urlscan.io logo urlscan.io
SecurityTrails logo

getthemfree.com Open in urlscan Pro
172.67.198.47  Public Scan

Go To Rescan Add Verdict Report
URL: https://getthemfree.com/
Submission: On April 06 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 46 IPs in 2 countries across 33 domains to perform 135 HTTP transactions. The main IP is 172.67.198.47, located in United States and belongs to CLOUDFLARENET, US. The main domain is getthemfree.com.
TLS certificate: Issued by E1 on April 5th 2024. Valid for: 3 months.
This is the only time getthemfree.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 10 172.67.198.47 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
6 142.251.167.155 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
16 104.16.133.22 13335 (CLOUDFLAR...)
10 146.75.36.193 54113 (FASTLY)
2 104.20.95.138 13335 (CLOUDFLAR...)
6 104.17.111.223 13335 (CLOUDFLAR...)
4 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
3 3.162.8.154 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 13.225.195.74 16509 (AMAZON-02)
1 23.14.152.251 16625 (AKAMAI-AS)
2 3.162.3.126 16509 (AMAZON-02)
2 172.64.152.89 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 2620:100:a001::4 19750 (AS-CRITEO)
1 34.96.70.87 ()
5 172.253.63.155 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
5 142.251.111.155 15169 (GOOGLE)
2 4 35.244.193.51 396982 (GOOGLE-CL...)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
1 104.16.134.22 13335 (CLOUDFLAR...)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
1 3.161.215.181 16509 (AMAZON-02)
1 2620:100:a001::c 19750 (AS-CRITEO)
2 18.214.198.116 14618 (AMAZON-AES)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 34.98.64.218 396982 (GOOGLE-CL...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 10 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2 68.67.178.10 29990 (ASN-APPNEX)
3 3 15.197.193.217 16509 (AMAZON-02)
2 2 8.28.7.83 62713 (AS-PUBMATIC)
1 69.173.151.100 26667 (RUBICONPR...)
3 3 34.111.113.62 396982 (GOOGLE-CL...)
1 2 142.251.167.156 15169 (GOOGLE)
1 1 2620:112:f008... 26120 (RHYTHMONE)
2 2 35.171.196.178 14618 (AMAZON-AES)
1 69.194.240.13 26120 (RHYTHMONE)
1 2 52.46.143.56 16509 (AMAZON-02)
2 172.253.62.100 15169 (GOOGLE)
1 142.251.111.97 15169 (GOOGLE)
1 162.19.138.83 ()
11 172.253.115.113 ()
135 46
10    172.67.198.47 (United States)

ASN13335 (CLOUDFLARENET, US)
getthemfree.com
1    2607:f8b0:4004:c06::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    142.251.167.155 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f155.1e100.net
pagead2.googlesyndication.com
3    2607:f8b0:4004:c19::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
16    104.16.133.22 (None, )

ASN13335 (CLOUDFLARENET, US)
live.demand.supply
10    146.75.36.193 (Reston, United States)

ASN54113 (FASTLY, US)
i.imgur.com
2    104.20.95.138 (None, )

ASN13335 (CLOUDFLARENET, US)
secure.statcounter.com
c.statcounter.com
6    104.17.111.223 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
img.onesignal.com
4    2607:f8b0:4004:c07::5e (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2607:f8b0:4004:c08::9b (Washington, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    3.162.8.154 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-8-154.yul62.r.cloudfront.net
c.amazon-adsystem.com
2    2607:f8b0:4004:c07::8a (Washington, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2607:f8b0:4004:c06::71 (Washington, United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2607:f8b0:4004:c19::9d (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    13.225.195.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-195-74.yul62.r.cloudfront.net
config.aps.amazon-adsystem.com
1    23.14.152.251 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-14-152-251.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
2    3.162.3.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-126.yul62.r.cloudfront.net
tags.crwdcntrl.net
2    172.64.152.89 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
1    2606:4700:10::6816:35ad (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
1    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
1    34.96.70.87 (None, )

ASN- ()
invstatic101.creativecdn.com
5    172.253.63.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f155.1e100.net
securepubads.g.doubleclick.net
3    2607:f8b0:4004:c06::84 (Washington, United States)

ASN15169 (GOOGLE, US)
af98924eabbe11dfd04de132ef8e86cd.safeframe.googlesyndication.com
5    142.251.111.155 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f155.1e100.net
googleads.g.doubleclick.net
4    35.244.193.51 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.193.244.35.bc.googleusercontent.com
lexicon.33across.com
3    2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
pixels.ad.gt
1    104.16.134.22 (None, )

ASN13335 (CLOUDFLARENET, US)
api.demand.supply
2    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
1    3.161.215.181 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-215-181.yul62.r.cloudfront.net
aax.amazon-adsystem.com
1    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
2    18.214.198.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-198-116.compute-1.amazonaws.com
bcp.crwdcntrl.net
2    2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)
a.ad.gt
1    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
google-bidout-d.openx.net
2    2607:f8b0:4004:c06::8b (Washington, United States)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
10    2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)
p.ad.gt
ids.ad.gt
2    68.67.178.10 (North Bergen, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
3    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
3    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
2    142.251.167.156 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f156.1e100.net
cm.g.doubleclick.net
1    2620:112:f008:200::101 (United States)

ASN26120 (RHYTHMONE, US)
d.turn.com
2    35.171.196.178 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-171-196-178.compute-1.amazonaws.com
dpm.demdex.net
1    69.194.240.13 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
2    52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    172.253.62.100 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f100.1e100.net
www.google-analytics.com
1    142.251.111.97 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f97.1e100.net
www.googletagmanager.com
1    162.19.138.83 (None, )

