0&pdom=www.fforfree.net&purl=https%3A%2F%2Fwww.fforfree.net%2F2022%2F11%2Fwin-from-1000000-prize-pool-using.html
Frame ID: 6B2EC381B46720593C420267CFF283DB
Requests: 1 HTTP requests in this frame

Frame: https://p3.adhitzads.com/637622a20c699240123360gfforfree.net63609
Frame ID: 7EB5695C8614D632A4A39CFADACBF8A7
Requests: 3 HTTP requests in this frame

Frame: https://p3.adhitzads.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1668686400
Frame ID: E617A6D90AA9DDDFE95069346892D856
Requests: 3 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 19AEB6EC73DDD9965360EC7ACC30D9F8
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: CE7DB3A61861AD3068832F7F7D850B0C
Requests: 1 HTTP requests in this frame

Frame: https://p3.adhitzads.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1668686400
Frame ID: 12411A1194DD0446B3F14C2376D33331
Requests: 3 HTTP requests in this frame

Frame: https://p3.adhitzads.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1668686400
Frame ID: 80B0DFD6F1823476F1E877DE3ADEA2F2
Requests: 3 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fwww.fforfree.net
Frame ID: D3D427B5DEAFD0F2823EB3C6A0C7854C
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.644279d1635fd969e87af94a98bd232b.en.html
Frame ID: F4F31291B97A27586DB0A805D4393A53
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=de&v=jF-AgDWy8ih0GfLx4Semh9UK&size=invisible&cb=5wkpmmnbxq53
Frame ID: 10996B5A90BC4F3C6286E0DDD45F8CFB
Requests: 7 HTTP requests in this frame

Frame: https://www.blogger.com/_/BloggerCommentUi/cspreport
Frame ID: CD65F4D8ACED9506010C5BBE7D873A1D
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.6/plugins/like.php?action=like&app_id=172525162793917&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df329cc549b2fd48%26domain%3Dwww.fforfree.net%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.fforfree.net%252Ff1c35c792b30e5%26relation%3Dparent.parent&container_width=0&font=arial&height=25&href=https%3A%2F%2Fwww.fforfree.net%2F2022%2F11%2Fwin-from-1000000-prize-pool-using.html&layout=button_count&locale=en_US&sdk=joey&send=false&share=false&show_faces=false&width=90
Frame ID: FDC76B5F6850B39764072E3A79F8E087
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 894670AEE4968C1A0714C65E183BD06F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D69F9BA93D5DE0BE28EA541331025BA7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Win from $1000000 Prize Pool Using Gummys Waitlist Airdrop | Free Stuff, Contests, Deals, Giveaways, Free Samples India PrintEmailFacebookTwitterPinterestAddThis

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AddThis (Widgets) Expand

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

152
Requests

99 %
HTTPS

74 %
IPv6

29
Domains

49
Subdomains

36
IPs

4
Countries

5458 kB
Transfer

9718 kB
Size

15
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/F4free
Title: Facebook

Search URL Search Domain Scan URL

URL: https://t.me/FforFreenet
Title: Digg

Search URL Search Domain Scan URL

URL: https://twitter.com/FforFree_
Title: Twitter

Search URL Search Domain Scan URL

URL: https://feeds.feedburner.com/Fforfree-GetEverythingForFree
Title: Rss

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/fforfreeblogspot
Title: Youtube

Search URL Search Domain Scan URL

URL: https://www.kooapp.com/profile/fforfree
Title: evernote

Search URL Search Domain Scan URL

URL: https://waitlist.gummys.io/?kid=2HXQJC

Search URL Search Domain Scan URL

URL: https://www.blogger.com/profile/04882078698479073309
Title: FforFree

Search URL Search Domain Scan URL

URL: https://www.blogger.com/email-post.g?blogID=5101816747547580259&postID=2928172597917634208

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=5101816747547580259&postID=2928172597917634208&from=pencil

Search URL Search Domain Scan URL

URL: http://www.facebook.com/F4free
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/comment/frame/5101816747547580259?po=2928172597917634208&hl=en&blogspotRpcToken=2327324

Search URL Search Domain Scan URL

URL: https://blogger.com/
Title: Blogger

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

152 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request win-from-1000000-prize-pool-using.html Show response
www.fforfree.net/2022/11/ 437 KB
103 KB 884ms
738ms Document
text/html 2a00:1450:4001:830::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6813c37ce5e435c4e28032f31708e09dfed30efa63c45475c1a9c85dccbe8dbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=0
content-encoding: gzip
content-length: 105405
content-type: text/html; charset=UTF-8
date: Thu, 17 Nov 2022 12:01:37 GMT
etag: W/"c8e9dda6c7612dbfaa202a37b208cf13dc5963386ca5b6c037c65c0eb415a218"
expires: Thu, 17 Nov 2022 12:01:37 GMT
last-modified: Thu, 17 Nov 2022 07:19:16 GMT
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 55013136-widget_css_bundle.css
www.blogger.com/static/v1/widgets/ 30 KB
7 KB 159ms
42ms Stylesheet
text/css 2a00:1450:4001:806::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css

Requested by

Host: www.fforfree.net
URL: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a2eca9e492e3a21e02dd77ad44d7af45c4091d35ede79e948b7a3f23e5b3617

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 11:07:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3228
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6620
x-xss-protection: 0
last-modified: Thu, 17 Nov 2022 03:52:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Fri, 17 Nov 2023 11:07:49 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 211 KB
75 KB 139ms
53ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LKWM90GK3S

Requested by

Host: www.fforfree.net
URL: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f2a6ded7556d771600b4d94471cc3152af15867a3b9c75706d7a3760c981887f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75990
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 17 Nov 2022 12:01:37 GMT

GET
H2 200 font-awesome.min.css
netdna.bootstrapcdn.com/font-awesome/3.2.0/css/ 21 KB
5 KB 78ms
49ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/font-awesome/3.2.0/css/font-awesome.min.css

Requested by

Host: www.fforfree.net
URL: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbb102718687334c9562f1048617e79c04e1a0f281aafafa919b597e4cdb0178

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 617, 617
age: 25589162
cdn-cachedat: 2021-06-08 10:18:17
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:51 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 29e3fb1b5623535acc4416a26eb72d22
timing-allow-origin: *
cdn-requestcountrycode: US
cf-ray: 76b850108f3c9bac-FRA
cdn-requestpullsuccess: True

GET
H2 200 dmedianet.js Show response
contextual.media.net/ 368 B
549 B 49ms
18ms Script
text/javascript 88.221.168.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/dmedianet.js?cid=8CULYOGT4

Requested by

Host: www.fforfree.net
URL: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.221.168.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a88-221-168-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

5c5077e0a0db30b7f2a938d63fad713d38fa0cdd0dbeace68388c01afe2b07e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-mnt-h: 8-10
strict-transport-security: max-age=31536000
date: Thu, 17 Nov 2022 12:01:37 GMT
server: Apache
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
content-length: 368
expires: Thu, 17 Nov 2022 12:06:37 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
49 KB 148ms
58ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2070990276345347&host=ca-host-pub-1556223355139109

Requested by

Host: www.fforfree.net
URL: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e53b3769afdd8f0fa7b68676e002ed838d9a29075abe804684ad37c0b34b437

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fforfree.net/
Origin: https://www.fforfree.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49158
x-xss-protection: 0
server: cafe
etag: 13010958958288188405
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 17 Nov 2022 12:01:37 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.3/ 91 KB
92 KB 172ms
104ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js

Requested by

Host: www.fforfree.net
URL: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 06:20:00 GMT
x-content-type-options: nosniff
age: 20497
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93636
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 06:20:00 GMT

GET
H2 200 fforfree%2Bnet%2Blogo.png
1.bp.blogspot.com/-scjqlAYeOeM/XcRtWMyKY0I/AAAAAAAAmfg/5zQZSMqr0wMysiPJiMMAF07fcDvY9wmyACK4BGAYYCw/s1600/ 40 KB
40 KB 135ms
51ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-scjqlAYeOeM/XcRtWMyKY0I/AAAAAAAAmfg/5zQZSMqr0wMysiPJiMMAF07fcDvY9wmyACK4BGAYYCw/s1600/fforfree%2Bnet%2Blogo.png

Requested by

Host: www.fforfree.net
URL: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a4c7e27a9c10ae53482c7fb2393ef68adb693bf0c904b6c91efcf0098538cf7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:37 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="fforfree net logo.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40909
x-xss-protection: 0
server: fife
etag: "v99f9"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 17 Nov 2022 17:53:07 GMT

GET
H2 200 1157934 Show response
adhitzads.com/ 448 B
768 B 86ms
36ms Script
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adhitzads.com/1157934
Requested by: Host: www.fforfree.net
URL: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 027ed758b38095182f14c711cb1cd37f0b6c875e6af628009c74c3b0b51267c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1e3jKwJzleEF46guZYPs1xrdw4uTJI%2BWgy6N2y3RJAw8nRsbMFWZQsxY1YNpX1QG08LZtX2GUdZvvavNW%2BTSfXdSfvKe6lU3zvXQ6MOc4ppFJ%2BvCR%2B5j7XHL3oSBHlox"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=3600, public
cf-ray: 76b85011aca25b5c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 17 Nov 2022 13:01:37 GMT

GET
H2 200 fforfree1%2B-%2BFInal1.png
3.bp.blogspot.com/-g3PGuITsl8Q/VR2K8Orf1yI/AAAAAAAAME4/Nsy5QF7WmMA/s1600/ 21 KB
21 KB 127ms
53ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-g3PGuITsl8Q/VR2K8Orf1yI/AAAAAAAAME4/Nsy5QF7WmMA/s1600/fforfree1%2B-%2BFInal1.png

Requested by

Host: www.fforfree.net
URL: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

055ff8aac18e88894d9637b7b71e40388f0c79c85ac424ec1dd313654d9a202d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:37 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="fforfree1 - FInal1.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21356
x-xss-protection: 0
server: fife
etag: "v304f"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 13 Oct 2022 18:32:43 GMT

GET
H2 200 Win%20from%20$1000000%20Prize%20Pool%20Using%20Gummys%20Waitlist%20Airdrop.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhSFKe4ig3lB3o0v5rCexoTCGLXbvJn2hmdfkESTtKpie_djliIO87LH5HB3rcI9kP1ZUaCWcWWsFUWhrXVUKCMHNFIRZQMHt6V0YrGhZc2GvGsc4l5RG_A5vAB1k0qqxL_aQqSukcHDxa-sPPR... 31 KB
31 KB 756ms
670ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhSFKe4ig3lB3o0v5rCexoTCGLXbvJn2hmdfkESTtKpie_djliIO87LH5HB3rcI9kP1ZUaCWcWWsFUWhrXVUKCMHNFIRZQMHt6V0YrGhZc2GvGsc4l5RG_A5vAB1k0qqxL_aQqSukcHDxa-sPPRSqKxnj6w-XFydthzFyCN8i6JA5dWTJP5IRmOrateSw/w400-h225/Win%20from%20$1000000%20Prize%20Pool%20Using%20Gummys%20Waitlist%20Airdrop.jpg

Requested by

Host: www.fforfree.net
URL: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

737407b74c04b9c14f929fdc9c5e81272082c8ec3c43ce3e09814d378733b0c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:38 GMT
x-content-type-options: nosniff
server: fife
etag: "vf03e"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Win from $1000000 Prize Pool Using Gummys Waitlist Airdrop.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31368
x-xss-protection: 0
expires: Fri, 18 Nov 2022 12:01:38 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 105ms
31ms Script
application/javascript 23.3.108.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.fforfree.net
URL: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.3.108.146 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-3-108-146.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Thu, 17 Nov 2022 12:01:37 GMT
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
x-host: s7.addthis.com
content-length: 116388

GET
H2 200 icon18_email.gif
img1.blogblog.com/img/ 164 B
278 B 90ms
40ms Image
image/gif 2a00:1450:4001:806::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img1.blogblog.com/img/icon18_email.gif

Requested by

Host: www.fforfree.net
URL: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1258cbe1e2900ec3df11a83a6bb6008d7a833f783a6df80b0d5d45a052ac1466

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 09:45:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Nov 2022 15:52:51 GMT
server: sffe
age: 526574
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/gif
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 164
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Fri, 18 Nov 2022 09:45:23 GMT

GET
H2 200 icon18_edit_allbkg.gif
img2.blogblog.com/img/ 162 B
300 B 85ms
42ms Image
image/gif 2a00:1450:4001:806::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img2.blogblog.com/img/icon18_edit_allbkg.gif

Requested by

Host: www.fforfree.net
URL: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 09:34:04 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Nov 2022 16:52:47 GMT
server: sffe
age: 527253
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/gif
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 162
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Fri, 18 Nov 2022 09:34:04 GMT

GET
H2 200 fforfree+logo.jpg
3.bp.blogspot.com/_kvCcM6wMGC0/TI5uFv4EDnI/AAAAAAAAAEY/fl_UtIcUIAg/S220/ 7 KB
7 KB 80ms
79ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/_kvCcM6wMGC0/TI5uFv4EDnI/AAAAAAAAAEY/fl_UtIcUIAg/S220/fforfree+logo.jpg

Requested by

Host: www.fforfree.net
URL: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9a493deb59fb86cc0ab0cd4accfeaa6d0ecda0bf8d9c3dfc3dcc9fa6d6ab1e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:37 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="fforfree logo.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6851
x-xss-protection: 0
server: fife
etag: "v46"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 12 Nov 2022 05:33:01 GMT

GET
H2 200 3469866930-comment_from_post_iframe.js Show response
www.blogger.com/static/v1/jsbin/ 17 KB
7 KB 47ms
41ms Script
text/javascript 2a00:1450:4001:806::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js

Requested by

Host: www.fforfree.net
URL: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12b91cbf31131a10b1fc2aa05047c027caeac0d6e0ca5deadf418fff63d68082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 05:06:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 284117
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6573
x-xss-protection: 0
last-modified: Sun, 13 Nov 2022 10:55:32 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 14 Nov 2023 05:06:20 GMT

GET
H2 200 1157936 Show response
adhitzads.com/ 448 B
540 B 79ms
38ms Script
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adhitzads.com/1157936
Requested by: Host: www.fforfree.net
URL: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6195e47d2f3ff2aa8fadc719cb73e604b168ddd94300b9ceec794fb6508b3d38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1zYmjLhDbL%2FB1IYENUUAwgS6g7u7tRJ9w533FesQWtZ2k2j7rfJvQlPO9C2kR6XpX95cQsG8RGc9Uyal6kypmL7lcAkGcvYCPm6EC6iAJTY5XQK6gWMk8QmvLjUG4hRG"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=3600, public
cf-ray: 76b85011aca55b5c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 17 Nov 2022 13:01:37 GMT

GET
H2 200 1158659 Show response
adhitzads.com/ 448 B
542 B 84ms
43ms Script
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adhitzads.com/1158659
Requested by: Host: www.fforfree.net
URL: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d6e48e780f8e97bf4079061eba0eff349ec2385882224ebe73b534a7d401089

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z2mfc1Gf5tL0zgcca0PVOpIxxlqAtYVdA%2B3Yx62CtjPA2CM%2F5jSsjYByNuHyiO3gNeCejrl6%2FF442iHkJYgTjVvJi1EShjAGPvFGy6gkYqSjkMkRtv53i9WSnyD02GBq"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=3600, public
cf-ray: 76b85011aca85b5c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 17 Nov 2022 13:01:37 GMT

GET
H2 200 Tricks%20to%20Build%20500+%20Floors%20Daily%20In%20Google%20Pay%20Diwali%20Mela%20Offer.jpeg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiLOh7HS9kvcAek_3kvc5udm782WJy4yq_0TbyEFlAznck2voLJhBr0TLZtXR2tMtlCjJCHj9Wbm73blW0-FehpaTw8z96f3KNBOfQATpC7Vj86fA8oC9lE_OhvJ5JOi2wlweEUTx7svWOnDfQ... 5 KB
6 KB 457ms
457ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiLOh7HS9kvcAek_3kvc5udm782WJy4yq_0TbyEFlAznck2voLJhBr0TLZtXR2tMtlCjJCHj9Wbm73blW0-FehpaTw8z96f3KNBOfQATpC7Vj86fA8oC9lE_OhvJ5JOi2wlweEUTx7svWOnDfQs2qoF7zK3zixULWCP8ZW4ehU-t_UmTqUIer2_Jw8Gw/w72-h72-p-k-no-nu/Tricks%20to%20Build%20500+%20Floors%20Daily%20In%20Google%20Pay%20Diwali%20Mela%20Offer.jpeg

Requested by

Host: www.fforfree.net
URL: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

710af5165eaf30a70a8ef8f60cadcce3f99f9d8b4bae6b58f768785c706c62b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:38 GMT
x-content-type-options: nosniff
server: fife
etag: "vef9d"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Tricks to Build 500+ Floors Daily In Google Pay Diwali Mela Offer.jpeg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5576
x-xss-protection: 0
expires: Fri, 18 Nov 2022 12:01:38 GMT