ASN- ()
lb.eu-1-id5-sync.com
11    172.253.115.113 (None, )

ASN- ()
fundingchoicesmessages.google.com
Apex Domain
Subdomains		 Transfer
17 demand.supply
live.demand.supply — Cisco Umbrella Rank: 69386
api.demand.supply — Cisco Umbrella Rank: 139112
47 KB
15 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 1689
a.ad.gt — Cisco Umbrella Rank: 1902
p.ad.gt — Cisco Umbrella Rank: 2058
ids.ad.gt — Cisco Umbrella Rank: 1619
pixels.ad.gt — Cisco Umbrella Rank: 2007
19 KB
15 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 212
stats.g.doubleclick.net — Cisco Umbrella Rank: 96
googleads.g.doubleclick.net — Cisco Umbrella Rank: 39
cm.g.doubleclick.net — Cisco Umbrella Rank: 260
256 KB
14 google.com
analytics.google.com — Cisco Umbrella Rank: 159
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 664
72 KB
10 imgur.com
i.imgur.com — Cisco Umbrella Rank: 8091
939 KB
10 getthemfree.com
getthemfree.com
92 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 115
af98924eabbe11dfd04de132ef8e86cd.safeframe.googlesyndication.com
188 KB
7 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 303
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 629
aax.amazon-adsystem.com — Cisco Umbrella Rank: 409
s.amazon-adsystem.com — Cisco Umbrella Rank: 319
82 KB
6 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1296
lexicon.33across.com — Cisco Umbrella Rank: 1470
11 KB
6 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 4867
onesignal.com — Cisco Umbrella Rank: 1424
img.onesignal.com — Cisco Umbrella Rank: 8450
108 KB
4 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1120
bcp.crwdcntrl.net — Cisco Umbrella Rank: 957
25 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
23 KB
4 gstatic.com
fonts.gstatic.com
168 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 43
336 KB
3 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 496
1 KB
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 354
1 KB
3 openx.net
oajs.openx.net — Cisco Umbrella Rank: 2814
google-bidout-d.openx.net — Cisco Umbrella Rank: 2782
490 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 230
1 KB
2 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 918
626 B
2 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 497
2 KB
2 statcounter.com
secure.statcounter.com — Cisco Umbrella Rank: 23105
c.statcounter.com — Cisco Umbrella Rank: 11545
14 KB
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com
275 B
1 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 545
99 B
1 turn.com
d.turn.com — Cisco Umbrella Rank: 1279
443 B
1 rubiconproject.com
token.rubiconproject.com — Cisco Umbrella Rank: 487
694 B
1 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 465
1 creativecdn.com
invstatic101.creativecdn.com
1 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 702
13 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 2295
8 KB
1 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 985
id5-sync.com Failed
27 KB
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 1859
10 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1201
17 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 38
2 KB
135 33
Domain Requested by
16 live.demand.supply getthemfree.com
live.demand.supply
client
13 fundingchoicesmessages.google.com pagead2.googlesyndication.com
10 i.imgur.com getthemfree.com
10 getthemfree.com 1 redirects getthemfree.com
9 ids.ad.gt 1 redirects getthemfree.com
7 securepubads.g.doubleclick.net live.demand.supply
securepubads.g.doubleclick.net
6 pagead2.googlesyndication.com getthemfree.com
pagead2.googlesyndication.com
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
4 lexicon.33across.com 2 redirects getthemfree.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 fonts.gstatic.com fonts.googleapis.com
4 www.googletagmanager.com getthemfree.com
www.googletagmanager.com
p.ad.gt
3 pixel.tapad.com 3 redirects
3 match.adsrvr.org 3 redirects
3 af98924eabbe11dfd04de132ef8e86cd.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 onesignal.com cdn.onesignal.com
3 c.amazon-adsystem.com live.demand.supply
c.amazon-adsystem.com
2 s.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
2 dpm.demdex.net 2 redirects
2 cm.g.doubleclick.net 1 redirects getthemfree.com
2 image2.pubmatic.com 2 redirects
2 secure.adnxs.com 2 redirects
2 a.ad.gt cdn.hadronid.net
p.ad.gt
2 bcp.crwdcntrl.net tags.crwdcntrl.net
2 oajs.openx.net 1 redirects getthemfree.com
2 id.hadron.ad.gt cdn.hadronid.net
2 cdn-ima.33across.com getthemfree.com
securepubads.g.doubleclick.net
2 tags.crwdcntrl.net getthemfree.com
securepubads.g.doubleclick.net
2 cdn.onesignal.com getthemfree.com
cdn.onesignal.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 pixels.ad.gt p.ad.gt
1 img.onesignal.com getthemfree.com
1 sync.1rx.io getthemfree.com
1 d.turn.com 1 redirects
1 token.rubiconproject.com getthemfree.com
1 p.ad.gt a.ad.gt
1 google-bidout-d.openx.net oa.openxcdn.net
1 gum.criteo.com static.criteo.net
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 api.demand.supply live.demand.supply
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.id5-sync.com getthemfree.com
1 cdn.hadronid.net getthemfree.com
1 secure.cdn.fastclick.net getthemfree.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 c.statcounter.com secure.statcounter.com
1 secure.statcounter.com getthemfree.com
1 fonts.googleapis.com getthemfree.com
0 id5-sync.com Failed cdn.id5-sync.com
135 53

This site contains links to these domains. Also see Links.