GET
H2 200 ANbyha1CqOhd_N6tQUULPfBLD0m5Ew1Vw1KrufHexYvoJ8NsdNWAksC6mSddzeWqge5nG0L5WktQ14WGKVBm17Q0jujCB9MBlulg9P936eqnBnQA9us_RcDr8tUYpb37oIGhVxLzywajbrSA1e6VA2UpHV_5_CwvoEPK=w72-h72-p-k-no-nu
lh3.googleusercontent.com/blogger_img_proxy/ 10 KB
10 KB 111ms
82ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/blogger_img_proxy/ANbyha1CqOhd_N6tQUULPfBLD0m5Ew1Vw1KrufHexYvoJ8NsdNWAksC6mSddzeWqge5nG0L5WktQ14WGKVBm17Q0jujCB9MBlulg9P936eqnBnQA9us_RcDr8tUYpb37oIGhVxLzywajbrSA1e6VA2UpHV_5_CwvoEPK=w72-h72-p-k-no-nu

Requested by

Host: www.fforfree.net
URL: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a168d1e996cb763f2389e5c477bf10dc46c5926893141f4717afce97dcd9986e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:37 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9995
x-xss-protection: 0
expires: Fri, 18 Nov 2022 12:01:37 GMT

GET
H2 200 How%20To%20Watch%20%E2%80%98Flames%20Season%203%E2%80%99%20Online%20for%20FREE%20in%20Amazon%20Prime.jpeg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjnrlJdIKqBeon_NOv17MzZ0b10Ck2VFra3LA4xvRTKnZvo_M8YqTuN9P_6OybapBvxNJVkX9xRuhaTetD6pCr_OAe-Ck6TEHlRajfFBeG3RSitja-t6b-hkV4Yc6ybSWIhhfUvC8UB-vQx1uko... 4 KB
4 KB 404ms
402ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjnrlJdIKqBeon_NOv17MzZ0b10Ck2VFra3LA4xvRTKnZvo_M8YqTuN9P_6OybapBvxNJVkX9xRuhaTetD6pCr_OAe-Ck6TEHlRajfFBeG3RSitja-t6b-hkV4Yc6ybSWIhhfUvC8UB-vQx1ukoox1fyHHg1SQrbmONJ8mxsWy46HpmFuJ-LFmZxwInLg/w72-h72-p-k-no-nu/How%20To%20Watch%20%E2%80%98Flames%20Season%203%E2%80%99%20Online%20for%20FREE%20in%20Amazon%20Prime.jpeg

Requested by

Host: www.fforfree.net
URL: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

bc4edba7ac87e542bd6cfd4d21c94a262beb08813d386cf9e23a2a87ad78189f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:38 GMT
x-content-type-options: nosniff
server: fife
etag: "vefc6"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="How To Watch _Flames Season 3_ Online for FREE in Amazon Prime.jpeg";filename*=UTF-8''How%20To%20Watch%20%E2%80%98Flames%20Season%203%E2%80%99%20Online%20for%20FREE%20in%20Amazon%20Prime.jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4064
x-xss-protection: 0
expires: Fri, 18 Nov 2022 12:01:38 GMT

GET
H3 200 Airtel%2BHappy%2BHolidays%2Boffer%2Bscratch%2Bcards.jpg
1.bp.blogspot.com/-wYyd_fBFk5U/XgOO_cUL9TI/AAAAAAAAnD4/I6jVS7wMSwEtddA3r8exieNrXaE-w17GgCLcBGAsYHQ/w72-h72-p-k-no-nu/ 3 KB
3 KB 122ms
44ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-wYyd_fBFk5U/XgOO_cUL9TI/AAAAAAAAnD4/I6jVS7wMSwEtddA3r8exieNrXaE-w17GgCLcBGAsYHQ/w72-h72-p-k-no-nu/Airtel%2BHappy%2BHolidays%2Boffer%2Bscratch%2Bcards.jpg

Requested by

Host: www.fforfree.net
URL: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6f89e99efc0eea07bf14a075d710418fd34911ec489ca6a47cf210611c11b96a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 08:09:31 GMT
x-content-type-options: nosniff
age: 13926
content-disposition: inline;filename="Airtel Happy Holidays offer scratch cards.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3514
x-xss-protection: 0
server: fife
etag: "v9c3f"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 13 Nov 2022 20:55:14 GMT

GET
H3 200 Language%2BFest%2B-%2BInstant%2B%25E2%2582%25B9200%2BFree%2BPayTM%2BCash%2B%252B%2BUp%2BTo%2B%25E2%2582%25B9300%2BAmazon%2BCashback.jpg
1.bp.blogspot.com/-dJq5u-VQHcY/XgMLPaYOTMI/AAAAAAAAnDw/9XgupanDY2M-iLPD0O8gvmy79lQYDeQfACLcBGAsYHQ/w72-h72-p-k-no-nu/ 5 KB
5 KB 118ms
40ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-dJq5u-VQHcY/XgMLPaYOTMI/AAAAAAAAnDw/9XgupanDY2M-iLPD0O8gvmy79lQYDeQfACLcBGAsYHQ/w72-h72-p-k-no-nu/Language%2BFest%2B-%2BInstant%2B%25E2%2582%25B9200%2BFree%2BPayTM%2BCash%2B%252B%2BUp%2BTo%2B%25E2%2582%25B9300%2BAmazon%2BCashback.jpg

Requested by

Host: www.fforfree.net
URL: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

01cf911d54c9e2547560245636e9f06e22144701b8a5417d4b8a9d64d38907a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 08:09:31 GMT
x-content-type-options: nosniff
age: 13926
content-disposition: inline;filename="Language Fest - Instant _200 Free PayTM Cash + Up To _300 Amazon Cashback.jpg";filename*=UTF-8''Language%20Fest%20-%20Instant%20%E2%82%B9200%20Free%20PayTM%20Cash%20%2B%20Up%20To%20%E2%82%B9300%20Amazon%20Cashback.jpg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5174
x-xss-protection: 0
server: fife
etag: "v9c3d"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 14 Nov 2022 05:34:20 GMT

GET
H2 200 Binance%20Learn%20And%20Stake%20DOGECoin%20Quiz%20Answers%20FREE%204%20DOGE.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhBRymvJdka-S7l0ngZk6zYZuXEKmGXIk6_aQFshYAWJ2w08iJRV323QDG6MJN4hB-s2dWGK2uxAUzWK1hXYA8YVRoq_KLjfKoQUNhcxtarMoU6_61Z0Kz51Niwz4OFIyilwFcqESDPF47nfRDk... 4 KB
4 KB 451ms
449ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhBRymvJdka-S7l0ngZk6zYZuXEKmGXIk6_aQFshYAWJ2w08iJRV323QDG6MJN4hB-s2dWGK2uxAUzWK1hXYA8YVRoq_KLjfKoQUNhcxtarMoU6_61Z0Kz51Niwz4OFIyilwFcqESDPF47nfRDkSmMTNErxbw7_SRjeyQiHaWeXwJPbHMMX4p_aUv9XeQ/w72-h72-p-k-no-nu/Binance%20Learn%20And%20Stake%20DOGECoin%20Quiz%20Answers%20FREE%204%20DOGE.webp

Requested by

Host: www.fforfree.net
URL: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7ab5733d8d7ee5b303129398a6f790b3c6113e9eeb9257231d33de60ab322c05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:38 GMT
x-content-type-options: nosniff
server: fife
etag: "vefe2"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Binance Learn And Stake DOGECoin Quiz Answers FREE 4 DOGE.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4354
x-xss-protection: 0
expires: Fri, 18 Nov 2022 12:01:38 GMT

GET
H2 200 Google%20Pay%20Build%20Tallest%20Cinema%20Hall%20Offer%20and&%20Win%20%E2%82%B9350%20Cashback.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiGXl1763M9LDbpj-GI1QrpADpQityqH8A45rGv-AWsk96fXOQyORDFi5Cm2SoeAC-4fMDnjJncEAQ1ZtDH41ii6BUXKw4zn5oTRntw6fr141jCO_Spyjwe33elmI328KYK-xU4dd5xn76VtUr1... 3 KB
3 KB 398ms
396ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiGXl1763M9LDbpj-GI1QrpADpQityqH8A45rGv-AWsk96fXOQyORDFi5Cm2SoeAC-4fMDnjJncEAQ1ZtDH41ii6BUXKw4zn5oTRntw6fr141jCO_Spyjwe33elmI328KYK-xU4dd5xn76VtUr1A-0_Jl80t94ZeVrV-TAo12qM2kMxvsv4bOI1yY-jZg/w72-h72-p-k-no-nu/Google%20Pay%20Build%20Tallest%20Cinema%20Hall%20Offer%20and&%20Win%20%E2%82%B9350%20Cashback.jpg

Requested by

Host: www.fforfree.net
URL: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6d99010de4ec3209a93a3ef5246bcdae2bc6d141c4759746cb6e941913e7fc8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:38 GMT
x-content-type-options: nosniff
server: fife
etag: "vf02b"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Google Pay Build Tallest Cinema Hall Offer and& Win _350 Cashback.jpg";filename*=UTF-8''Google%20Pay%20Build%20Tallest%20Cinema%20Hall%20Offer%20and%26%20Win%20%E2%82%B9350%20Cashback.jpg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3113
x-xss-protection: 0
expires: Fri, 18 Nov 2022 12:01:38 GMT

GET
H2 200 Football%20World%20Cup%20Contest%20Cheer%20for%20Your%20Country%20to%20Win%20Macbook%20Pro%20%23Worldwide.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjA0mUu6dWLu3OP8KcRBPenNRtEKD3WvPps2mOBOonUm4kRgAcYmvs5ZjdkFj4tERUwAVOUIl3zMUZI7F9LKxOC4IDSfUMdqEN8VMBm87IVZlBL_redNDx5Za_gh6zyt3Ev04pdzGzS3zfpSW7y... 5 KB
6 KB 378ms
377ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjA0mUu6dWLu3OP8KcRBPenNRtEKD3WvPps2mOBOonUm4kRgAcYmvs5ZjdkFj4tERUwAVOUIl3zMUZI7F9LKxOC4IDSfUMdqEN8VMBm87IVZlBL_redNDx5Za_gh6zyt3Ev04pdzGzS3zfpSW7yY3W-HfqLgPi6ZDDkK4yDl9QbRS1Wkq58lnVDV7MvEw/w72-h72-p-k-no-nu/Football%20World%20Cup%20Contest%20Cheer%20for%20Your%20Country%20to%20Win%20Macbook%20Pro%20%23Worldwide.jpg

Requested by

Host: www.fforfree.net
URL: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d22088a9105fbffcbe83dab1bb5dd223de382bca10f232eaddf7d1ef51e71e89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:38 GMT
x-content-type-options: nosniff
server: fife
etag: "vf054"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Football World Cup Contest Cheer for Your Country to Win Macbook Pro #Worldwide.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5586
x-xss-protection: 0
expires: Fri, 18 Nov 2022 12:01:38 GMT

GET
H3 200 Four%2BSquare%2BCrush%2BMini%2Bcontest.jpg
4.bp.blogspot.com/-vxW9Q0EILdk/X0TnLY3QuZI/AAAAAAAArXs/gpQQgvBOgrMfdVSc3vUvUbejNJGwFr_TQCK4BGAYYCw/w72-h72-p-k-no-nu/ 3 KB
3 KB 138ms
60ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-vxW9Q0EILdk/X0TnLY3QuZI/AAAAAAAArXs/gpQQgvBOgrMfdVSc3vUvUbejNJGwFr_TQCK4BGAYYCw/w72-h72-p-k-no-nu/Four%2BSquare%2BCrush%2BMini%2Bcontest.jpg

Requested by

Host: www.fforfree.net
URL: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4e6d3f1f588616c930f21daf344c4727b785221e2b70aaeb0ae4dcad867e51fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:37 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="Four Square Crush Mini contest.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3541
x-xss-protection: 0
server: fife
etag: "vad7c"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 17 Nov 2022 17:53:09 GMT

GET
H2 200 WFH_1500x350.gif
images-eu.ssl-images-amazon.com/images/G/31/IMG19/Furniture/WFH/Header/ 1 MB
1 MB 84ms
12ms Image
image/gif 2600:9000:2250:da00:1d:d7f6:39d2:2dc1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-eu.ssl-images-amazon.com/images/G/31/IMG19/Furniture/WFH/Header/WFH_1500x350.gif
Requested by: Host: www.fforfree.net
URL: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:da00:1d:d7f6:39d2:2dc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 0e8f379e022326c1b0bae7255ced9cac2bd14aacd974659e7bd671883151f2da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:37 GMT
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 77680
edge-cache-tag: x-cache-828,/images/G/31/IMG19/Furniture/WFH/Header/WFH_1500x350
x-cache: Hit from cloudfront
x-nginx-cache-status: MISS
content-length: 1162903
surrogate-key: x-cache-828 /images/G/31/IMG19/Furniture/WFH/Header/WFH_1500x350
last-modified: Tue, 21 Jul 2020 11:03:42 GMT
server: Server
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=86400,public
x-amz-ir-id: 53fe2f43-26c3-4a48-aee2-d7a75cea4044
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in
x-amz-cf-id: SNvgy54VMW2F-eF8L2YWmVRmjq1Q2VGfOtatmRLlrdayapMP-_UTvQ==
expires: Thu, 17 Nov 2022 14:26:57 GMT

GET
H2 200 infolinks_main.js Show response
resources.infolinks.com/js/ 3 KB
2 KB 116ms
78ms Script
application/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/infolinks_main.js
Requested by: Host: www.fforfree.net
URL: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 777d394a7deef366f50fb137c76d021b9aae4ca400085b2f2382698d5d2cffa1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:37 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 11:04:10 GMT
server: cloudflare
age: 3437
etag: W/"dc3-5eda88c7bebd0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 76b85011ac6a911f-FRA
expires: Thu, 17 Nov 2022 12:04:19 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
30 KB 129ms
39ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: www.fforfree.net
URL: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 11:43:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1084
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30306
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 11:43:33 GMT

GET
H2 200 1157942 Show response
adhitzads.com/ 448 B
546 B 84ms
43ms Script
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adhitzads.com/1157942
Requested by: Host: www.fforfree.net
URL: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b332ef1a96c34c52e537f89d5df9e43ef159e3d44d353edb735c60981c873de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0brYswh5cxd4o%2BSTJYuJXGFQFbWTY9%2FSb3i2%2FovNqMternsnMO1BoPkCTQ2EPsWz404ATm%2FCgZ%2BLQc%2Bk833h7yMuxYEXAgUpClYIG1aRSnVT36Stb5jbx0dn6UrD1xoC"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=3600, public
cf-ray: 76b85011acaa5b5c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 17 Nov 2022 13:01:37 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.0/ 84 KB
29 KB 171ms
81ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js

Requested by

Host: www.fforfree.net
URL: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 11:37:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1448
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30089
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 11:37:29 GMT

GET
H2 200 cookienotice.js Show response
www.fforfree.net/js/ 6 KB
2 KB 51ms
49ms Script
text/javascript 2a00:1450:4001:830::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fforfree.net/js/cookienotice.js

Requested by

Host: www.fforfree.net
URL: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 17 Nov 2022 10:51:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 2026
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 24 Nov 2022 12:01:37 GMT

GET
H2 200 2342155703-widgets.js Show response
www.blogger.com/static/v1/widgets/ 153 KB
56 KB 51ms
46ms Script
text/javascript 2a00:1450:4001:806::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/2342155703-widgets.js

Requested by

Host: www.fforfree.net
URL: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c752966435826f865df5163012e3066bd9f0339b1959098323533be261741246

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 11:44:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1049
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56726
x-xss-protection: 0
last-modified: Thu, 17 Nov 2022 03:52:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Fri, 17 Nov 2023 11:44:08 GMT

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
684 B 141ms
140ms Stylesheet
text/css 2a00:1450:4001:806::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=5101816747547580259&zx=ea6cdaa0-46ab-4b1f-9fd7-d86b720ce1f1

Requested by

Host: www.fforfree.net
URL: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date: Thu, 17 Nov 2022 12:01:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 17 Nov 2022 12:01:37 GMT
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 image
themes.googleusercontent.com/ 42 KB
42 KB 216ms
116ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://themes.googleusercontent.com/image?id=0BwVBOzw_-hbMMDZjM2Q4YjctMTY2OC00ZGU2LWJjZDYtODVjOGRiOThlMGQ3

Requested by

Host: www.fforfree.net
URL: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

dc00075a2c0bfbea04d59f8fabbd0858e4547ddc8ed8104233f3d19eb67bb8f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:37 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42863
x-xss-protection: 0
expires: Fri, 18 Nov 2022 12:01:37 GMT

GET
H2 200 team-socialicons.png
4.bp.blogspot.com/-yv5OxRitVAQ/Uz1cgd6dDpI/AAAAAAAAJbE/8PS_aU1Rxkw/h25/ 10 KB
10 KB 130ms
41ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-yv5OxRitVAQ/Uz1cgd6dDpI/AAAAAAAAJbE/8PS_aU1Rxkw/h25/team-socialicons.png

Requested by

Host: www.fforfree.net
URL: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4114ecdf5d96f4e79271fa0541c464c811404186307fca09981ad363f732a0cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 11:00:03 GMT
x-content-type-options: nosniff
age: 3694
content-disposition: inline;filename="team-socialicons.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10278
x-xss-protection: 0
server: fife
etag: "v25b2"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 14 Nov 2022 00:18:25 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ 16 KB
17 KB 123ms
39ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: www.fforfree.net
URL: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fforfree.net/
Origin: https://www.fforfree.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 18:51:26 GMT
x-content-type-options: nosniff
age: 234611
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16740
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Nov 2023 18:51:26 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
339 B 112ms
40ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LKWM90GK3S&gtm=2oeb90&_p=883580109&cid=1591039200.1668686498&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1668686497&sct=1&seg=0&dl=https%3A%2F%2Fwww.fforfree.net%2F2022%2F11%2Fwin-from-1000000-prize-pool-using.html&dt=Win%20from%20%241000000%20Prize%20Pool%20Using%20Gummys%20Waitlist%20Airdrop%20%7C%20Free%20Stuff%2C%20Contests%2C%20Deals%2C%20Giveaways%2C%20Free%20Samples%20India&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LKWM90GK3S
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Nov 2022 12:01:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.fforfree.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK flping.php
lg3.media.net/ 15 B
15 B 59ms
8ms Image
text/html 23.35.236.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/flping.php?reason=0&action=16&pid=8POX2M135&gdpr=1&cid=8CULYOGT4&crid=

Requested by

Host: www.fforfree.net
URL: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.35.236.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-236-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=21600
Date: Thu, 17 Nov 2022 12:01:37 GMT
Server: Apache
ntCoent-Length: 15
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=59321
Connection: keep-alive
Content-Length: 15

GET
H2 200 / Show response
p3.adhitzads.com/ 642 B
660 B 62ms
51ms Script
text/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p3.adhitzads.com/?z=1157934&p=3670852124&l=https%3A//www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html&c=1
Requested by: Host: adhitzads.com
URL: https://adhitzads.com/1157934
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: fd29b4e0c034534da5c0e752a7274590e5503542d00fd66ecf09b733f8845f5b

Request headers

Referer: https://www.fforfree.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Thu, 17 Nov 2022 12:01:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.6.40
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m4K0mAzqwHQaTuHnq8SMoRje8xXRcUt1MINKOoXt%2B5Eo8MrNIWlpQLvz7QQXu%2BvO99VPFPyGZ1Of%2BM9HntmG7OpJjx64q7WQ0BI5YDAC8B6uNGIE4WDpFzwcO%2Brtqx0us57Z"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 76b850120d6b5b5c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 137ms
136ms Stylesheet
text/css 2a00:1450:4001:806::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=5101816747547580259&zx=ea6cdaa0-46ab-4b1f-9fd7-d86b720ce1f1

Requested by

Host: www.fforfree.net
URL: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date: Thu, 17 Nov 2022 12:01:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 17 Nov 2022 12:01:37 GMT
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 637622a19b77d347038715gfforfree.net63609 Show response
p3.adhitzads.com/ Frame 3D97 3 KB
2 KB 88ms
43ms Document
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p3.adhitzads.com/637622a19b77d347038715gfforfree.net63609
Requested by: Host: p3.adhitzads.com
URL: https://p3.adhitzads.com/?z=1157934&p=3670852124&l=https%3A//www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html&c=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cf5db85551f638836fa079f70fb11f767af1278c8d9125a0561c740b3cb361f

Request headers

Referer: https://www.fforfree.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=1800 private
cf-cache-status: DYNAMIC
cf-ray: 76b85012aa7f924d-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 17 Nov 2022 12:01:37 GMT
expires: Thu, 17 Nov 2022 12:31:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wwslQb%2F9vOADPLEsi%2FmffuVsfXqum3a410V9W8vac4fSd6j1hoJYev%2Fl9TH7p9LZiFfWF8ap5BR6QFsd4G4xNUKOPzcSrcGivMHuYtnI8wpS7iYQeUnXAWfbFu0Gwvg%2BRDgp"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 stripe.png
1.bp.blogspot.com/-dbY_VVkPODk/UJTFnJtHmyI/AAAAAAAAGe8/jiGU6WOkWSI/s12/ 340 B
365 B 114ms
39ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-dbY_VVkPODk/UJTFnJtHmyI/AAAAAAAAGe8/jiGU6WOkWSI/s12/stripe.png

Requested by

Host: www.fforfree.net
URL: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d4c5b6a9ce505adcf1ffc563f9c907d5a3d34bede0a2fc2380c478687df2af56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 09:00:57 GMT
x-content-type-options: nosniff
age: 10840
content-disposition: inline;filename="stripe.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 340
x-xss-protection: 0
server: fife
etag: "v19ef"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 18 Nov 2021 16:15:44 GMT

GET
H3 200 fontawesome-webfont.woff
netdna.bootstrapcdn.com/font-awesome/3.2.0/font/ 43 KB
43 KB 47ms
26ms Font
font/woff 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/font-awesome/3.2.0/font/fontawesome-webfont.woff?v=3.2.0

Requested by

Host: netdna.bootstrapcdn.com
URL: https://netdna.bootstrapcdn.com/font-awesome/3.2.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18e6b5ff511b90edf098e62ac45ed9d6673a3eee10165d0de4164d4d02a3a77f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://netdna.bootstrapcdn.com/font-awesome/3.2.0/css/font-awesome.min.css
Origin: https://www.fforfree.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 617
age: 3869024
cdn-cachedat: 2021-08-03 11:33:47
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43572
last-modified: Mon, 25 Jan 2021 22:04:51 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 68679026e644223334daa1b3cdc931a6
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 76b85012acd0bbdd-FRA
cdn-requestpullsuccess: True

GET
H3 200 5101816747547580259 Show response
www.blogger.com/comment/frame/ Frame 6A48 54 KB
16 KB 69ms
67ms Document
text/html 2a00:1450:4001:806::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/comment/frame/5101816747547580259?po=2928172597917634208&hl=en&blogspotRpcToken=2327324

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

20b3d6d34889066fcd50eb88cb80a5087080666ab0eeec0efd5cc802ca8a2389

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KSCGbrfnHHRtOpsvmB-fLg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/BloggerCommentUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fforfree.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-KSCGbrfnHHRtOpsvmB-fLg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/BloggerCommentUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Thu, 17 Nov 2022 12:01:37 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H3 200 / Show response
p3.adhitzads.com/ 646 B
810 B 54ms
54ms Script
text/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p3.adhitzads.com/?z=1157936&p=3670852124&l=https%3A//www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html&c=2
Requested by: Host: adhitzads.com
URL: https://adhitzads.com/1157936
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: a1a69bdf9e753f0c8524e794e4bba536e6da5aba20e52b33977ab1c3b7fa89e9

Request headers

Referer: https://www.fforfree.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Thu, 17 Nov 2022 12:01:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.6.40
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DJ53B%2FLUoxCFomxB75fomDngC0HxhOO8h6cMbIiT522AyaBQIpUCkqa4ZMiucfHa0M49PLlc9Fia3bZlAsPP0TMbBb0MFzp%2F5Xuv7OeTgk5ctcsyjZogxA5dG6nM3qKdgEbO"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 76b85012ba93924d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/ 355 KB
117 KB 158ms
74ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2070990276345347&plah=www.fforfree.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2070990276345347&host=ca-host-pub-1556223355139109

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6587ac0c2edd169ec3e851e369358ef6e37792b1d3cd6ae56f948c26b4241f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119607
x-xss-protection: 0
server: cafe
etag: 11808999958306423375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 17 Nov 2022 12:01:37 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame C4AE 10 KB
5 KB 139ms
41ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2070990276345347&host=ca-host-pub-1556223355139109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fforfree.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 85564
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Nov 2022 12:15:33 GMT
etag: 10353107486223812946
expires: Wed, 30 Nov 2022 12:15:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 35ms
7ms Script
application/x-javascript 88.221.169.143
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.169.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-169-143.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:37 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: B402EDC6F7271ED7
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=27782
accept-ranges: bytes
content-length: 948
x-amz-id-2: 3ZiQcYtRTuh4WJ4BUq+mWoVqgQk4EdHwIkUrSZre2GxPFo/4IUZsv5aBqLknQUvSl0wjR3iM+HQ=

GET
H3 200 1PPSUHdoqwjL2VWcj6xyFKbKzkU.js Show response
p3.adhitzads.com/cdn-cgi/apps/head/ Frame 3D97 25 KB
8 KB 31ms
31ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p3.adhitzads.com/cdn-cgi/apps/head/1PPSUHdoqwjL2VWcj6xyFKbKzkU.js
Requested by: Host: p3.adhitzads.com
URL: https://p3.adhitzads.com/637622a19b77d347038715gfforfree.net63609
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 065a05d12986a9e31fba40f27204e3d048315acb63e4f70b2cc7d44a6f80df3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://p3.adhitzads.com/637622a19b77d347038715gfforfree.net63609
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:37 GMT
x-amz-version-id: HIlLEqrgQhxtvnqNOJO.wJAtVe0RPRw5
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: T8PZEEHWG8Q7P55N
age: 25573482
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 6R8ZEDL83uBA01KUsNbwOgJGk4WwpTgPfRFflwGIe65YKZM6FEfpzpqwnbVBpVd017dKuhRlgz8=
last-modified: Sat, 21 Aug 2021 07:52:28 GMT
server: cloudflare
etag: W/"0efa17b3260a0b776ab28207ab5cc303"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bzq%2FJUlMtkDeA3KOwWsdAixhNF%2Fv1Qzu7qCQbV4QWMPIE%2BApnmp5uv79Os4M62KPAM%2FoXbVGzomZpXz8plNlE%2BPyEqNE%2FJne7igKCBXVMVdnowRVBn6LtOwtbJnGVPQRAOaF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 76b850138c63924d-FRA

POST
H3 204 cspreport
www.blogger.com/_/BloggerCommentUi/ Frame 6A48 0
26 B 86ms
85ms Other
text/html 2a00:1450:4001:806::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/_/BloggerCommentUi/cspreport

Requested by

Host: www.fforfree.net
URL: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NkwNa17RQ49NQ9YtQksQtA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/BloggerCommentUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/comment/frame/5101816747547580259?po=2928172597917634208&hl=en&blogspotRpcToken=2327324
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 17 Nov 2022 12:01:37 GMT
content-security-policy: script-src 'report-sample' 'nonce-NkwNa17RQ49NQ9YtQksQtA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/BloggerCommentUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 m=_b,_tp,_r Show response
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.SRCqcPcpVQA.es5.O/am=mgNAEA/d=1/excm=_b,_r,_tp,commentformiframeview/ed=1/dg=0/wt=2/rs=AEy-KP373b-z2HJoBULgXxFLupDZ-SxIpw/ Frame 6A48 176 KB
62 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:806::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.SRCqcPcpVQA.es5.O/am=mgNAEA/d=1/excm=_b,_r,_tp,commentformiframeview/ed=1/dg=0/wt=2/rs=AEy-KP373b-z2HJoBULgXxFLupDZ-SxIpw/m=_b,_tp,_r

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/comment/frame/5101816747547580259?po=2928172597917634208&hl=en&blogspotRpcToken=2327324

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea8591fe79529defd75d76e3788daae8f6f4e25b90951a86c124be2b81b34865

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 03:39:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 289317
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63386
x-xss-protection: 0
last-modified: Sat, 12 Nov 2022 11:13:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 03:39:40 GMT

GET
H3 200 637622a1b69cd164841657gfforfree.net63609 Show response
p3.adhitzads.com/ Frame FA6C 3 KB
2 KB 40ms
40ms Document
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p3.adhitzads.com/637622a1b69cd164841657gfforfree.net63609
Requested by: Host: p3.adhitzads.com
URL: https://p3.adhitzads.com/?z=1157936&p=3670852124&l=https%3A//www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html&c=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 247ee3d40a1b8dcee5bbc76ca53675aeeb426a9d275689963b1ae5755429dfc4

Request headers

Referer: https://www.fforfree.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=1800 private
cf-cache-status: DYNAMIC
cf-ray: 76b85013acae924d-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 17 Nov 2022 12:01:37 GMT
expires: Thu, 17 Nov 2022 12:31:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yq1NYPRnE19NL7zReohNARKcYEok9giCU0sqPdVwuLhp2JK7BHMLLCLdp191cXhHt9HivqlqOmrf1PGZlp4gI0xp5%2BAhF5P2tRJu4UQCPpgAlrkBTCSuBlMY%2BiIewM%2Bm5WZE"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 / Show response
p3.adhitzads.com/ 646 B
815 B 60ms
57ms Script
text/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p3.adhitzads.com/?z=1158659&p=3670852124&l=https%3A//www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html&c=3
Requested by: Host: adhitzads.com
URL: https://adhitzads.com/1158659
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: 6913b814328f4d80daa2d0c46beb7fd6ceb864b8b44015bc7d2c7671bf992196

Request headers

Referer: https://www.fforfree.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Thu, 17 Nov 2022 12:01:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.6.40
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cfDQ%2Ffe5v5z%2FsSv6K6f0VATnd0f%2Bv9tWmPgudZ8yOTsaRA5Zx13Hi%2Bu6sleoNgyjIc%2BtjnPme1sDl4Gmbj1RKgZ85FvSFSKKQchQXQZDYY33kj56Hqjs08P0bmRdoDIbsan5"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 76b85013dd0e924d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 3D97 984 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 654054d57d0184c0f925aa8890f206bf4432243ff8a971700b55217eccbe4e3d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H3 200 1664560408img_ad_cmp_443315.gif
p3.adhitzads.com/s/ad_files/ Frame 3D97 1 MB
1 MB 30ms
29ms Image
image/gif 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p3.adhitzads.com/s/ad_files/1664560408img_ad_cmp_443315.gif
Requested by: Host: p3.adhitzads.com
URL: https://p3.adhitzads.com/637622a19b77d347038715gfforfree.net63609
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 362ddfd3e9f35df206d9797c15438d3c61578ea7112530df0afb65a89d4204b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://p3.adhitzads.com/637622a19b77d347038715gfforfree.net63609
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1531773
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1348029
last-modified: Fri, 30 Sep 2022 17:53:28 GMT
server: cloudflare
etag: "63372d18-1491bd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2FUWp2YiQZf6UPsmqk2lv5T3s48esZ4C18cUj4vUeIuRrmn6M7kva3AmiuwSVv8VyD%2FTQalcPbdXx7qCkrEkBmmJlVAmS0F0STlz6V%2FHNaftNn7dY2sw1n3LVb8JX7xTS2HJ"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 76b85013fd3b924d-FRA
expires: Tue, 29 Nov 2022 18:32:04 GMT

GET
H3 200 bannerslink.png
p3.adhitzads.com/s/ Frame 3D97 1 KB
2 KB 151ms
150ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p3.adhitzads.com/s/bannerslink.png
Requested by: Host: p3.adhitzads.com
URL: https://p3.adhitzads.com/637622a19b77d347038715gfforfree.net63609
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c97c6711a3842ff47e9255b0d954eef44acb0ae4625ca9180e3f5bcde4f0f8b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://p3.adhitzads.com/637622a19b77d347038715gfforfree.net63609
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2531657
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1323
last-modified: Thu, 20 May 2010 21:29:39 GMT
server: cloudflare
etag: "4bf5a9c3-52b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ZBUWFYa%2FvarCzKEDY%2FLaM5He69KM6j8fiXoJeG4PAdYMVttzhWt9RF5kXT2yAcPwOleHEUv3HuDDjKBwL00af1QD0uzTOL2WU%2F815iRt68n%2B7HlUyHHf8AJ0ykWNCR%2BIMSN"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 76b85013fd5a924d-FRA
expires: Fri, 18 Nov 2022 04:47:20 GMT

GET
H3 200 1PPSUHdoqwjL2VWcj6xyFKbKzkU.js Show response
p3.adhitzads.com/cdn-cgi/apps/head/ Frame FA6C 25 KB
8 KB 138ms
137ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p3.adhitzads.com/cdn-cgi/apps/head/1PPSUHdoqwjL2VWcj6xyFKbKzkU.js
Requested by: Host: p3.adhitzads.com
URL: https://p3.adhitzads.com/637622a1b69cd164841657gfforfree.net63609
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 065a05d12986a9e31fba40f27204e3d048315acb63e4f70b2cc7d44a6f80df3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://p3.adhitzads.com/637622a1b69cd164841657gfforfree.net63609
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:37 GMT
x-amz-version-id: HIlLEqrgQhxtvnqNOJO.wJAtVe0RPRw5
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: T8PZEEHWG8Q7P55N
age: 25573482
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 6R8ZEDL83uBA01KUsNbwOgJGk4WwpTgPfRFflwGIe65YKZM6FEfpzpqwnbVBpVd017dKuhRlgz8=
last-modified: Sat, 21 Aug 2021 07:52:28 GMT
server: cloudflare
etag: W/"0efa17b3260a0b776ab28207ab5cc303"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j998ZcUHoiPZW4o59bYjsjWs2nLPH7KcBlMzC0uKtSpwz%2BunCcibPvhvAw4b5q%2F5QRTsEaIM2QJudKqoOPZiac2Z2ArDAtTlAtDtLx%2BT6BnjTPOCo7Z1yGlONQgRVZYm2Na8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 76b850141d80924d-FRA