Domain
signup.getthemfree.com
sulvo.com
Subject Issuer Validity Valid
getthemfree.com
E1		 2024-04-05 -
2024-07-04		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
demand.supply
Cloudflare Inc ECC CA-3		 2024-01-20 -
2024-12-31		 a year crt.sh
*.imgur.com
Sectigo RSA Domain Validation Secure Server CA		 2024-02-15 -
2025-02-14		 a year crt.sh
statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-05 -
2025-01-03		 a year crt.sh
onesignal.com
GTS CA 1P5		 2024-04-01 -
2024-06-30		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-12-30 -
2024-12-04		 a year crt.sh
*.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2024-01-21 -
2025-02-19		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-03 -
2024-10-03		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
hadronid.net
GTS CA 1P5		 2024-03-31 -
2024-06-29		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-07 -
2024-05-06		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2024-03-20 -
2024-06-18		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-17 -
2024-05-17		 3 months crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2024-02-20 -
2024-05-20		 3 months crt.sh
id.hadron.ad.gt
E1		 2024-03-27 -
2024-06-25		 3 months crt.sh
alt1-3ps.amazon-adsystem.com
Amazon RSA 2048 M03		 2024-03-29 -
2025-04-28		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-08 -
2024-05-07		 3 months crt.sh
a.ad.gt
E1		 2024-02-12 -
2024-05-12		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
p.ad.gt
Cloudflare Inc ECC CA-3		 2023-11-09 -
2024-11-07		 a year crt.sh
ids.ad.gt
E1		 2024-03-12 -
2024-06-10		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-03-04 -
2025-04-03		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2023-07-18 -
2024-06-28		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-01-01 -
2024-12-21		 a year crt.sh
pixels.ad.gt
E1		 2024-03-12 -
2024-06-10		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2024-03-01 -
2024-05-30		 3 months crt.sh

This page contains 12 frames:

Primary Page: https://getthemfree.com/
Frame ID: 3CB88A91A3AEFCF36ED178A1D2D665DB
Requests: 124 HTTP requests in this frame

Frame: https://af98924eabbe11dfd04de132ef8e86cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2066D4A0D9F87413086B0271F586E823
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457878580494322&output=html&adk=1812271804&adf=3025194257&lmt=1712367043&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fgetthemfree.com%2F&pra=5&wgl=1&easpi=0&asro=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTA1IixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEwNSJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTA1Il1dLDBd&dt=1712367043490&bpp=3&bdt=564&idt=332&shv=r20240403&mjsv=m202404020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=123696961357&frm=20&pv=2&ga_vid=282563199.1712367044&ga_sid=1712367044&ga_hid=1982678726&ga_fc=1&u_tz=-600&u_his=2&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1113&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081577%2C31082546%2C44795921%2C95329439%2C95329462%2C95329571%2C31081481%2C95321866&oid=2&pvsid=2042256077585477&tmod=1635368768&uas=0&nvt=1&fsapi=1&fc=1920&brdim=350%2C350%2C350%2C350%2C800%2C0%2C1600%2C1200%2C1600%2C1113&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=352
Frame ID: 316F00162C356399B064F59D9CBE7D62
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457878580494322&output=html&h=280&slotname=6569822962&adk=703261541&adf=3572771682&pi=t.ma~as.6569822962&w=764&fwrn=4&fwrnh=100&lmt=1712367043&rafmt=1&format=764x280&url=https%3A%2F%2Fgetthemfree.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTA1IixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEwNSJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTA1Il1dLDBd&dt=1712367043493&bpp=2&bdt=567&idt=363&shv=r20240403&mjsv=m202404020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=123696961357&frm=20&pv=1&ga_vid=282563199.1712367044&ga_sid=1712367044&ga_hid=1982678726&ga_fc=1&u_tz=-600&u_his=2&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&dmc=8&adx=418&ady=282&biw=1600&bih=1113&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081577%2C31082546%2C44795921%2C95329439%2C95329462%2C95329571%2C31081481%2C95321866&oid=2&pvsid=2042256077585477&tmod=1635368768&uas=0&nvt=1&fc=1920&brdim=350%2C350%2C350%2C350%2C800%2C0%2C1600%2C1200%2C1600%2C1113&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=369