GET
H3 200 invisible.js Show response
p3.adhitzads.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 4732 36 KB
15 KB 140ms
139ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p3.adhitzads.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1668686400
Requested by: Host: www.fforfree.net
URL: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e24a26a6226c0d1387f608616601f58f3020c404268cc51075c3ae620cc2021c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:37 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R8dDog%2BlAFSzrTJ%2BFaVGnObCL2feckEPn4ZhGFQ7FWezoVCVK7G0pGDerL7web79w3oWFJpCGeiq0aTIdz9NbqTMQwCIQO4QSGAtfrIcFAKuLFtl8wheIh0dDvNGfQHRNRNY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 76b850141d86924d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 637622a1e22ea894959702gfforfree.net63609 Show response
p3.adhitzads.com/ Frame BF08 9 KB
3 KB 114ms
113ms Document
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p3.adhitzads.com/637622a1e22ea894959702gfforfree.net63609
Requested by: Host: p3.adhitzads.com
URL: https://p3.adhitzads.com/?z=1158659&p=3670852124&l=https%3A//www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html&c=3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5528103076c556b1198833c6155ca2f574bd9cacf118ef5fd15a155fcae6799a

Request headers

Referer: https://www.fforfree.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=1800 private
cf-cache-status: DYNAMIC
cf-ray: 76b850144dfa924d-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 17 Nov 2022 12:01:37 GMT
expires: Thu, 17 Nov 2022 12:31:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gmhWpc6wVvFZzttFFx42xaUIeijlS%2FPsLDqXq8Ei2zBE5CzRnalUe6gruJS0p%2Bdxwgh28Cf81vw0WSSGpSl39iHadvFQDpV1khYaHj6f6GI3w5QjcH4KL5%2F0DhW1dTXi5y1F"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 ice.js Show response
resources.infolinks.com/js/1835.006-3.025/ 183 KB
56 KB 39ms
38ms Script
application/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1835.006-3.025/ice.js
Requested by: Host: www.fforfree.net
URL: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7184ab41cf778b1cf21506d80700c19163c1515a4a909e269695bf42d61da3db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:38 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 14 Nov 2022 20:13:47 GMT
server: cloudflare
age: 12982
etag: W/"2dace-5ed73e0824f04"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 76b850145b11911f-FRA
expires: Sat, 17 Dec 2022 08:25:15 GMT

GET
H2 200 likebox.php Show response
www.facebook.com/plugins/ Frame 6D94 15 KB
9 KB 83ms
55ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/F4Free&width=402&height=255&colorscheme=light&show_faces=true&show_border=false&stream=false&header=false

Requested by

Host: www.fforfree.net
URL: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2932c372d614e9690d4d71b385576efd6f044d8be3f13932e057b7d8f4a3caf2

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fforfree.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 17 Nov 2022 12:01:38 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: yYD2JpQHfEzYwaejKhxZ4KXCz2SZiPTNHWoLIgivdY/zDz/HklnGQ7bCLuI4kzwsrrrgpPQRY6+pQTTFkJtODg==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H3 200 stripe.png
4.bp.blogspot.com/-q4rW2Nbip7c/UWxMEfkADRI/AAAAAAAAI9Y/EZG2EWr99EE/s8/ 297 B
322 B 39ms
39ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-q4rW2Nbip7c/UWxMEfkADRI/AAAAAAAAI9Y/EZG2EWr99EE/s8/stripe.png

Requested by

Host: www.fforfree.net
URL: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f181ed240d4e6ceac0664cd647edf7ea5c642f32f8e95d5ceef0eb04217d7c89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 09:32:28 GMT
x-content-type-options: nosniff
age: 8949
content-disposition: inline;filename="stripe.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 297
x-xss-protection: 0
server: fife
etag: "v23db"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 12 Nov 2022 14:40:53 GMT

GET
H2 200 mr.robot.js Show response
axm.am/ 404 B
782 B 107ms
30ms Script
application/javascript 2606:4700:3037::ac43:d5af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://axm.am/mr.robot.js
Requested by: Host: www.fforfree.net
URL: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d5af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a8f496e28814e57ddaa2474e2ae6f8a0fe45c3e01c19408d3f5213362d70cf4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:38 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sun, 20 Dec 2020 03:41:49 GMT
server: cloudflare
age: 2777
cf-polished: origSize=568
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4zOLBXytCHBzYTfMMwILuqtZhNceIaD1eLNEuARkDqFAPRHyp8ZszaeIPKfnBsyJlecJz5oAWkPZjX7ADUY7YUaNaHQx5ySlH9VeyQ8ZAsrEcph7b6oMbdXeK2YrNFopjbZ%2B0gI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 76b850150cbf9042-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 / Show response
p3.adhitzads.com/ 646 B
815 B 74ms
74ms Script
text/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p3.adhitzads.com/?z=1157942&p=3670852124&l=https%3A//www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html&c=4
Requested by: Host: adhitzads.com
URL: https://adhitzads.com/1157942
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: d18b18250cdccb2800690c44057977a40ecc71a787959028c64f32b886279ad3

Request headers

Referer: https://www.fforfree.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Thu, 17 Nov 2022 12:01:38 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.6.40
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aZcFRWb4%2FftEced9APM%2BeWWlBGk%2FvE9Vn3aXsHh%2BmaRpnIUcqFaGxfr5pj1vC0CQkQjBh5qmbOVGfSyGbaXxbOMjy5VxoH7TNVyy3UL4DGy9JU7PBRYc3GTbzWfpgETlAAgH"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 76b850148e8d924d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
463 B 87ms
49ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.fforfree.net&callback=_gfp_s_&client=ca-pub-2070990276345347&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2070990276345347&plah=www.fforfree.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb0bd5d2cc88092310a7b930cac2525ceefc79a6771f323e97ddda3de4797c40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 251
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 152ms
50ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.fforfree.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 137ms
47ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.fforfree.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7940 603 B
68 B 63ms
62ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2070990276345347&output=html&adk=1812271804&adf=3025194257&lmt=1668669556&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwww.fforfree.net%2F2022%2F11%2Fwin-from-1000000-prize-pool-using.html&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=1&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=1000&asna=5&asnd=5&asnp=5&asns=5&asmat=0.4&asptt=-1&aspe=0&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668686497738&bpp=3&bdt=403&idt=274&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5196308042567&frm=20&pv=2&ga_vid=1591039200.1668686498&ga_sid=1668686498&ga_hid=883580109&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C42531705%2C44770880%2C44779077&oid=2&pvsid=1675036644218695&tmod=890533972&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=309

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fforfree.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 17 Nov 2022 12:01:38 GMT
expires: Thu, 17 Nov 2022 12:01:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 manage Show response
router.infolinks.com/usync/ Frame 6B2E 0
33 B 214ms
199ms Document
text/plain 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/manage?pid=3178660&wsid=0&pdom=www.fforfree.net&purl=https%3A%2F%2Fwww.fforfree.net%2F2022%2F11%2Fwin-from-1000000-prize-pool-using.html
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1835.006-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.fforfree.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 76b850154d29911f-FRA
content-length: 0
date: Thu, 17 Nov 2022 12:01:38 GMT
server: cloudflare
via: 1.1 google

GET
H2 200 lcmanage Show response
router.infolinks.com/usync/ 0
35 B 167ms
160ms Script
text/plain 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/lcmanage?pid=3178660&wsid=0&pdom=www.fforfree.net&purl=https%3A%2F%2Fwww.fforfree.net%2F2022%2F11%2Fwin-from-1000000-prize-pool-using.html
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1835.006-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:38 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76b850154d2c911f-FRA
content-length: 0

GET
H2 200 gsd Show response
router.infolinks.com/ 333 B
529 B 160ms
156ms Script
text/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/gsd?evt=afterGSD&pid=3178660&wsid=0&pdom=www.fforfree.net&purl=https%3A%2F%2Fwww.fforfree.net%2F2022%2F11%2Fwin-from-1000000-prize-pool-using.html&jsv=1835.006-3.025&_cb=16686864981140
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1835.006-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65f87e0c829aeec7d1549d22c44fdbe9040b76d140039431204d57b3ab1c59a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Nov 2022 12:01:38 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/javascript;charset=UTF-8
p3p: CP="NON DSP NID OUR COR"
cache-control: max-age=0
cf-ray: 76b850154d3a911f-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 kV0YAC6l6Q1.css
static.xx.fbcdn.net/rsrc.php/v3/yG/l/0,cross/ Frame 6D94 20 KB
6 KB 43ms
9ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yG/l/0,cross/kV0YAC6l6Q1.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/F4Free&width=402&height=255&colorscheme=light&show_faces=true&show_border=false&stream=false&header=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

958a13285f4c480cc7a987e4b2f5b4139be833c4241f9749fafc9ab2837eeaa9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:38 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: DDTvyTjCsx8PTeT4r0qaRA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5198
x-fb-rlafr: 0
x-fb-debug: 7fhMz5YetFoyun0zLlvsqUP0hsZx/GqTNySC0uRUvA83ZqSWoUN2vsxkoDt9QPgk9cuz0ZsJJijmi5/oz5Jbwg==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 16 Nov 2023 15:45:51 GMT

GET
H3 200 1PPSUHdoqwjL2VWcj6xyFKbKzkU.js Show response
p3.adhitzads.com/cdn-cgi/apps/head/ Frame BF08 25 KB
8 KB 31ms
30ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p3.adhitzads.com/cdn-cgi/apps/head/1PPSUHdoqwjL2VWcj6xyFKbKzkU.js
Requested by: Host: p3.adhitzads.com
URL: https://p3.adhitzads.com/637622a1e22ea894959702gfforfree.net63609
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 065a05d12986a9e31fba40f27204e3d048315acb63e4f70b2cc7d44a6f80df3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://p3.adhitzads.com/637622a1e22ea894959702gfforfree.net63609
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:38 GMT
x-amz-version-id: HIlLEqrgQhxtvnqNOJO.wJAtVe0RPRw5
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: T8PZEEHWG8Q7P55N
age: 25573483
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 6R8ZEDL83uBA01KUsNbwOgJGk4WwpTgPfRFflwGIe65YKZM6FEfpzpqwnbVBpVd017dKuhRlgz8=
last-modified: Sat, 21 Aug 2021 07:52:28 GMT
server: cloudflare
etag: W/"0efa17b3260a0b776ab28207ab5cc303"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tyuc5tj9xgDbVK1ZxsL07qbblHWtPk4c2RdwaXQSHDYMWd30s%2FALvcE3a68wmzmBuUbXFjes3eLHoD80x1%2Bo%2BxvX6ROEUhAoDjE7D0EP8K%2B1x3OrYgyjzRMFix9GTXF%2BSCPt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 76b85015686b924d-FRA

GET
DATA 200
OK truncated
/ Frame FA6C 984 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 654054d57d0184c0f925aa8890f206bf4432243ff8a971700b55217eccbe4e3d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H3 200 637622a20c699240123360gfforfree.net63609 Show response
p3.adhitzads.com/ Frame 7EB5 8 KB
3 KB 38ms
38ms Document
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p3.adhitzads.com/637622a20c699240123360gfforfree.net63609
Requested by: Host: p3.adhitzads.com
URL: https://p3.adhitzads.com/?z=1157942&p=3670852124&l=https%3A//www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html&c=4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 936498f6f387daaf63b2d72b028f7c5d8faab853e62b2be2615b25fa3bface8c

Request headers

Referer: https://www.fforfree.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=1800 private
cf-cache-status: DYNAMIC
cf-ray: 76b85015c90f924d-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 17 Nov 2022 12:01:38 GMT
expires: Thu, 17 Nov 2022 12:31:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BHTdacs%2BUvrHKubKZDkQMA1wCqCLjTT2R4q3gaxxVRBbN12WEmIJPsCGVO4PCYUgtyzDz320Y89b3S0n34f7DnxC33b4wYswjFU1MDqviWmexnrrKY9IxMPlTW4HM%2BfbiIDj"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 m=n73qwf,ws9Tlc,e5qFLc,GkRiKb,IZT63,vfuNJf,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,WO9ee,WzT7ae,gZjhIf,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,laz... Show response
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.SRCqcPcpVQA.es5.O/ck=boq-blogger.BloggerCommentUi.lSgx7DIsXuw.L.B1.O/am=mgNAEA/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,commentformif... Frame 6A48 278 KB
99 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:806::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.SRCqcPcpVQA.es5.O/ck=boq-blogger.BloggerCommentUi.lSgx7DIsXuw.L.B1.O/am=mgNAEA/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,commentformiframeview/ed=1/wt=2/rs=AEy-KP0zKsemIcaSh23tOKSBgj4Pre9L8w/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=n73qwf,ws9Tlc,e5qFLc,GkRiKb,IZT63,vfuNJf,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,WO9ee,WzT7ae,gZjhIf,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,lazG7b,S2r0ad,XVMNvd,L1AAkb,KUM7Z,Mlhmy,hc6Ubd,lwddkf,gychg,w9hDv,EEDORb,RMhBfe,SdcwHb,aW3pY,SpsfSb,EFQ78c,Ulmmrd,ZfAoz,mdR7q,Z5uLle,I6YDgd,xQtZb,JNoxi,kWgXee,MI6k7c,kjKdXe,MdUzUe,BVgquf,ovKuLd,hKSk3e,yDVVkb,zbML3c,zr1jrb,KG2eXe,Uas9Hd,VwDzFe,ZDqTJc,eD1YLc,A7fCU,pjICDe

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.SRCqcPcpVQA.es5.O/am=mgNAEA/d=1/excm=_b,_r,_tp,commentformiframeview/ed=1/dg=0/wt=2/rs=AEy-KP373b-z2HJoBULgXxFLupDZ-SxIpw/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ab10c5e05718d4f60b61c1eb224e2cfc79f4965f000a75eab92f55401cc7784

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 03:39:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 289318
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101624
x-xss-protection: 0
last-modified: Fri, 11 Nov 2022 23:12:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 03:39:40 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.SRCqcPcpVQA.es5.O/ck=boq-blogger.BloggerCommentUi.lSgx7DIsXuw.L.B1.O/am=mgNAEA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRi... Frame 6A48 6 KB
3 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:806::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.SRCqcPcpVQA.es5.O/ck=boq-blogger.BloggerCommentUi.lSgx7DIsXuw.L.B1.O/am=mgNAEA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,I6YDgd,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,S2r0ad,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,WO9ee,WzT7ae,XVMNvd,Z5uLle,ZDqTJc,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,fKUV3e,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,vfuNJf,w9hDv,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_r,_tp,commentformiframeview/ed=1/wt=2/rs=AEy-KP0zKsemIcaSh23tOKSBgj4Pre9L8w/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8892e168a6af9402ced4fac0f964c6621e05cb699339042f1963a97caafa8cfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 03:39:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 289318
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2804
x-xss-protection: 0
last-modified: Fri, 11 Nov 2022 23:12:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 03:39:40 GMT

GET
H3 200 1668634894img_ad_cmp_444210.gif
p3.adhitzads.com/s/ad_files/ Frame FA6C 379 KB
380 KB 34ms
34ms Image
image/gif 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p3.adhitzads.com/s/ad_files/1668634894img_ad_cmp_444210.gif
Requested by: Host: p3.adhitzads.com
URL: https://p3.adhitzads.com/637622a1b69cd164841657gfforfree.net63609
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b361dfac4c3b72c27b698ae99da626c46df5d974eb7920ab795f2658264e994e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://p3.adhitzads.com/637622a1b69cd164841657gfforfree.net63609
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 49040
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 388077
last-modified: Wed, 16 Nov 2022 21:41:34 GMT
server: cloudflare
etag: "6375590e-5ebed"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2B3scAvveeh3B6wqptHEcQGXagXarBcLV87A69NxwLGPnmIxaDE0uS0Cig4ILVm9pEcDICCemB8mWfllf88JezEwExJ1c0uEvIttHmRwzu8QVO7XQOWvsJ9WBFlUSp6LJISc"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 76b85016099a924d-FRA
expires: Fri, 16 Dec 2022 22:24:18 GMT

GET
H3 200 bannerslink.png
p3.adhitzads.com/s/ Frame FA6C 1 KB
2 KB 36ms
36ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p3.adhitzads.com/s/bannerslink.png
Requested by: Host: p3.adhitzads.com
URL: https://p3.adhitzads.com/637622a1b69cd164841657gfforfree.net63609
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c97c6711a3842ff47e9255b0d954eef44acb0ae4625ca9180e3f5bcde4f0f8b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://p3.adhitzads.com/637622a1b69cd164841657gfforfree.net63609
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2531658
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1323
last-modified: Thu, 20 May 2010 21:29:39 GMT
server: cloudflare
etag: "4bf5a9c3-52b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ki%2FKm59wXu6yWZ6VReq5CIGACbxGAQqRtkTXzRnAMaol5AwrhK%2F7eXYSGXmwwZclShXwJEn7t8GLoeR0tznoSsI%2F%2FhqD2aWVvycRz5Vz0jjNhMuC7NAvorDt4XcmeBmVqb%2By"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 76b8501629d8924d-FRA
expires: Fri, 18 Nov 2022 04:47:20 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 119ms
34ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.fforfree.net
URL: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 17 Nov 2022 11:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2744
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Thu, 17 Nov 2022 13:15:54 GMT

GET
H2 200 plugin_surf_track.php Show response
www.alexamaster.net/api/v1/ 7 B
551 B 730ms
678ms XHR
text/html 2606:4700:20::6819:d60e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.alexamaster.net/api/v1/plugin_surf_track.php?id=5085
Requested by: Host: axm.am
URL: https://axm.am/mr.robot.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:d60e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:39 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-max-age: 1000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m8oS93D0dqwmebyQDZHl9sBtiq8vHOquPHViZWpopmQhhVNf7cQJ2rcFCftdtWXf8zkAm08E41qBCeRQ1I%2Fd525k6ZKELNOnK0COA3NgIZAayRHgYwqS4NpMbIrx9FjLMsx3mD9W%2BlIlehprwHZ4Yfk%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: https://www.fforfree.net
content-type: text/html;charset=UTF-8
cf-ray: 76b85016bcc7bb44-FRA
access-control-allow-headers: Content-Type, Authorization, X-Requested-With

GET
H3 200 m=A4UTCb,VXdfxd,YwHGTd,i6Ko2d,pxq3x,fgj8Rb,XvDhNc,fgib1c Show response
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.SRCqcPcpVQA.es5.O/ck=boq-blogger.BloggerCommentUi.lSgx7DIsXuw.L.B1.O/am=mgNAEA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,FCpb... Frame 6A48 72 KB
25 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:806::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.SRCqcPcpVQA.es5.O/ck=boq-blogger.BloggerCommentUi.lSgx7DIsXuw.L.B1.O/am=mgNAEA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,FCpbqb,GkRiKb,I6YDgd,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,S2r0ad,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,WO9ee,WhJNk,Wt6vjf,WzT7ae,XVMNvd,Z5uLle,ZDqTJc,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,fKUV3e,gZjhIf,gychg,hKSk3e,hc6Ubd,hhhU8,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,vfuNJf,w9hDv,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_r,_tp,commentformiframeview/ed=1/wt=2/rs=AEy-KP0zKsemIcaSh23tOKSBgj4Pre9L8w/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=A4UTCb,VXdfxd,YwHGTd,i6Ko2d,pxq3x,fgj8Rb,XvDhNc,fgib1c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

693a5a2a96bdfcf418995c6fe870e5b81ef76e3cb186daba01561709a00fe1c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 03:39:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 289318
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25308
x-xss-protection: 0
last-modified: Fri, 11 Nov 2022 23:12:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 03:39:40 GMT

GET
DATA 200
OK truncated
/ Frame BF08 984 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 654054d57d0184c0f925aa8890f206bf4432243ff8a971700b55217eccbe4e3d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H3 200 1PPSUHdoqwjL2VWcj6xyFKbKzkU.js Show response
p3.adhitzads.com/cdn-cgi/apps/head/ Frame 7EB5 25 KB
8 KB 36ms
36ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p3.adhitzads.com/cdn-cgi/apps/head/1PPSUHdoqwjL2VWcj6xyFKbKzkU.js
Requested by: Host: p3.adhitzads.com
URL: https://p3.adhitzads.com/637622a20c699240123360gfforfree.net63609
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 065a05d12986a9e31fba40f27204e3d048315acb63e4f70b2cc7d44a6f80df3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://p3.adhitzads.com/637622a20c699240123360gfforfree.net63609
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:38 GMT
x-amz-version-id: HIlLEqrgQhxtvnqNOJO.wJAtVe0RPRw5
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: T8PZEEHWG8Q7P55N
age: 25573483
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 6R8ZEDL83uBA01KUsNbwOgJGk4WwpTgPfRFflwGIe65YKZM6FEfpzpqwnbVBpVd017dKuhRlgz8=
last-modified: Sat, 21 Aug 2021 07:52:28 GMT
server: cloudflare
etag: W/"0efa17b3260a0b776ab28207ab5cc303"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bBZgeRka9p%2FPGE%2By4mSsap%2FV4Md9LgX%2Fo4Ep4e4SSkQn4XLR5TnNHSUZWT6h4kerRk3h%2Bw6Hi3%2FJ2GOKeZE3539ynsfwweI3dReyzfy5aNQCXFX0YiKlH5cFP2IKaP9euXcI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 76b850168b3a924d-FRA

GET
H3 200 up.png
3.bp.blogspot.com/-Vug8W3sF3PA/UXSMCnhg68I/AAAAAAAAI_U/OhgHbKpX8r0/s1600/ 280 B
305 B 38ms
38ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-Vug8W3sF3PA/UXSMCnhg68I/AAAAAAAAI_U/OhgHbKpX8r0/s1600/up.png

Requested by

Host: www.fforfree.net
URL: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3892194bde677d26e5378f5c0027e2a74c2f5a8ce048a199f5406e6f03a0e7ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 11:30:36 GMT
x-content-type-options: nosniff
age: 1862
content-disposition: inline;filename="up.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 280
x-xss-protection: 0
server: fife
etag: "v23f6"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 19 Jul 2022 22:49:27 GMT

GET
H3 200 invisible.js Show response
p3.adhitzads.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame E617 38 KB
16 KB 29ms
28ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p3.adhitzads.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1668686400
Requested by: Host: www.fforfree.net
URL: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eedc2f9b35fcfc18d673a35bb0998501d68d96e01d864aabb82e65912d4af77

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:38 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v8EmjPiYGmyZMJOXTeI%2Fd1q0Ose9TX0VSsobnUa%2Bma1zlEQoyRR4wd1xwEN2QTFwyalTdOP9HGwNkfszwPDFNmcVdSrhzLvIYQULK6wukWXz67EcnOYJdxHKwekAaPVBnCaB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 76b85016ab68924d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/xa-5216f78f348f6577/ 27 B
207 B 168ms
133ms Script
application/javascript 23.3.108.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/xa-5216f78f348f6577/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.3.108.146 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-3-108-146.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 19a26d6046c4fcfe9e3efbc1fb7532f424c6b0b7590b9e193788e30bce8b9836

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:38 GMT
content-encoding: gzip
cache-control: public, max-age=38, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 47
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 88 B
248 B 661ms
175ms Script
application/javascript 23.3.108.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=637622a17d8e6f33&bkl=0&bl=1&pdt=1008&sid=637622a17d8e6f33&pub=xa-5216f78f348f6577&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.fforfree.net&fp=2022%2F11%2Fwin-from-1000000-prize-pool-using.html&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=India%20Contests%2CIndia%20Free%20Stuff%2Cfree%20samples%20in%20india%2CGiveaways%2CFree%20Stuff%20in%20India%2CContests%20India%2CF4free%2Cgiveaway%20india%2CWorldwide%20Free%20Stuff%2CFree%20Stuff%20India%2CGiveaway%20India%2CGiveaways%20India%2Cfforfree&colc=1668686498368&jsl=1&uvs=637622a139b440ae000&skipb=1&callback=addthis.cbs.jsonp__5029820693453020
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.3.108.146 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-3-108-146.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8a4c1a9c94a568f6bd90a0b2cb5b00789e08c1492679a3f4f7071158bf771d7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Nov 2022 12:01:39 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 88
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 19AE 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame CE7D 71 KB
26 KB 12ms
12ms Document
text/html 23.3.108.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.3.108.146 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-3-108-146.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.fforfree.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=86313600
content-encoding: gzip
content-length: 26421
content-type: text/html
date: Thu, 17 Nov 2022 12:01:38 GMT
etag: W/"5f971164-11adc"
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
p3p: CP="NON ADM OUR DEV IND COM STA"
server: nginx/1.15.8
strict-transport-security: max-age=15724800; includeSubDomains
timing-allow-origin: *
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H3 200 pica.js
p3.adhitzads.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame 4732 20 KB
9 KB 26ms
25ms Other
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p3.adhitzads.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by: Host: www.fforfree.net
URL: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd67c4cb6c4b151e33bb80c76ca70090dfd5516a51a0c30e28fd26926d394662

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:38 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dy6S9HGxc%2BQY4k24sqXAcwIXF3GGPmsBRs0on3I7bdaJTayizP5oPootukHy0nKofxc2wsenYbByYLVKsp47oyJ3kcjPY6dNmrnURcJeWzjYliwCYRSQvpRghLdmRsXmzUGP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 76b850175cbb924d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 invisible.js Show response
p3.adhitzads.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 1241 36 KB
15 KB 23ms
22ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p3.adhitzads.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1668686400
Requested by: Host: www.fforfree.net
URL: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7f10c5f7547a02b6c8d0facb13a1b251c576c230f43c344b560325112a59374

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:38 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vyGq7IdXt9IKwKv3qTSyFsWcu5%2F7OAlH%2Bbs16aBmFsmV2sOcYWn91Yu%2B%2BdN%2BuFl%2B5X1WPHPoyCc1FJ7VcX98IDA8t8w64gaShj%2Fr%2BKPqxRB7bJikfB6bCv0iYDimUELHoBVf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 76b850176ce0924d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 doq.htm Show response
rt3066.infolinks.com/action/ 3 KB
2 KB 274ms
226ms XHR
text/html 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3066.infolinks.com/action/doq.htm?pcode=utf-8&r=16686864985121
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1835.006-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afb456e5a898d57bc2fdafbafdce585c5aa9b662991fb07505429cf7e03b617a

Request headers

Referer: https://www.fforfree.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 17 Nov 2022 12:01:38 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: text/html;charset=UTF-8
access-control-allow-origin: https://www.fforfree.net
p3p: CP="NON DSP NID OUR COR"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-language: de-DE
cf-ray: 76b85018094b9be9-FRA
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 m=bm51tf Show response
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.SRCqcPcpVQA.es5.O/ck=boq-blogger.BloggerCommentUi.lSgx7DIsXuw.L.B1.O/am=mgNAEA/d=1/exm=A4UTCb,A7fCU,BVgquf,COQbmf,EEDORb,EFQ7... Frame 6A48 1 KB
710 B 41ms
41ms Script
text/javascript 2a00:1450:4001:806::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.SRCqcPcpVQA.es5.O/ck=boq-blogger.BloggerCommentUi.lSgx7DIsXuw.L.B1.O/am=mgNAEA/d=1/exm=A4UTCb,A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,FCpbqb,GkRiKb,I6YDgd,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,S2r0ad,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,WhJNk,Wt6vjf,WzT7ae,XVMNvd,XvDhNc,YwHGTd,Z5uLle,ZDqTJc,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,fKUV3e,fgib1c,fgj8Rb,gZjhIf,gychg,hKSk3e,hc6Ubd,hhhU8,i6Ko2d,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_r,_tp,commentformiframeview/ed=1/wt=2/rs=AEy-KP0zKsemIcaSh23tOKSBgj4Pre9L8w/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=bm51tf

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

089ba3705fbf50df482ab6c1ddf46a33b215f5f978df998d078173771874275a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 03:39:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 289318
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 684
x-xss-protection: 0
last-modified: Fri, 11 Nov 2022 23:12:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 03:39:40 GMT

GET
DATA 200
OK truncated
/ Frame 7EB5 984 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 654054d57d0184c0f925aa8890f206bf4432243ff8a971700b55217eccbe4e3d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

POST
H2 200 log Show response
play.google.com/ Frame 6A48 131 B
672 B 160ms
74ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 17 Nov 2022 12:01:38 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.blogger.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 17 Nov 2022 12:01:38 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ Frame 6A48 1 KB
1 KB 149ms
52ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.SRCqcPcpVQA.es5.O/ck=boq-blogger.BloggerCommentUi.lSgx7DIsXuw.L.B1.O/am=mgNAEA/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,commentformiframeview/ed=1/wt=2/rs=AEy-KP0zKsemIcaSh23tOKSBgj4Pre9L8w/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=n73qwf,ws9Tlc,e5qFLc,GkRiKb,IZT63,vfuNJf,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,WO9ee,WzT7ae,gZjhIf,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,lazG7b,S2r0ad,XVMNvd,L1AAkb,KUM7Z,Mlhmy,hc6Ubd,lwddkf,gychg,w9hDv,EEDORb,RMhBfe,SdcwHb,aW3pY,SpsfSb,EFQ78c,Ulmmrd,ZfAoz,mdR7q,Z5uLle,I6YDgd,xQtZb,JNoxi,kWgXee,MI6k7c,kjKdXe,MdUzUe,BVgquf,ovKuLd,hKSk3e,yDVVkb,zbML3c,zr1jrb,KG2eXe,Uas9Hd,VwDzFe,ZDqTJc,eD1YLc,A7fCU,pjICDe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7195ba7461548fed7d173ba8ade5e39f4cb8d63e30501ef71ec5df63dd5bdf16

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 669
x-xss-protection: 1; mode=block
expires: Thu, 17 Nov 2022 12:01:38 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 113ms
41ms XHR
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=883580109&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fforfree.net%2F2022%2F11%2Fwin-from-1000000-prize-pool-using.html&ul=en-us&de=UTF-8&dt=Win%20from%20%241000000%20Prize%20Pool%20Using%20Gummys%20Waitlist%20Airdrop%20%7C%20Free%20Stuff%2C%20Contests%2C%20Deals%2C%20Giveaways%2C%20Free%20Samples%20India&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAACAAI~&jid=40646275&gjid=1768268951&cid=1591039200.1668686498&tid=UA-54044686-1&_gid=680255879.1668686499&_r=1&_slc=1&z=2024184779

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fforfree.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 17 Nov 2022 12:01:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.fforfree.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 invisible.js Show response
p3.adhitzads.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 80B0 34 KB
15 KB 28ms
28ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p3.adhitzads.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1668686400
Requested by: Host: www.fforfree.net
URL: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bef56192c4438f55e44ef5f1a4402bea3d56fb4a83ef5f53fd64b1d6fe1a9602

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:38 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Okxe3Zri4WCsoPmEW1MTzO%2BZZoPGqBebEnDKxpdTlAbgD8fWzqc6njwcjlSd8GdXkgReu0dv9lWuPCsLBKUsgjmQWb9NgQQE9YBd7ioB1b9B%2BYvzqldj8tBCfy1gqL0L0cPE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 76b85018af6c924d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 14 KB
5 KB 37ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

908ee2fd6b9d49f79a93871f876be4a4c157d33450fa2e81d6beb93378d58f74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 17 Nov 2022 12:01:38 GMT
content-md5: /LVWbIfuUddsicafZpOBeg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4884
x-fb-rlafr: 0
x-fb-debug: gVUVKSdlIvge2mlQ0Qk8awmSvBWvP+onvLsEq/MGmhTsmG8/0cK2lQhkeLzI6TIM01S0LDLJHxipCMXYvEucJw==
x-fb-trip-id: 686109401
x-fb-content-md5: 2ac3a3ba22924d5c4ea54c81e7afdc7e
cross-origin-opener-policy: same-origin-allow-popups
etag: "dca002dd64ebd1567c183c1c61a47e04"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
priority: u=3,i
expires: Thu, 17 Nov 2022 12:19:10 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 97 KB
29 KB 36ms
8ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C2) /
Resource Hash: c02444f391e8655e79ff8d7d4cb69c3426c3bffbf8731a994fa23aed0f641d12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Thu, 17 Nov 2022 12:01:38 GMT
Content-Encoding: gzip
Age: 1043
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 29221
x-amzn-internal-status: 304
Last-Modified: Wed, 02 Nov 2022 19:43:37 GMT
Server: ECS (frb/67C2)
Etag: "6633f9603c759c40d9b200995454f17c+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 200 counter.d27508c102582d608697.js Show response
s7.addthis.com/static/ 24 KB
8 KB 12ms
11ms Script
application/javascript 23.3.108.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/counter.d27508c102582d608697.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.3.108.146 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-3-108-146.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

e4f924eac92aa3cc4ea64f2891447e8bd3af49e1a5c0bcd04b7356e2f7f1c04c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Thu, 17 Nov 2022 12:01:38 GMT
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5fd2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 8265