Frame ID: E52AA7787BE712B26FEE27CDAA8E4306
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457878580494322&output=html&h=280&slotname=9153246427&adk=3543362286&adf=47391912&pi=t.ma~as.9153246427&w=764&fwrn=4&fwrnh=100&lmt=1712367043&rafmt=1&format=764x280&url=https%3A%2F%2Fgetthemfree.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTA1IixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEwNSJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTA1Il1dLDBd&dt=1712367043495&bpp=1&bdt=569&idt=385&shv=r20240403&mjsv=m202404020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C764x280&nras=1&correlator=123696961357&frm=20&pv=1&ga_vid=282563199.1712367044&ga_sid=1712367044&ga_hid=1982678726&ga_fc=1&u_tz=-600&u_his=2&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&dmc=8&adx=418&ady=1324&biw=1600&bih=1113&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081577%2C31082546%2C44795921%2C95329439%2C95329462%2C95329571%2C31081481%2C95321866&oid=2&pvsid=2042256077585477&tmod=1635368768&uas=0&nvt=1&fc=1920&brdim=350%2C350%2C350%2C350%2C800%2C0%2C1600%2C1200%2C1600%2C1113&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=390
Frame ID: 956BE133A87C16121FC1E4E2ABDDC88B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457878580494322&output=html&h=280&slotname=9153246427&adk=1226393271&adf=3514278603&pi=t.ma~as.9153246427&w=764&fwrn=4&fwrnh=100&lmt=1712367043&rafmt=1&format=764x280&url=https%3A%2F%2Fgetthemfree.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTA1IixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEwNSJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTA1Il1dLDBd&dt=1712367043496&bpp=1&bdt=570&idt=401&shv=r20240403&mjsv=m202404020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C764x280%2C764x280&nras=1&correlator=123696961357&frm=20&pv=1&ga_vid=282563199.1712367044&ga_sid=1712367044&ga_hid=1982678726&ga_fc=1&u_tz=-600&u_his=2&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&dmc=8&adx=418&ady=2356&biw=1600&bih=1113&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081577%2C31082546%2C44795921%2C95329439%2C95329462%2C95329571%2C31081481%2C95321866&oid=2&pvsid=2042256077585477&tmod=1635368768&uas=0&nvt=1&fc=1920&brdim=350%2C350%2C350%2C350%2C800%2C0%2C1600%2C1200%2C1600%2C1113&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=405
Frame ID: 985D9D9DAC28E7F5835DAFC80C07C6E7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457878580494322&output=html&h=280&slotname=9153246427&adk=2392330190&adf=3749224529&pi=t.ma~as.9153246427&w=764&fwrn=4&fwrnh=100&lmt=1712367043&rafmt=1&format=764x280&url=https%3A%2F%2Fgetthemfree.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTA1IixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEwNSJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTA1Il1dLDBd&dt=1712367043497&bpp=1&bdt=571&idt=421&shv=r20240403&mjsv=m202404020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C764x280%2C764x280%2C764x280&nras=1&correlator=123696961357&frm=20&pv=1&ga_vid=282563199.1712367044&ga_sid=1712367044&ga_hid=1982678726&ga_fc=1&u_tz=-600&u_his=2&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&dmc=8&adx=418&ady=3388&biw=1600&bih=1113&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081577%2C31082546%2C44795921%2C95329439%2C95329462%2C95329571%2C31081481%2C95321866&oid=2&pvsid=2042256077585477&tmod=1635368768&uas=0&nvt=1&fc=1920&brdim=350%2C350%2C350%2C350%2C800%2C0%2C1600%2C1200%2C1600%2C1113&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=425
Frame ID: 290D9773865279EA258FBFA5E38B81DA
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=getthemfree.com
Frame ID: C0D9E8D96D006DC3E157708F8ABAA3FA
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: DF0E46ED3CB7DDA5803BDFCED8B139BC
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_n-adMediaV1_n-simpli.fi_rbd_n-baidu_n-Beeswax_cnv_sovrn_n-Outbrain&dcc=t
Frame ID: AEB8A8884ECF96E734D590C555DC56DD
Requests: 1 HTTP requests in this frame