GET
H3 200 pica.js
p3.adhitzads.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame E617 21 KB
9 KB 24ms
23ms Other
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p3.adhitzads.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by: Host: www.fforfree.net
URL: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50b13585ed21438e2a55bf0a647898c33076ee5e514fbfc93dabae5d05fbd578

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:38 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jRg4NkacmaAwcOjSpbd9hpo8O4Pf%2F6LW%2Fv%2FEpyaPUOa026GdvRbRSER1nZgdxP14DAeqVcrgkI5gSEjHFXJFSHCLEIXjxvVnCVEB5hfIqIOoMSzYA2YDVbTKPf82FMSRH6AE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 76b85018dfd3924d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 pica.js
p3.adhitzads.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame 1241 22 KB
9 KB 23ms
22ms Other
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p3.adhitzads.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by: Host: www.fforfree.net
URL: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2b59b9d801d2e0ae7f31daa67c8bde210dfdddbe578daa32c92ddf272fa8b13

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:38 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pv7tFWO6gOaKhXuOnRPBW%2Bpxk95UV7KjIJOMNfLZijMQWhi%2FTPRzPrtVC9ZoV%2F8tTxNaF6t6%2FvKBQpuo2O%2FALXX84ua%2FtziulG0lvgp0jNl2fWAkF8fc1gLxTjwWs8xc7YAa"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 76b85018dfe8924d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 85 B
359 B 190ms
164ms Script
application/json 23.3.108.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fwww.fforfree.net%2F2022%2F11%2Fwin-from-1000000-prize-pool-using.html&callback=_ate.cbs.sc_httpswwwfforfreenet202211winfrom1000000prizepoolusinghtml0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.3.108.146 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-3-108-146.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

8babc6251b8f7915d69560cdb0dec012baa2f04cce542f2c697cfd9340056b36

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html
last-modified: Thu, 17 Nov 2022 12:01:38 GMT
server: nginx/1.15.8
date: Thu, 17 Nov 2022 12:01:38 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 97

GET
H3 200 pica.js
p3.adhitzads.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame 80B0 22 KB
9 KB 25ms
24ms Other
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p3.adhitzads.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by: Host: www.fforfree.net
URL: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2b59b9d801d2e0ae7f31daa67c8bde210dfdddbe578daa32c92ddf272fa8b13

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:38 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TrDJhtJJ%2FkjcZHPb6zR%2BoZO9TnlL0t89VSLKjvLYi%2Fx073YCA13GoQbAYqzfhjkQmpyRgbH2kBoGd5e9kyp25Ygygb0WYhcQKzjH9kkQfHtb3x%2BL3dCtgWo%2BzrN42iG7TkyN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 76b850190862924d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK widget_iframe.644279d1635fd969e87af94a98bd232b.html Show response
platform.twitter.com/widgets/ Frame D3D4 320 KB
104 KB 9ms
8ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fwww.fforfree.net
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BD) /
Resource Hash: 8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer: https://www.fforfree.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1258848
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105445
Content-Type: text/html; charset=utf-8
Date: Thu, 17 Nov 2022 12:01:38 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:59 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67BD)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H3 200 / Show response
connect.facebook.net/en_US/bundle/sdk.js/ 301 KB
84 KB 26ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/bundle/sdk.js/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2b21cd24845d1751ff7cc4a2932082e7dd3c74bbb8627a36b76baca6cca702ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.fforfree.net/
Origin: https://www.fforfree.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 17 Nov 2022 12:01:38 GMT
content-md5: aF1CrGbq+jcafZY0UxdJNA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86478
x-fb-rlafr: 0
x-fb-debug: oIY1s42rNhAR1qpbQmKQMJU3/66bZoYLi7BbRXorJqd59XMgqIPn56IMyYhygvoDDFBHhD8WZTdnyAnZZEkVqw==
x-fb-content-md5: d0e4a1201f787a34b8df3fbb7a3daa73
cross-origin-opener-policy: same-origin-allow-popups
etag: "310fbc6da3e32662e95609c56813ad7f"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
priority: u=3,i
expires: Thu, 17 Nov 2022 12:11:47 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 63ms
19ms XHR
text/plain 2a00:1450:400c:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-54044686-1&cid=1591039200.1668686498&jid=40646275&gjid=1768268951&_gid=680255879.1668686499&_u=IADAAEAAAAAAACAAI~&z=1474071929

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fforfree.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 17 Nov 2022 12:01:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.fforfree.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame D3D4 913 B
695 B 150ms
117ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=50c0a25a6650e6db0fd32d4d9a1092b43e14fa06

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fwww.fforfree.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

54ff9917daf6f89618357ef569223a5bd81eb9ef0255509aa77167cd9ee9e458

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-response-time: 110
date: Thu, 17 Nov 2022 12:01:38 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Thu, 17 Nov 2022 12:01:38 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: d1583460991a1212
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: 1f0d8bd9f10dbc7aef00bb0ec3ba05a89719f8f36c0db07d5546e054e7cd594b
content-length: 374

GET
H2 200 in_search.js Show response
resources.infolinks.com/js/1835.006-3.025/ 223 KB
89 KB 49ms
46ms Script
application/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1835.006-3.025/in_search.js
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1835.006-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 858364408782a9612aca179e63cfcda6c8c64bbbebc65ec7a1dba1823d7084cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:38 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 14 Nov 2022 20:13:47 GMT
server: cloudflare
age: 12879
etag: W/"37df7-5ed73e0825ea5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 76b85019bf78911f-FRA
expires: Sat, 17 Dec 2022 08:26:59 GMT

GET
H2 200 bubble.js Show response
resources.infolinks.com/js/1835.006-3.025/ 156 KB
47 KB 65ms
62ms Script
application/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1835.006-3.025/bubble.js
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1835.006-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 383218cb294a8a07fefa67740d966d1bef0e356d01e9fc63f4b2dc136c31f863

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:38 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 14 Nov 2022 20:13:47 GMT
server: cloudflare
age: 12544
etag: W/"27068-5ed73e0825ea5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 76b85019bf91911f-FRA
expires: Sat, 17 Dec 2022 08:32:34 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 370 KB
124 KB 167ms
48ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1835.006-3.025/ice.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2fb94cc5f4e050854cd18abcf65c8e58f62f512e141acf6b256aadbc27f1a48e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126568
x-xss-protection: 0
expires: Thu, 17 Nov 2022 12:01:38 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 155ms
73ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-54044686-1&cid=1591039200.1668686498&jid=40646275&_u=IADAAEAAAAAAACAAI~&z=214269797

Requested by

Host: www.fforfree.net
URL: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Nov 2022 12:01:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 160ms
64ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-54044686-1&cid=1591039200.1668686498&jid=40646275&_u=IADAAEAAAAAAACAAI~&z=214269797

Requested by

Host: www.fforfree.net
URL: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Nov 2022 12:01:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 76b85012aa7f924d Show response
p3.adhitzads.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 4732 2 B
656 B 48ms
47ms XHR
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p3.adhitzads.com/cdn-cgi/challenge-platform/h/g/cv/result/76b85012aa7f924d
Requested by: Host: p3.adhitzads.com
URL: https://p3.adhitzads.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1668686400
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 17 Nov 2022 12:01:39 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jibEwfO1wX6PmbLYrRRBeunL7mUL17svfp0bJokonqklKSxcacyeEp6C70z9iE2u9lIlH56y2NAiWZtFleemEI7W9K0MGDtuI1rH0G2YfLwXS3KTFSZ%2F6myZVCneFmaL3itE"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 76b8501c0ec2924d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 76b850144dfa924d Show response
p3.adhitzads.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 1241 2 B
658 B 78ms
77ms XHR
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p3.adhitzads.com/cdn-cgi/challenge-platform/h/g/cv/result/76b850144dfa924d
Requested by: Host: p3.adhitzads.com
URL: https://p3.adhitzads.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1668686400
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 17 Nov 2022 12:01:39 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rI5c8OyFyWnFfrkL%2FeuBKIqcktwc7N1AO2Ebo8vd26CeGN1UxBqZyWXebt5jdYivwVt2ENHORSt7r3InSMU236ggKpqb9WWbiR%2BXj43dDxvwBFjWiZ%2BEB8ohaMoeG87qBQ8K"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 76b8501ddad9924d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 76b85015c90f924d Show response
p3.adhitzads.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 80B0 2 B
656 B 48ms
47ms XHR
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p3.adhitzads.com/cdn-cgi/challenge-platform/h/g/cv/result/76b85015c90f924d
Requested by: Host: p3.adhitzads.com
URL: https://p3.adhitzads.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1668686400
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 17 Nov 2022 12:01:39 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oqXrlI17UvxSd3ZeeD3hqyxX%2BOprgYQ5FfMk045NksVvI1CvHrcDcQno3aaGlVAMfhecptVc7enn3J0odFR9SeU2bUtB7hobR8rdJ%2Fzfwf2Gmwtsg3ohw9zU2%2BDFDe3MoXO%2B"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 76b8501f3e37924d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 76b85013acae924d Show response
p3.adhitzads.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame E617 2 B
664 B 62ms
62ms XHR
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p3.adhitzads.com/cdn-cgi/challenge-platform/h/g/cv/result/76b85013acae924d
Requested by: Host: p3.adhitzads.com
URL: https://p3.adhitzads.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1668686400
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 17 Nov 2022 12:01:39 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f3tdEirhimsOyKDvVSHxXXOC4zeH%2FfCI%2BMKpuDNYUtHvuvkKeQXe6kd3kfMVgM7DVHBVCIjh%2FQ0kHiWXlr%2BfnaY7aCGtKYQYbr1U%2BH1iolZdoP%2BjAAvnDJQYz1n8I2uZow3P"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 76b850205957924d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/ Frame 6A48 402 KB
161 KB 133ms
41ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c7d9c12751d4b4899b38915c41c781b4d51b8797be3f2cf6aa11783ad8f786d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
Origin: https://www.blogger.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 11:43:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1063
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 164348
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 23:32:29 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 Nov 2023 11:43:56 GMT

GET
DATA 200
OK truncated
/ 171 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0d2fd5a42a1849ad0d820611e243fd81fe81ee767716b639ff7e88c1e9f78bb6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 getads.htm Show response
rt3066.infolinks.com/action/ 138 B
268 B 246ms
245ms Script
text/html 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3066.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22d_IL_INSEARCH%22%2C%22bdc%22%3A1%2C%22prod_t%22%3A%22d%22%2C%22garc%22%3A0%2C%22sdata%22%3A%22license%22%2C%22scs%22%3A%22HnDIrJNmU7%22%7D%5D&rid=80941972-a6dd-4187-bd4c-85678452b922&jsv=1835.006-3.025&sr=1600X1200&rts=1668686499934&cfv=-1&cb=getAdsResponse&os=Windows&ov=10&br=Chrome&bv=107.0.5304.110&dv=p&ce=t&purl=https%3A%2F%2Fwww.fforfree.net%2F2022%2F11%2Fwin-from-1000000-prize-pool-using.html&tzo=-0000&c=c&strg=true&rsd=Kw1IM_XC9xUO0LzDVuLtOBiCREcq0qyzUyHnvjxO9iRTDnRvLp9njOCF_MV-pCaOgOAihOegedmOSsuO-6Zy6Ba9obO5WRDC-lz63W-kMYmA2qq_K0YptOyq5bdb_K36ZY4K3vZae5MIVSAGHzljFHeDxh_5GBo0Uo3ie4YR914&rsk=31&rcs=P-g59yNTZWKlE22BP_sJOg&hbnr=false
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1835.006-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3213448f16d6a360d0e39ee82c9307e22a5d3cc28a4c753a69defea70a730572

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Nov 2022 12:01:40 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
p3p: CP="NON DSP NID OUR COR"
content-language: de-DE
content-type: text/html;charset=UTF-8
cache-control: no-cache,no-store
cf-ray: 76b850209eda911f-FRA
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 in_text.js Show response
resources.infolinks.com/js/1835.006-3.025/ 10 KB
4 KB 35ms
35ms Script
application/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1835.006-3.025/in_text.js
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1835.006-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10000e50858213f4e33be0c6e50ffac69e77fe180e9aa08d4aa241273506bb91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:39 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 14 Nov 2022 20:13:47 GMT
server: cloudflare
age: 10835
etag: W/"29f5-5ed73e08252ec"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 76b85020aeee911f-FRA
expires: Sat, 17 Dec 2022 09:01:04 GMT

GET
H2 200 intag_incontent.js Show response
resources.infolinks.com/js/1835.006-3.025/ 199 KB
38 KB 36ms
35ms Script
application/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1835.006-3.025/intag_incontent.js
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1835.006-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8794fd6664c984c074ea7c0581e0b453ad7001bbf66e57628b4ab870861563e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:39 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 14 Nov 2022 20:13:47 GMT
server: cloudflare
age: 12239
etag: W/"31c49-5ed73e08256d5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 76b85020aeef911f-FRA
expires: Sat, 17 Dec 2022 08:37:39 GMT

GET
H2 200 vidice.js Show response
resources.infolinks.com/js/vidice/2.0/ 333 KB
86 KB 47ms
47ms Script
application/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/vidice/2.0/vidice.js
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1835.006-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2bdac211f43fbee9eeb4d50f8755206599f76296cd15316a97c9d2cb2050d2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:39 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 25 Jan 2022 09:20:02 GMT
server: cloudflare
age: 13193
etag: W/"5344d-5d6649709d511"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 76b85020bf29911f-FRA
expires: Sat, 17 Dec 2022 08:21:46 GMT

GET
H/1.1 200
OK button.d2f864f87f544dc0c11d7d712a191c1f.js Show response
platform.twitter.com/js/ 7 KB
3 KB 7ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.d2f864f87f544dc0c11d7d712a191c1f.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C2) /
Resource Hash: 236dca679b9983d1fbea0415d584b17d80f1c6942506fc508a5384db924e8795

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Thu, 17 Nov 2022 12:01:39 GMT
Content-Encoding: gzip
Age: 1258850
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 2362
Last-Modified: Wed, 02 Nov 2022 19:36:52 GMT
Server: ECS (frb/67C2)
Etag: "7bb2d17ac20be3bd6ec1079356afecd9+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H2 200 loader.gif
resources.infolinks.com/static/skins/ 962 B
1 KB 38ms
34ms Image
image/gif 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resources.infolinks.com/static/skins/loader.gif
Requested by: Host: www.fforfree.net
URL: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b8ee13d35110d7006bc5c5147ee0a0c6c3e1f26b2f246b8d5e57edf4f6b97b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:40 GMT
via: 1.1 google
cf-cache-status: HIT
age: 12382
cf-polished: origSize=1631, status=webp_bigger
content-length: 962
cf-bgj: imgq:85,h2pri
last-modified: Mon, 14 Nov 2016 12:31:03 GMT
server: cloudflare
etag: "65f-54142035d0066"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 76b850211feb911f-FRA
expires: Sat, 17 Dec 2022 08:35:18 GMT

GET
H2 200 loader-bg.png
resources.infolinks.com/static/skins/ 902 B
1 KB 41ms
41ms Image
image/webp 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resources.infolinks.com/static/skins/loader-bg.png
Requested by: Host: www.fforfree.net
URL: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5ddb995fe37710a4be439e4e3f45016cd7b7ecfa3423a29e4f4f4dcce63efff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:40 GMT
via: 1.1 google
cf-cache-status: HIT
age: 11651
cf-polished: origFmt=png, origSize=1488
content-disposition: inline; filename="loader-bg.webp"
content-length: 902
cf-bgj: imgq:85,h2pri
last-modified: Mon, 14 Nov 2016 12:31:03 GMT
server: cloudflare
etag: "5d0-541420359b4a6"
vary: Accept
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 76b850211ff1911f-FRA
expires: Sat, 17 Dec 2022 08:47:29 GMT

GET
H2 200 getads.htm Show response
rt3066.infolinks.com/action/ 138 B
202 B 276ms
276ms Script
text/html 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3066.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22IL_IN_CONTENT0%22%2C%22bdc%22%3A2%2C%22prod_t%22%3A%22c%22%2C%22miw%22%3A6%2C%22maw%22%3A810%2C%22mih%22%3A12%2C%22mah%22%3A2400%2C%22capara%22%3A%22%7B%5C%22successfulAlgo%5C%22%3A%5C%22palgo%5C%22%2C%5C%22top%5C%22%3A986%2C%5C%22left%5C%22%3A188%2C%5C%22isAboveFold%5C%22%3A100%7D%22%2C%22sdata%22%3A%22email%22%2C%22scs%22%3A%2248PJsZnbbI%22%7D%5D&rid=80941972-a6dd-4187-bd4c-85678452b922&jsv=1835.006-3.025&sr=1600X1200&rts=1668686500031&cfv=-1&cb=getAdsResponse&os=Windows&ov=10&br=Chrome&bv=107.0.5304.110&dv=p&ce=t&purl=https%3A%2F%2Fwww.fforfree.net%2F2022%2F11%2Fwin-from-1000000-prize-pool-using.html&tzo=-0000&c=c&strg=true&rsd=Kw1IM_XC9xUO0LzDVuLtOBiCREcq0qyzUyHnvjxO9iRTDnRvLp9njOCF_MV-pCaOgOAihOegedmOSsuO-6Zy6Ba9obO5WRDC-lz63W-kMYmA2qq_K0YptOyq5bdb_K36ZY4K3vZae5MIVSAGHzljFHeDxh_5GBo0Uo3ie4YR914&rsk=31&rcs=P-g59yNTZWKlE22BP_sJOg&hbnr=false
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1835.006-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19d4271a3e3063f161006be788ad2cdfe9b338983a5784c7d16623202529ec63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Nov 2022 12:01:40 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
p3p: CP="NON DSP NID OUR COR"
content-language: de-DE
content-type: text/html;charset=UTF-8
cache-control: no-cache,no-store
cf-ray: 76b850213847911f-FRA
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dcl.htm Show response
rt3066.infolinks.com/action/ 0
45 B 156ms
156ms Script
text/html 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3066.infolinks.com/action/dcl.htm?rid=80941972-a6dd-4187-bd4c-85678452b922&jsv=1835.006-3.025&capara=%7B%22mode%22%3A%22default%22%2C%22markers%22%3A1%7D
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1835.006-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Nov 2022 12:01:40 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/html;charset=UTF-8
cache-control: no-cache,no-store
cf-ray: 76b85021384c911f-FRA
content-length: 0
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 getads.htm Show response
rt3066.infolinks.com/action/ 136 B
200 B 214ms
213ms Script
text/html 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3066.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22IL_IN_ARTICLE0%22%2C%22bdc%22%3A3%2C%22prod_t%22%3A%22a%22%2C%22miw%22%3A6%2C%22maw%22%3A810%2C%22mih%22%3A12%2C%22mah%22%3A2400%2C%22capara%22%3A%22%7B%5C%22successfulAlgo%5C%22%3A%5C%22aapalgo%5C%22%2C%5C%22top%5C%22%3A745%2C%5C%22left%5C%22%3A188%2C%5C%22isAboveFold%5C%22%3A100%7D%22%2C%22sdata%22%3A%22die%22%2C%22scs%22%3A%22vo3UR8eCvL%22%7D%5D&rid=80941972-a6dd-4187-bd4c-85678452b922&jsv=1835.006-3.025&sr=1600X1200&rts=1668686500037&cfv=-1&cb=getAdsResponse&os=Windows&ov=10&br=Chrome&bv=107.0.5304.110&dv=p&ce=t&purl=https%3A%2F%2Fwww.fforfree.net%2F2022%2F11%2Fwin-from-1000000-prize-pool-using.html&tzo=-0000&c=c&strg=true&rsd=Kw1IM_XC9xUO0LzDVuLtOBiCREcq0qyzUyHnvjxO9iRTDnRvLp9njOCF_MV-pCaOgOAihOegedmOSsuO-6Zy6Ba9obO5WRDC-lz63W-kMYmA2qq_K0YptOyq5bdb_K36ZY4K3vZae5MIVSAGHzljFHeDxh_5GBo0Uo3ie4YR914&rsk=31&rcs=P-g59yNTZWKlE22BP_sJOg&hbnr=false
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1835.006-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54dc3389db625e7f7c7e132597d2cf0a8926694d58073839e78d56641c7dc9af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Nov 2022 12:01:40 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
p3p: CP="NON DSP NID OUR COR"
content-language: de-DE
content-type: text/html;charset=UTF-8
cache-control: no-cache,no-store
cf-ray: 76b850214872911f-FRA
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 getads.htm Show response
rt3066.infolinks.com/action/ 141 B
207 B 202ms
201ms Script
text/html 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3066.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22IL_IN_ARTICLE1%22%2C%22bdc%22%3A4%2C%22prod_t%22%3A%22a%22%2C%22miw%22%3A6%2C%22maw%22%3A810%2C%22mih%22%3A12%2C%22mah%22%3A2400%2C%22capara%22%3A%22%7B%5C%22successfulAlgo%5C%22%3A%5C%22aapalgo%5C%22%2C%5C%22top%5C%22%3A789%2C%5C%22left%5C%22%3A188%2C%5C%22isAboveFold%5C%22%3A100%7D%22%2C%22sdata%22%3A%22internet%22%2C%22scs%22%3A%22OZME2wWIEZ%22%7D%5D&rid=80941972-a6dd-4187-bd4c-85678452b922&jsv=1835.006-3.025&sr=1600X1200&rts=1668686500038&cfv=-1&cb=getAdsResponse&os=Windows&ov=10&br=Chrome&bv=107.0.5304.110&dv=p&ce=t&purl=https%3A%2F%2Fwww.fforfree.net%2F2022%2F11%2Fwin-from-1000000-prize-pool-using.html&tzo=-0000&c=c&strg=true&rsd=Kw1IM_XC9xUO0LzDVuLtOBiCREcq0qyzUyHnvjxO9iRTDnRvLp9njOCF_MV-pCaOgOAihOegedmOSsuO-6Zy6Ba9obO5WRDC-lz63W-kMYmA2qq_K0YptOyq5bdb_K36ZY4K3vZae5MIVSAGHzljFHeDxh_5GBo0Uo3ie4YR914&rsk=31&rcs=P-g59yNTZWKlE22BP_sJOg&hbnr=false
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1835.006-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dba231f6519df12cf44a56859bd6093066dcafb2a0cbb933f949d943a8e167e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Nov 2022 12:01:40 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
p3p: CP="NON DSP NID OUR COR"
content-language: de-DE
content-type: text/html;charset=UTF-8
cache-control: no-cache,no-store
cf-ray: 76b850214877911f-FRA
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dcl.htm Show response
rt3066.infolinks.com/action/ 0
38 B 146ms
145ms Script
text/html 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3066.infolinks.com/action/dcl.htm?rid=80941972-a6dd-4187-bd4c-85678452b922&jsv=1835.006-3.025&capara=%7B%22mode%22%3A%22default%22%2C%22markers%22%3A2%7D
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1835.006-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Nov 2022 12:01:40 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/html;charset=UTF-8
cache-control: no-cache,no-store
cf-ray: 76b850214879911f-FRA
content-length: 0
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK tweet_button.644279d1635fd969e87af94a98bd232b.en.html Show response
platform.twitter.com/widgets/ Frame F4F3 37 KB
14 KB 8ms
7ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.644279d1635fd969e87af94a98bd232b.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C2) /
Resource Hash: e44458c2c9acea446178d73575b53255ee7ba669c33cb20cfea94b90908f921d

Request headers

Referer: https://www.fforfree.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1258850
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 13753
Content-Type: text/html; charset=utf-8
Date: Thu, 17 Nov 2022 12:01:40 GMT
Etag: "126ffb93f08e989b18a6e1fc082c9e33+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:56 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67C2)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 embeds
syndication.twitter.com/i/jot/ 43 B
150 B 120ms
118ms Image
image/gif 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwww.fforfree.net%2F2022%2F11%2Fwin-from-1000000-prize-pool-using.html%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22publisher_handle%22%2C%22widget_creator_screen_name%22%3A%22author_handle%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1668686500050%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=50c0a25a6650e6db0fd32d4d9a1092b43e14fa06

Requested by

Host: www.fforfree.net
URL: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-response-time: 111
date: Thu, 17 Nov 2022 12:01:39 GMT
strict-transport-security: max-age=631138519
last-modified: Thu, 17 Nov 2022 12:01:40 GMT
server: tsa_o
vary: Origin
content-type: image/gif
x-transaction-id: 25428d79e1f11925
cache-control: must-revalidate, max-age=600
perf: 7626143928
x-connection-hash: 1f0d8bd9f10dbc7aef00bb0ec3ba05a89719f8f36c0db07d5546e054e7cd594b
content-length: 43

GET
DATA 200
OK truncated
/ Frame F4F3 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 1099 42 KB
22 KB 62ms
62ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=de&v=jF-AgDWy8ih0GfLx4Semh9UK&size=invisible&cb=5wkpmmnbxq53

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1c0db27e4556c71afdfdd26c299cd411fb4a99fe17e16dcbbf98890b3c94c898

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ta13I2Wl6vrlYBbaYy5DZw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.blogger.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22155
content-security-policy: script-src 'report-sample' 'nonce-ta13I2Wl6vrlYBbaYy5DZw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 17 Nov 2022 12:01:40 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/ Frame 1099 52 KB
24 KB 117ms
39ms Stylesheet
text/css 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=de&v=jF-AgDWy8ih0GfLx4Semh9UK&size=invisible&cb=5wkpmmnbxq53

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 09:50:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7893
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 23:32:29 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 Nov 2023 09:50:07 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/ Frame 1099 402 KB
161 KB 136ms
58ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c7d9c12751d4b4899b38915c41c781b4d51b8797be3f2cf6aa11783ad8f786d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 11:43:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1064
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 164348
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 23:32:29 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 Nov 2023 11:43:56 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 1099 2 KB
2 KB 40ms
40ms Image
image/png 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 19:40:09 GMT
x-content-type-options: nosniff
age: 577291
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 17 Nov 2022 19:40:09 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1099 15 KB
15 KB 118ms
39ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 19:21:27 GMT
x-content-type-options: nosniff
age: 146413
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Nov 2023 19:21:27 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1099 15 KB
15 KB 117ms
38ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 147712
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 15 Nov 2023 18:59:48 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 1099 102 B
134 B 47ms
47ms Other
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=jF-AgDWy8ih0GfLx4Semh9UK

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fc61703e1ce27b748ad533e812e2b242334ff3eee6dff91b2cc13d1ca35227bf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=de&v=jF-AgDWy8ih0GfLx4Semh9UK&size=invisible&cb=5wkpmmnbxq53
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Thu, 17 Nov 2022 12:01:40 GMT

POST
H3 204 cspreport
www.blogger.com/_/BloggerCommentUi/ Frame CD65 0
27 B 67ms
66ms Other
text/html 2a00:1450:4001:806::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/_/BloggerCommentUi/cspreport

Requested by

Host: www.fforfree.net
URL: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport, script-src 'report-sample' 'nonce-5aTKG-wWikRol2crJvH0qQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/BloggerCommentUi/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 17 Nov 2022 12:01:40 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport, script-src 'report-sample' 'nonce-5aTKG-wWikRol2crJvH0qQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/BloggerCommentUi/cspreport/allowlist
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="BloggerCommentUi"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"BloggerCommentUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/BloggerCommentUi/external"}]}
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 arlinablock.js Show response
cdn.jsdelivr.net/gh/Arlina-Design/quasar@master/ 89 KB
61 KB 63ms
28ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/Arlina-Design/quasar@master/arlinablock.js

Requested by

Host: www.fforfree.net
URL: https://www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7479748bad5793b25b90b43aec31d698a6dc56b094c4b5d26ac884bce952931c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 12444
x-jsd-version: master
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19139-FRA
x-jsd-version-type: branch
server: cloudflare
etag: W/"162b7-J7GuEbwR9hTtBO1SIcoyA3ddHw8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HPcQBY50w0p8RBVeOBsX0KJPb4lc3vUZXHEVvd8zxwB7XfKotSKnCzKpPD8Sw9lbTZ7jFgwsfIpPTtDWaA9xJN8KgbzJlMHmLGXfkgz2w42C4Uo7irKrSOnDpRZk3BVxmEWJsVOrxTjE%2F5Sa7QI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 76b85025bb74913d-FRA

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 176ms
91ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3df7e53b9a28f9bdc9e3bf931d9113075aa9760b6c28d65c82a6ed0503e853e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10956
x-xss-protection: 0

GET
H3 200 like.php Show response
www.facebook.com/v2.6/plugins/ Frame FDC7 0
23 B 47ms
35ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.6/plugins/like.php?action=like&app_id=172525162793917&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df329cc549b2fd48%26domain%3Dwww.fforfree.net%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.fforfree.net%252Ff1c35c792b30e5%26relation%3Dparent.parent&container_width=0&font=arial&height=25&href=https%3A%2F%2Fwww.fforfree.net%2F2022%2F11%2Fwin-from-1000000-prize-pool-using.html&layout=button_count&locale=en_US&sdk=joey&send=false&share=false&show_faces=false&width=90

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/bundle/sdk.js/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fforfree.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 17 Nov 2022 12:01:40 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=0
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options: nosniff
x-fb-debug: m3fIBmvma9QVYscujAaEvOYos3J/shN36pnePIr91XOcbLqOorNWvi5y1e48Vmp8KftJGJuAPu+BPkq5Ru0vyw==
x-xss-protection: 0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
48 KB 73ms
73ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/Arlina-Design/quasar@master/arlinablock.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dff7d54ce96e86c2eb245775388ec5e4641e115fd2d48bbe58163abee78d8b58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49135
x-xss-protection: 0
server: cafe
etag: 2851162769413561084
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 17 Nov 2022 12:01:40 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 136ms
52ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 17 Nov 2022 12:01:41 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8946 13 KB
5 KB 124ms
40ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fforfree.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 275
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 17 Nov 2022 11:57:06 GMT
expires: Fri, 17 Nov 2023 11:57:06 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D69F 783 B
534 B 50ms
50ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d1f2f1ebeab540e9c0cd4344da7b0be68ebeec23f7fc0763ab227782b3fef94d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pGQMmbm8Y1ezBjoBE9EEZw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fforfree.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-pGQMmbm8Y1ezBjoBE9EEZw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 17 Nov 2022 12:01:41 GMT
expires: Thu, 17 Nov 2022 12:01:41 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D69F 0
0 74ms
74ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=1675036644218695&rc=null
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 200 Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js Show response
pagead2.googlesyndication.com/bg/ Frame 8946 36 KB
16 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 10:13:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6469
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15969
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 Nov 2023 10:13:52 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8946 0
10 B 40ms
40ms Image
text/plain 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?FCNnlA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:41 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 79ms
78ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=1675036644218695&bg=!-vml-b3NAAbvMpMzzzI7ACkAdvg8WnObJHs_mq1aYXaItePiKbZlIW9Gy5JTrRMeWc9-yuRdWkmXjQIAAABgUgAAAAJoAQeZApwRbbhDfnuSAnKQZXQiMLgVy3NiKlBC2zyJ_CPVxT_dZweD0pMyrG8tftuX7AtmZeHf8BSTqFimmMz0hhmyw9PKr8kUQVf-9YnSu4HrE2g8-3jxorE0FJR_ez0fWKN3DpmPPoaKb0iofw3ATjJ27G51rPp0aEQIfEFmYFPjr5KEKwzqYv6YS6UKAlI1HR5FaC86_oeH8fGyZdapHC-YuLTdEyvr33Op3PkXow9glLe6C3MbEwOoADZUZQGjF5TCTqj-p91-YuBab9U7rcQSD9cSdCXDWwOZZKCh4qxYU2kAqoPLTrXETuvwZdbHEnqPrpALBd5Glz9XvOJ5-8Y-2MRXfIrWmzT4xcN7qXE4no5bRstB9MN1DspZSkVvBBDrtUUo7WoRrVpl8p1A8LOjIrEiXh_hsnW0xQ01X2FuG8lsx5tNMZEwNhKXLzU5Z-BHNw-FNBt_oVum-4R8FLc_Fa3Lik9qEhTfVUobOMrJiIJIPSRg12kTph04E5ibVBvZE-38kXccHQMjjyWPT_CDYHoOz4GEeEgJOun0gEgcJmwwHf_sr4T9VmfrZXffnN-kxivGP7jKDFAnGTsu3iU-y9VteFZsYet_Ff3xMmElVg6faFZLbEms6NeaigI2Td_FI-44huQnsPaONpinzT7AJRj2dKUwPk4XoEPVJycSdYOzhJyCQ8Sso7hyf7ejhFMb_jVFiAJG1MMPgThTMvr-F8rFiBV34Kh3HGV9ryHeO53Go_kxNagSpRB8P812cGE0MamT48uEGZeBcb1JcAJKDNH-9loHcbwdyMNU5_eaqDhwXYiABWzx2umQ_RpEXIt0v4T0BxnaYR4pM7urlot4HGnjEdEycgGCVzWzwyQ9A8f_ClcFbJ-u4K2qwkCykw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 136ms
38ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LKWM90GK3S&gtm=2oeb90&_p=883580109&cid=1591039200.1668686498&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1668686497&sct=1&seg=0&dl=https%3A%2F%2Fwww.fforfree.net%2F2022%2F11%2Fwin-from-1000000-prize-pool-using.html&dt=Win%20from%20%241000000%20Prize%20Pool%20Using%20Gummys%20Waitlist%20Airdrop%20%7C%20Free%20Stuff%2C%20Contests%2C%20Deals%2C%20Giveaways%2C%20Free%20Samples%20India&en=scroll&epn.percent_scrolled=90&_et=5
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LKWM90GK3S
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fforfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Nov 2022 12:01:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.fforfree.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