Frame: https://af98924eabbe11dfd04de132ef8e86cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: AA43177D89D96B4B7D18C048831B3300
Requests: 1 HTTP requests in this frame

Frame: https://af98924eabbe11dfd04de132ef8e86cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 668A9DF1D0B13A7A20285CEB716EFB25
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Get Stuff For Free Online - Get Them Free

Page URL History Show full URLs

  1. https://getthemfree.com/ Page URL
  2. https://getthemfree.com/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=15594660 HTTP 302
    http://getthemfree.com/ HTTP 307
    https://getthemfree.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • statcounter\.com/counter/counter

Page Statistics

135
Requests

91 %
HTTPS

33 %
IPv6

33
Domains

53
Subdomains

46
IPs

2
Countries

2455 kB
Transfer

5316 kB
Size

53
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://getthemfree.com/ Page URL
  2. https://getthemfree.com/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=15594660 HTTP 302
    http://getthemfree.com/ HTTP 307
    https://getthemfree.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 73
  • https://lexicon.33across.com/v1/envelope?pid=001Pg000002x0XYIAY&src=aps&ver=1.9.0 HTTP 307
  • https://lexicon.33across.com/v1/envelope?pid=001Pg000002x0XYIAY&src=aps&ver=1.9.0&b=1&g=U%2FSsoVzpsGMQP%2BKcGQ8U12rgemtNt6dksDEFBLl8ypU%3D
Request Chain 77
  • https://lexicon.33across.com/v1/envelope?pid=001Pg000002x0XYIAY&src=esp&ver=1.9.0 HTTP 307
  • https://lexicon.33across.com/v1/envelope?pid=001Pg000002x0XYIAY&src=esp&ver=1.9.0&b=1&g=zCDgvHxBAKujmK1nSyFGQTaaax4IM5J2V7FdKMFbgYk%3D
Request Chain 80
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fgetthemfree.com%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fgetthemfree.com%2F&rid=esp&cc=1
Request Chain 94
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001712367045-DAC05IDJ-9FPM&adnxs_id=$UID&gdpr=0 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001712367045-DAC05IDJ-9FPM%26adnxs_id%3D%24UID%26gdpr%3D0 HTTP 302
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001712367045-DAC05IDJ-9FPM&adnxs_id=6467454702009562819&gdpr=0
Request Chain 95
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001712367045-DAC05IDJ-9FPM&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001712367045-DAC05IDJ-9FPM&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/t_match?tdid=eaaad294-9533-4309-bb27-817f6f3d1234&id=AU1D-0100-001712367045-DAC05IDJ-9FPM
Request Chain 96
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001712367045-DAC05IDJ-9FPM HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001712367045-DAC05IDJ-9FPM HTTP 302
  • https://ids.ad.gt/api/v1/pbm_match?pbm=761E79A2-5107-44BC-B0BE-DD796766C5F8&id=AU1D-0100-001712367045-DAC05IDJ-9FPM
Request Chain 98
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001712367045-DAC05IDJ-9FPM&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001712367045-DAC05IDJ-9FPM%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001712367045-DAC05IDJ-9FPM&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001712367045-DAC05IDJ-9FPM%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=1040fa65-5a2e-44cb-8ff8-eb56ec9e2e84%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fid%25253DAU1D-0100-001712367045-DAC05IDJ-9FPM%252526tapad_id%25253D1040fa65-5a2e-44cb-8ff8-eb56ec9e2e84%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=eaaad294-9533-4309-bb27-817f6f3d1234&ttd_puid=1040fa65-5a2e-44cb-8ff8-eb56ec9e2e84%2Chttps%253A%252F%252Fids.ad.gt%252Fapi%252Fv1%252Ftapad_match%253Fid%253DAU1D-0100-001712367045-DAC05IDJ-9FPM%2526tapad_id%253D1040fa65-5a2e-44cb-8ff8-eb56ec9e2e84%2C HTTP 302
  • https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001712367045-DAC05IDJ-9FPM&tapad_id=1040fa65-5a2e-44cb-8ff8-eb56ec9e2e84
Request Chain 99
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001712367045-DAC05IDJ-9FPM HTTP 302
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001712367045-DAC05IDJ-9FPM&google_gid=CAESEMePMk1i9mC5Alv3SmdebG0&google_cver=1&google_ula=450542624,0
Request Chain 100
  • https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001712367045-DAC05IDJ-9FPM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcxMjM2NzA0NS1EQUMwNUlESi05RlBN
Request Chain 101
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODI0MTY1OC90LzA/url/https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Famo_match%3Fturn_id%3D%24!%7BTURN_UUID%7D%26id%3DAU1D-0100-001712367045-DAC05IDJ-9FPM HTTP 302
  • https://ids.ad.gt/api/v1/amo_match?turn_id=3063437934731683584&id=AU1D-0100-001712367045-DAC05IDJ-9FPM
Request Chain 102
  • https://dpm.demdex.net/ibs:dpid=348447&dpuuid=AU1D-0100-001712367045-DAC05IDJ-9FPM&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001712367045-DAC05IDJ-9FPM HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=348447&dpuuid=AU1D-0100-001712367045-DAC05IDJ-9FPM&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001712367045-DAC05IDJ-9FPM HTTP 302
  • https://ids.ad.gt/api/v1/adb_match?adb=09726853124841323783055383026355538446&id=AU1D-0100-001712367045-DAC05IDJ-9FPM
Request Chain 104
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_n-adMediaV1_n-simpli.fi_rbd_n-baidu_n-Beeswax_cnv_sovrn_n-Outbrain HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_n-adMediaV1_n-simpli.fi_rbd_n-baidu_n-Beeswax_cnv_sovrn_n-Outbrain&dcc=t

135 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
getthemfree.com/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://getthemfree.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.198.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
cf-cache-status
DYNAMIC
cf-edge-cache
no-cache
cf-ray
86fe03992da5a51e-MIA
content-encoding
br
content-type
text/html
date
Sat, 06 Apr 2024 01:30:41 GMT
last-modified
Saturday, 06-Apr-2024 01:30:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xzR664cA3r0xXhMBjdOTpOpVsK%2BugRlPH%2FtwGoK9GeT%2BIeU8kPSMfdXZAiTAQOMNeivRgQCVLe7HYz%2BVOsQV%2BWAS4eWqjhVjo4DjkrNnMlspDkqDlxGgAp3WQvwXP9Miafk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
Primary Request /
getthemfree.com/
Redirect Chain
  • https://getthemfree.com/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=15594660
  • http://getthemfree.com/
  • https://getthemfree.com/
69 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://getthemfree.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.198.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
bf091f26e0956a5868ecb095198d1d2c8b11707602106292c8b88de49995b1f7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
86fe039b191fa51e-MIA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 06 Apr 2024 01:30:42 GMT
link
<https://getthemfree.com/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v%2ByJuHd7zTL2TEoRAoBiDLsIjHx9bVBeuSruYbMgpnK0hqE7I64zB%2Fcw%2BWL%2F6y1ZfS2YlTnBvz36Hu93sUJQD19NEcaRzW975Iuuf6ThxuHs0NjERysBBxtswIOPwyoUd3E%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=63072000; includeSubDomains
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
PHP/7.4.33
x-turbo-charged-by
LiteSpeed