185 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.fforfree.net/2022/11	1969-12-31 23:59:59	Name: logglytrackingsession Value: 499019b1-2634-4e6b-acb4-7c94d6a1c592
.fforfree.net/	1970-01-20 17:07:26	Name: _ga_LKWM90GK3S Value: GS1.1.1668686497.1.0.1668686497.0.0.0
.doubleclick.net/	1970-01-20 07:31:27	Name: test_cookie Value: CheckForPermission
.infolinks.com/	1970-01-20 17:07:26	Name: cuid Value: 7e4d42a9-4621-4036-a196-2096edaddb80
.fforfree.net/	1970-01-20 16:53:02	Name: __gads Value: ID=5ab44d190d6632ba-22a5f6dc43d8006b:T=1668686498:RT=1668686498:S=ALNI_MbosOOUyiWreaMMEkUk8rpyjQz1Ng
.fforfree.net/	1970-01-20 16:53:02	Name: __gpi Value: UID=00000b8290d6d704:T=1668686498:RT=1668686498:S=ALNI_MbfUILiEPcyCCmzCghBYyTfybUfSA
www.fforfree.net/	1970-01-20 17:00:14	Name: __atuvc Value: 1%7C46
www.fforfree.net/	1970-01-20 07:31:28	Name: __atuvs Value: 637622a139b440ae000
www.fforfree.net/	1970-01-20 07:41:31	Name: logedin_user Value: yes
.addthis.com/	1970-01-20 17:00:14	Name: uvc Value: 1%7C46
.fforfree.net/	1970-01-20 17:07:26	Name: _ga Value: GA1.2.1591039200.1668686498
.fforfree.net/	1970-01-20 07:32:52	Name: _gid Value: GA1.2.680255879.1668686499
.fforfree.net/	1970-01-20 07:31:26	Name: _gat_blogger Value: 1
.adhitzads.com/	1970-01-20 07:31:28	Name: __cf_bm Value: U81MhRqas46jTQA8wuZ2mHHdRQIkU2VFqh.6uWL9x7Y-1668686499-0-AQ/NCN4kmXR+sJ3TtPGcXGJszD87+vzkFOT6fAeGcTSMKgPbfCNNKhgJ+o4uzRkoiTJR1kvIWAlg7F0PmTXVdJMpfixnXTEbZaNiJQS3/Nn0rk1FCthnKBzwS1AhdQ1oCa9fPOiVChUNqaVAFn0Z4XA=
.addthis.com/	1970-01-20 17:00:14	Name: loc Value: MDAwMDBFVURFQlkyMjk3MTkwOTAwNTAwMDBDSA==

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://adhitzads.com/1157934 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://p3.adhitzads.com/?z=1157934&p=3670852124&l=https%3A//www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html&c=1, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://adhitzads.com/1157934 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://p3.adhitzads.com/?z=1157934&p=3670852124&l=https%3A//www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html&c=1, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://adhitzads.com/1157936 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://p3.adhitzads.com/?z=1157936&p=3670852124&l=https%3A//www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html&c=2, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://adhitzads.com/1157936 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://p3.adhitzads.com/?z=1157936&p=3670852124&l=https%3A//www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html&c=2, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
javascript	warning	URL: https://adhitzads.com/1158659 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://p3.adhitzads.com/?z=1158659&p=3670852124&l=https%3A//www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html&c=3, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://adhitzads.com/1158659 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://p3.adhitzads.com/?z=1158659&p=3670852124&l=https%3A//www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html&c=3, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://adhitzads.com/1157942 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://p3.adhitzads.com/?z=1157942&p=3670852124&l=https%3A//www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html&c=4, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://adhitzads.com/1157942 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://p3.adhitzads.com/?z=1157942&p=3670852124&l=https%3A//www.fforfree.net/2022/11/win-from-1000000-prize-pool-using.html&c=4, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
3.bp.blogspot.com
4.bp.blogspot.com
adhitzads.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
api-public.addthis.com
axm.am
blogger.googleusercontent.com
cdn.jsdelivr.net
connect.facebook.net
contextual.media.net
fonts.gstatic.com
googleads.g.doubleclick.net
images-eu.ssl-images-amazon.com
imasdk.googleapis.com
img1.blogblog.com
img2.blogblog.com
lg3.media.net
lh3.googleusercontent.com
m.addthis.com
netdna.bootstrapcdn.com
p3.adhitzads.com
pagead2.googlesyndication.com
partner.googleadservices.com
platform.twitter.com
play.google.com
region1.google-analytics.com
resources.infolinks.com
router.infolinks.com
rt3066.infolinks.com
s7.addthis.com
static.xx.fbcdn.net
stats.g.doubleclick.net
syndication.twitter.com
themes.googleusercontent.com
tpc.googlesyndication.com
v1.addthisedge.com
www.alexamaster.net
www.blogger.com
www.facebook.com
www.fforfree.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
z.moatads.com
s7.addthis.com
104.244.42.200
172.66.41.9
172.66.42.247
188.114.96.3
188.114.97.3
2001:4860:4802:34::36
2001:4860:4802:38::178
23.3.108.146
23.35.236.23
2600:9000:2250:da00:1d:d7f6:39d2:2dc1
2606:2800:234:59:254c:406:2366:268c
2606:4700:20::6819:d60e
2606:4700:3037::ac43:d5af
2606:4700::6810:5614
2606:4700::6812:acf
2a00:1450:4001:800::2002
2a00:1450:4001:806::2003
2a00:1450:4001:806::2009
2a00:1450:4001:808::2003
2a00:1450:4001:80b::2001
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2008
2a00:1450:4001:812::2002
2a00:1450:4001:813::2004
2a00:1450:4001:827::2002
2a00:1450:4001:828::200a
2a00:1450:4001:829::200e
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2013
2a00:1450:400c:c1b::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
88.221.168.23
88.221.169.143
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
01cf911d54c9e2547560245636e9f06e22144701b8a5417d4b8a9d64d38907a4
027ed758b38095182f14c711cb1cd37f0b6c875e6af628009c74c3b0b51267c6
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
055ff8aac18e88894d9637b7b71e40388f0c79c85ac424ec1dd313654d9a202d
065a05d12986a9e31fba40f27204e3d048315acb63e4f70b2cc7d44a6f80df3f
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
089ba3705fbf50df482ab6c1ddf46a33b215f5f978df998d078173771874275a
0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182
0d2fd5a42a1849ad0d820611e243fd81fe81ee767716b639ff7e88c1e9f78bb6
0e8f379e022326c1b0bae7255ced9cac2bd14aacd974659e7bd671883151f2da
10000e50858213f4e33be0c6e50ffac69e77fe180e9aa08d4aa241273506bb91
1258cbe1e2900ec3df11a83a6bb6008d7a833f783a6df80b0d5d45a052ac1466
12b91cbf31131a10b1fc2aa05047c027caeac0d6e0ca5deadf418fff63d68082
18e6b5ff511b90edf098e62ac45ed9d6673a3eee10165d0de4164d4d02a3a77f
19a26d6046c4fcfe9e3efbc1fb7532f424c6b0b7590b9e193788e30bce8b9836
19d4271a3e3063f161006be788ad2cdfe9b338983a5784c7d16623202529ec63
1a2eca9e492e3a21e02dd77ad44d7af45c4091d35ede79e948b7a3f23e5b3617
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c0db27e4556c71afdfdd26c299cd411fb4a99fe17e16dcbbf98890b3c94c898
1c7d9c12751d4b4899b38915c41c781b4d51b8797be3f2cf6aa11783ad8f786d
1cf5db85551f638836fa079f70fb11f767af1278c8d9125a0561c740b3cb361f
20b3d6d34889066fcd50eb88cb80a5087080666ab0eeec0efd5cc802ca8a2389
236dca679b9983d1fbea0415d584b17d80f1c6942506fc508a5384db924e8795
247ee3d40a1b8dcee5bbc76ca53675aeeb426a9d275689963b1ae5755429dfc4
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2932c372d614e9690d4d71b385576efd6f044d8be3f13932e057b7d8f4a3caf2
2b21cd24845d1751ff7cc4a2932082e7dd3c74bbb8627a36b76baca6cca702ad
2eedc2f9b35fcfc18d673a35bb0998501d68d96e01d864aabb82e65912d4af77
2fb94cc5f4e050854cd18abcf65c8e58f62f512e141acf6b256aadbc27f1a48e
3213448f16d6a360d0e39ee82c9307e22a5d3cc28a4c753a69defea70a730572
362ddfd3e9f35df206d9797c15438d3c61578ea7112530df0afb65a89d4204b6
383218cb294a8a07fefa67740d966d1bef0e356d01e9fc63f4b2dc136c31f863
3892194bde677d26e5378f5c0027e2a74c2f5a8ce048a199f5406e6f03a0e7ee
3a8f496e28814e57ddaa2474e2ae6f8a0fe45c3e01c19408d3f5213362d70cf4
3ab10c5e05718d4f60b61c1eb224e2cfc79f4965f000a75eab92f55401cc7784
3d6e48e780f8e97bf4079061eba0eff349ec2385882224ebe73b534a7d401089
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4114ecdf5d96f4e79271fa0541c464c811404186307fca09981ad363f732a0cc
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
4e6d3f1f588616c930f21daf344c4727b785221e2b70aaeb0ae4dcad867e51fc
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
50b13585ed21438e2a55bf0a647898c33076ee5e514fbfc93dabae5d05fbd578
54dc3389db625e7f7c7e132597d2cf0a8926694d58073839e78d56641c7dc9af
54ff9917daf6f89618357ef569223a5bd81eb9ef0255509aa77167cd9ee9e458
5528103076c556b1198833c6155ca2f574bd9cacf118ef5fd15a155fcae6799a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c5077e0a0db30b7f2a938d63fad713d38fa0cdd0dbeace68388c01afe2b07e9
6195e47d2f3ff2aa8fadc719cb73e604b168ddd94300b9ceec794fb6508b3d38
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
654054d57d0184c0f925aa8890f206bf4432243ff8a971700b55217eccbe4e3d
65f87e0c829aeec7d1549d22c44fdbe9040b76d140039431204d57b3ab1c59a7
6813c37ce5e435c4e28032f31708e09dfed30efa63c45475c1a9c85dccbe8dbd
6913b814328f4d80daa2d0c46beb7fd6ceb864b8b44015bc7d2c7671bf992196
693a5a2a96bdfcf418995c6fe870e5b81ef76e3cb186daba01561709a00fe1c0
6d99010de4ec3209a93a3ef5246bcdae2bc6d141c4759746cb6e941913e7fc8f
6f89e99efc0eea07bf14a075d710418fd34911ec489ca6a47cf210611c11b96a
710af5165eaf30a70a8ef8f60cadcce3f99f9d8b4bae6b58f768785c706c62b8
7184ab41cf778b1cf21506d80700c19163c1515a4a909e269695bf42d61da3db
7195ba7461548fed7d173ba8ade5e39f4cb8d63e30501ef71ec5df63dd5bdf16
737407b74c04b9c14f929fdc9c5e81272082c8ec3c43ce3e09814d378733b0c0
7479748bad5793b25b90b43aec31d698a6dc56b094c4b5d26ac884bce952931c
777d394a7deef366f50fb137c76d021b9aae4ca400085b2f2382698d5d2cffa1
7ab5733d8d7ee5b303129398a6f790b3c6113e9eeb9257231d33de60ab322c05
7b332ef1a96c34c52e537f89d5df9e43ef159e3d44d353edb735c60981c873de
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7e53b3769afdd8f0fa7b68676e002ed838d9a29075abe804684ad37c0b34b437
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
858364408782a9612aca179e63cfcda6c8c64bbbebc65ec7a1dba1823d7084cd
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8892e168a6af9402ced4fac0f964c6621e05cb699339042f1963a97caafa8cfe
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8a4c1a9c94a568f6bd90a0b2cb5b00789e08c1492679a3f4f7071158bf771d7a
8babc6251b8f7915d69560cdb0dec012baa2f04cce542f2c697cfd9340056b36
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74
908ee2fd6b9d49f79a93871f876be4a4c157d33450fa2e81d6beb93378d58f74
936498f6f387daaf63b2d72b028f7c5d8faab853e62b2be2615b25fa3bface8c
958a13285f4c480cc7a987e4b2f5b4139be833c4241f9749fafc9ab2837eeaa9
9a493deb59fb86cc0ab0cd4accfeaa6d0ecda0bf8d9c3dfc3dcc9fa6d6ab1e25
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a168d1e996cb763f2389e5c477bf10dc46c5926893141f4717afce97dcd9986e
a1a69bdf9e753f0c8524e794e4bba536e6da5aba20e52b33977ab1c3b7fa89e9
a3df7e53b9a28f9bdc9e3bf931d9113075aa9760b6c28d65c82a6ed0503e853e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c7e27a9c10ae53482c7fb2393ef68adb693bf0c904b6c91efcf0098538cf7d
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
afb456e5a898d57bc2fdafbafdce585c5aa9b662991fb07505429cf7e03b617a
b2b59b9d801d2e0ae7f31daa67c8bde210dfdddbe578daa32c92ddf272fa8b13
b2bdac211f43fbee9eeb4d50f8755206599f76296cd15316a97c9d2cb2050d2f
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
b361dfac4c3b72c27b698ae99da626c46df5d974eb7920ab795f2658264e994e
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b8794fd6664c984c074ea7c0581e0b453ad7001bbf66e57628b4ab870861563e
bbb102718687334c9562f1048617e79c04e1a0f281aafafa919b597e4cdb0178
bc4edba7ac87e542bd6cfd4d21c94a262beb08813d386cf9e23a2a87ad78189f
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
bef56192c4438f55e44ef5f1a4402bea3d56fb4a83ef5f53fd64b1d6fe1a9602
c02444f391e8655e79ff8d7d4cb69c3426c3bffbf8731a994fa23aed0f641d12
c5ddb995fe37710a4be439e4e3f45016cd7b7ecfa3423a29e4f4f4dcce63efff
c752966435826f865df5163012e3066bd9f0339b1959098323533be261741246
c7f10c5f7547a02b6c8d0facb13a1b251c576c230f43c344b560325112a59374
c97c6711a3842ff47e9255b0d954eef44acb0ae4625ca9180e3f5bcde4f0f8b1
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
cb0bd5d2cc88092310a7b930cac2525ceefc79a6771f323e97ddda3de4797c40
cd67c4cb6c4b151e33bb80c76ca70090dfd5516a51a0c30e28fd26926d394662
d18b18250cdccb2800690c44057977a40ecc71a787959028c64f32b886279ad3
d1f2f1ebeab540e9c0cd4344da7b0be68ebeec23f7fc0763ab227782b3fef94d
d22088a9105fbffcbe83dab1bb5dd223de382bca10f232eaddf7d1ef51e71e89
d4c5b6a9ce505adcf1ffc563f9c907d5a3d34bede0a2fc2380c478687df2af56
dba231f6519df12cf44a56859bd6093066dcafb2a0cbb933f949d943a8e167e9
dc00075a2c0bfbea04d59f8fabbd0858e4547ddc8ed8104233f3d19eb67bb8f1
dff7d54ce96e86c2eb245775388ec5e4641e115fd2d48bbe58163abee78d8b58
e24a26a6226c0d1387f608616601f58f3020c404268cc51075c3ae620cc2021c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b8ee13d35110d7006bc5c5147ee0a0c6c3e1f26b2f246b8d5e57edf4f6b97b
e44458c2c9acea446178d73575b53255ee7ba669c33cb20cfea94b90908f921d
e4f924eac92aa3cc4ea64f2891447e8bd3af49e1a5c0bcd04b7356e2f7f1c04c
ea8591fe79529defd75d76e3788daae8f6f4e25b90951a86c124be2b81b34865
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f181ed240d4e6ceac0664cd647edf7ea5c642f32f8e95d5ceef0eb04217d7c89
f2a6ded7556d771600b4d94471cc3152af15867a3b9c75706d7a3760c981887f
f6587ac0c2edd169ec3e851e369358ef6e37792b1d3cd6ae56f948c26b4241f0
fc61703e1ce27b748ad533e812e2b242334ff3eee6dff91b2cc13d1ca35227bf
fd29b4e0c034534da5c0e752a7274590e5503542d00fd66ecf09b733f8845f5b

www.fforfree.net Open in urlscan Pro 2a00:1450:4001:830::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

152 Requests

99 %HTTPS

74 %IPv6

29 Domains

49 Subdomains

36 IPs

4 Countries

5458 kBTransfer

9718 kBSize

15 Cookies

14 Outgoing links

Redirected requests

152 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.fforfree.net Open in urlscan Pro
2a00:1450:4001:830::2013 Public Scan

Screenshot
Live screenshot

Full Image

152
Requests

99 %
HTTPS

74 %
IPv6

29
Domains

49
Subdomains

36
IPs

4
Countries

5458 kB
Transfer

9718 kB
Size

15
Cookies

152 HTTP transactions
6 data transactions