Redirect headers

Location
https://getthemfree.com/
Non-Authoritative-Reason
HttpsUpgrades
3wmfa.css
getthemfree.com/wp-content/cache/wpfc-minified/22d19rnh/ 		111 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://getthemfree.com/wp-content/cache/wpfc-minified/22d19rnh/3wmfa.css
Requested by
Host: getthemfree.com
URL: https://getthemfree.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.198.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c93380f71bab57d15c959a18670753a916d470527ace7beb5b119f851fcedbab
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 01:30:43 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 04 Apr 2024 05:57:32 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S%2BigdfbDHg3X%2BcT%2BPORGYp%2FOQDzhu2iNCOLfAMOx3ZDCR8dUW7MLhNdNiE1n%2B8797dUJU41WVK32z%2B715Ye37n8wfAhVtI0dxodg3gPnBiI6vqX4bE3cvdpB%2F1Oy5zT703s%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=16070400
x-turbo-charged-by
LiteSpeed
cf-ray
86fe03a26c0da51e-MIA
expires
max-age=A10368000, public
3wmfa.css
getthemfree.com/wp-content/cache/wpfc-minified/lcl6ktl2/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://getthemfree.com/wp-content/cache/wpfc-minified/lcl6ktl2/3wmfa.css
Requested by
Host: getthemfree.com
URL: https://getthemfree.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.198.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b096cfae2525b059116d8b86e549bf6ae43fdcc78a90c72a3a42236d5caac52
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 01:30:43 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 04 Apr 2024 05:57:32 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pz3GQLTRsIz9tZ6ImvKSAe2Z2KYFylBudfgNr7bg2kGJwm8uIJHr3UIwiMbXipN0U%2FdnA4wr1r%2FDK4%2FLGSg1sxBJuMb21QTZlkYVn27qhoeZDgKVdhos1G7uupAJwcn90PE%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=16070400
x-turbo-charged-by
LiteSpeed
cf-ray
86fe03a26c16a51e-MIA
expires
max-age=A10368000, public
css
fonts.googleapis.com/ 		22 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400italic,700italic,400,700&subset=latin,latin-ext
Requested by
Host: getthemfree.com
URL: https://getthemfree.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dc8e02e4c8cbc847c79e57f90b4255e2d1fdc8938b8f63455eb8187f0981e6f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sat, 06 Apr 2024 01:30:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 06 Apr 2024 01:02:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 06 Apr 2024 01:30:43 GMT
3wmfa.css
getthemfree.com/wp-content/cache/wpfc-minified/1r0ip8ti/ 		27 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://getthemfree.com/wp-content/cache/wpfc-minified/1r0ip8ti/3wmfa.css
Requested by
Host: getthemfree.com
URL: https://getthemfree.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.198.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc7851d85e3a071b8ebfe213f2eb716ade4ac37424fb1acc303d8f94042015e6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 01:30:43 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 04 Apr 2024 05:57:32 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TjqjbSWMnliPLJEXQPzqkwS%2F6ACVVrP3IR7YTpaO9n%2FTsxx%2B0dt%2FZvNMuMDDaAL8HJSGXJBDu%2BJiE52AMdqvfNE0FXHAR3HY20w2d%2BI6gI8p3cyt3YHCH1CmJ6LHS157EPw%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=16070400
x-turbo-charged-by
LiteSpeed
cf-ray
86fe03a26c19a51e-MIA
expires
max-age=A10368000, public
3wmfa.js
getthemfree.com/wp-content/cache/wpfc-minified/jlwbvapj/ 		99 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://getthemfree.com/wp-content/cache/wpfc-minified/jlwbvapj/3wmfa.js
Requested by
Host: getthemfree.com
URL: https://getthemfree.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.198.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3ad907e499584dd836b99d39ab55cd0d83a3e2e2c3029a2ac2f8cb757bb1db6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 01:30:43 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 04 Apr 2024 05:57:32 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G%2F0XJZE36YPfGqle5mqySLe%2B8WQpHnvpnf9dq0f3Bw9bTaYJcKIzSPdRKnTX6AT0NOkkjBUcfR3hlzoAQMnWQCAmQ5dWbQNBqcECjwq%2BmviOp%2B5umCNwkE11OljOQy4fTdU%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=16070400
x-turbo-charged-by
LiteSpeed
cf-ray
86fe03a26c1ca51e-MIA
expires
max-age=A10368000, public
3wmfa.js
getthemfree.com/wp-content/cache/wpfc-minified/8z2kdpvk/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://getthemfree.com/wp-content/cache/wpfc-minified/8z2kdpvk/3wmfa.js
Requested by
Host: getthemfree.com
URL: https://getthemfree.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.198.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47c1a4540623d2e00f1e4922f331b9aaf09b4da9b3a0ee3339a5793dd062fc0c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 01:30:43 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 04 Apr 2024 05:57:32 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FkI6vATJoeKvB5EA28iFXWCJTHFxJQozQ%2BENgjLM7%2B%2B2EQVv11vqgcajh6WYGugGlQDA0jbaEPab5Z%2F9uhqlp%2BAbOQjpp4a%2FdQHWbzRsTsVXw00G2kE1LQiKBJcwQ43Z4e0%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=16070400
x-turbo-charged-by
LiteSpeed
cf-ray
86fe03a26c1da51e-MIA
expires
max-age=A10368000, public
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: getthemfree.com
URL: https://getthemfree.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f155.1e100.net
Software
cafe /
Resource Hash
0eef34c4edfb01eeb5ddb3c6e4126066bfffbc17dbcd4a5d5c28987abbe1400e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 01:30:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50835
x-xss-protection
0
server
cafe
etag
8042407644252369173
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sat, 06 Apr 2024 01:30:43 GMT
js
www.googletagmanager.com/gtag/ 		255 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-18RX439ERZ
Requested by
Host: getthemfree.com
URL: https://getthemfree.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a2bfecfe18c5752df616d64c3e0e8e909d26f168e9b764778d70d4f5771092ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 01:30:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91521
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 06 Apr 2024 01:30:43 GMT
js
www.googletagmanager.com/gtag/ 		198 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-109750086-4
Requested by
Host: getthemfree.com
URL: https://getthemfree.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fef220df8fc6b0e5b86f10511750a9e03d5ab1de896a1bc4519f860d0683fc75
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 01:30:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
73370
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 06 Apr 2024 01:30:43 GMT
up.js
live.demand.supply/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/up.js
Requested by
Host: getthemfree.com
URL: https://getthemfree.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68420f584eab089b657ad902b4749ab0a21a6731f50b636f48be68143dc09bd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nf-request-id
01HTRAY7GZ92AXWB7SH4VAC7CX
date
Sat, 06 Apr 2024 01:30:43 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
age
354
cf-polished
origSize=10824
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"b0261feb8721dd850a4b130c7d564960-ssl-df"
cache-status
"Netlify Edge"; hit
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray
86fe03a2ac57a4e6-MIA
link
<https://live.demand.supply/impl.v17.30.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v17-24-0/Z2V0dGhlbWZyZWUuY29tLw==>; rel=preload; as=script
timing-allow-origin
*
cropped-head.jpg
getthemfree.com/wp-content/uploads/2016/08/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://getthemfree.com/wp-content/uploads/2016/08/cropped-head.jpg
Requested by
Host: getthemfree.com
URL: https://getthemfree.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.198.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88ce1658ba2be3aff3ee7f42554d9ee76bcc30bcc037343bb1b81de28d4fde55
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 01:30:43 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
16655
last-modified
Sun, 14 Aug 2016 05:20:51 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yC9tGtee4zEyiGxKdvUnWyxUL1mfQJr2%2BpqXFxXzknEqYyvASCxcZyNdpSKBQenDA6RRFgPDi5JsVJm%2Bbsyt3nGbQmNFEd1zj7kgQRDEnRNN8hogSLJhFJuSrKYSe%2FlWCsU%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=16070400
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
86fe03a26c1fa51e-MIA
expires
max-age=A10368000, public
U8mcVu1.png
i.imgur.com/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/U8mcVu1.png
Requested by
Host: getthemfree.com
URL: https://getthemfree.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.36.193 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
35dbe43884ae9399e35f22ff0e1aa7ba4ae61266351b591bacaf8393be7f873f
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 01:30:43 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
MIA3-C4
age
1944286
x-cache
Miss from cloudfront, HIT
content-length
10939
x-served-by
cache-iad-kcgs7200027-IAD
last-modified
Tue, 27 Feb 2018 01:10:01 GMT
server
cat factory 1.0
x-timer
S1712367043.077117,VS0,VE2
etag
"c49a82382fef3eabcbb35c81e3832066"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
uOW9sG3IrAHKUGpbaPMWkr0JIxdlgIQhZu8_W4IQB4cFv7zH3aXuww==
x-cache-hits
1
19xnbNz.gif
i.imgur.com/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/19xnbNz.gif
Requested by
Host: getthemfree.com
URL: https://getthemfree.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.36.193 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
ed957d4626abb7a1f34c1842566c2d09eacd7764f1c7be7bb09f5db5afcbd6de
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 01:30:43 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD61-P2
age
2722157
x-cache
Miss from cloudfront, HIT
content-length
31471
x-served-by
cache-iad-kcgs7200027-IAD
last-modified
Tue, 27 Feb 2018 03:21:57 GMT
server
cat factory 1.0
x-timer
S1712367043.142604,VS0,VE5
etag
"a7c931365df738d63c3fb3a28986f788"
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
eV28gMlvwWZzq_XUGIhEnUDUF63ksAqrE9ju7ywjXOCyDbZUw3jg0w==
x-cache-hits
1
UnVF9hF.png
i.imgur.com/ 		290 KB
290 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/UnVF9hF.png
Requested by
Host: getthemfree.com
URL: https://getthemfree.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.36.193 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
08780e374b41f3c8d8bdffdc9f54643c85bfbfea42232d082a9d714ac6f614bd
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 01:30:43 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD89-P1
age
69343
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
content-length
296630
x-served-by
cache-iad-kcgs7200027-IAD
last-modified
Fri, 05 Apr 2024 06:13:33 GMT
server
cat factory 1.0
x-timer
S1712367043.076456,VS0,VE9
etag
"2860a009770e87daa69fa6cea8fcf426"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
OP6QdPFPhag7654jBLksin1yaGt4AQBMkdG2QdiyF2KNobsyZk5GpQ==
x-cache-hits
1
Sy5XHq9.png
i.imgur.com/ 		274 KB
275 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/Sy5XHq9.png?g
Requested by
Host: getthemfree.com
URL: https://getthemfree.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.36.193 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
52eeddca070a378eff31e61eed1f2f9c4068550af86bad3cfde565c07d933ea3
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 01:30:43 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD89-P1
age
69430
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
content-length
281025
x-served-by
cache-iad-kcgs7200027-IAD
last-modified
Fri, 05 Apr 2024 06:13:34 GMT
server
cat factory 1.0
x-timer
S1712367043.211994,VS0,VE3
etag
"caf7ef3a577bb6f0ff7bf47e226675a6"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
W2sGmmySBeC2xke_ce9s9lLizC6vVwYEpNhmVS5e7apWVz874eQogw==
x-cache-hits
1
CuBoYg6.png
i.imgur.com/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/CuBoYg6.png
Requested by
Host: getthemfree.com
URL: https://getthemfree.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.36.193 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
6ba4994619bacb4023ca637093fb78a7a5bf7c915443d5e358b1646a36ca5253
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 01:30:43 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD12-P2
age
1934912
x-cache
Miss from cloudfront, HIT
content-length
3416
x-served-by
cache-iad-kcgs7200027-IAD
last-modified
Sun, 16 Jun 2019 19:15:21 GMT
server
cat factory 1.0
x-timer
S1712367043.220569,VS0,VE3
etag
"3d0a89d933c34a52e8402891c954b603"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
zd6e2xoIChgM0wVeGCapklmMeUud7Jx1jTt-NEkpdWs-dBah2rdSAA==
x-cache-hits
1
counter.js
secure.statcounter.com/counter/ 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.statcounter.com/counter/counter.js
Requested by
Host: getthemfree.com
URL: https://getthemfree.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.95.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
163f56b3b6e604ea7f6aae49c6f6069fc9626233680d09d8a1034440d93d4ac4

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 01:30:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 04 Apr 2024 12:17:24 GMT
server
cloudflare
age
36744
etag
W/"660e9a54-8c64"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
cf-ray
86fe03a4687309ae-MIA
expires
Sat, 06 Apr 2024 03:18:19 GMT
navigation.js
getthemfree.com/wp-content/themes/twentytwelve/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://getthemfree.com/wp-content/themes/twentytwelve/js/navigation.js?ver=20140711
Requested by
Host: getthemfree.com
URL: https://getthemfree.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.198.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee2142d2d84e169a6f92e80040206a8ec7e7cd466fa0f131aee972c4ff512a78
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 01:30:43 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 18 Jan 2021 04:05:10 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6IO8YH%2FWjjk2iLTE%2BIuDbcXep51qhm6UnkhkcLVTqZXK8Di2cIT%2Faq8bRPCOpsHRCGaTFwqAKQ6gDbcISEqCdgsTyxj%2FJD%2FD0MiR%2FTb8cF2uzEaHv2yEo%2BKg%2FTGATG%2B1xV8%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=16070400
x-turbo-charged-by
LiteSpeed
cf-ray
86fe03a40e55a51e-MIA
expires
max-age=A10368000, public
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=1.0.0
Requested by
Host: getthemfree.com
URL: https://getthemfree.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 01:30:43 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
1483
etag
W/"a87c48d211877c49b878679b2e3cdab8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
86fe03a46ecb748b-MIA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Tue, 09 Apr 2024 01:30:43 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400italic,700italic,400,700&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://getthemfree.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 07:42:46 GMT
x-content-type-options
nosniff
age
236877
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 03 Apr 2025 07:42:46 GMT
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v40/ 		49 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400italic,700italic,400,700&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://getthemfree.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 08:03:57 GMT
x-content-type-options
nosniff
age
235606
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50296
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:10:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 03 Apr 2025 08:03:57 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400italic,700italic,400,700&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e510e61c497d334da21eccda06df5d3a428c9ea94d6903b6138e7c7255aba0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://getthemfree.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 19:38:41 GMT
x-content-type-options
nosniff
age
21122
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24984
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:04:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Apr 2025 19:38:41 GMT
Rx793Jm.jpg
i.imgur.com/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/Rx793Jm.jpg?g
Requested by
Host: getthemfree.com
URL: https://getthemfree.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.36.193 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
514ae0bec3cdce13932a24325f6b140a60659443940bfdeee8329b5833dfeed0
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 01:30:43 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD89-P1
age
751867
x-cache
Miss from cloudfront, HIT
content-length
55336
x-served-by
cache-iad-kcgs7200027-IAD
last-modified
Wed, 24 Jul 2019 20:56:19 GMT
server
cat factory 1.0
x-timer
S1712367043.244763,VS0,VE2
etag
"d01403859fed5e8f7872dbc2d085d386"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
q5Hp9o89pS9zsQXa-iUwoSQOzZ7edXjCah3fcGhd6n_O-TBDckVQIQ==
x-cache-hits
1
sMLMXVv.png
i.imgur.com/ 		98 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/sMLMXVv.png?g
Requested by
Host: getthemfree.com
URL: https://getthemfree.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.36.193 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
72e392b667e641122a7ee134d02b734093a8273640121ac968118595a6ca4a6b
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 01:30:43 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD89-P1
age
70939
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
content-length
100433
x-served-by
cache-iad-kcgs7200027-IAD
last-modified
Fri, 05 Apr 2024 05:48:24 GMT
server
cat factory 1.0
x-timer
S1712367043.245873,VS0,VE3
etag
"6cc72e0af4dcfdb949bd12762d99cc8f"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
Lv3AFz819x2dtTZlZGPy0sd19J834-hGNJYGe2Qs2Z9EkBKEUj1mpA==
x-cache-hits
1
RYoDIU1.jpg
i.imgur.com/ 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/RYoDIU1.jpg?g
Requested by
Host: getthemfree.com
URL: https://getthemfree.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.36.193 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
fba67d08e60f2178d9725dc3cb7a1b7106b1a1831ae66543e2ccc27cd81e95b9
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 01:30:43 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD89-P1
age
332197
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
content-length
69486
x-served-by
cache-iad-kcgs7200027-IAD
last-modified
Fri, 24 Mar 2023 05:11:03 GMT
server
cat factory 1.0
x-timer
S1712367043.245369,VS0,VE3
etag
"c68283029e06a1d5d889294605856549"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
uGvUn4LUJ4Uo8QncJRcu2XHgb_E3XgWEOjXN9m8tEZ6vemASO_WYWg==
x-cache-hits
1
bDctcR2.jpg
i.imgur.com/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/bDctcR2.jpg?g
Requested by
Host: getthemfree.com
URL: https://getthemfree.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.36.193 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
69e7e4728a3be58f64bae22c06c2d0daef329647c7c50cdce7fb5a49252cc7e1
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 01:30:43 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD89-P1
age
356025
x-cache
Miss from cloudfront, HIT
content-length
59148
x-served-by
cache-iad-kcgs7200027-IAD
last-modified
Tue, 18 Aug 2020 10:31:53 GMT
server
cat factory 1.0
x-timer
S1712367043.245874,VS0,VE2
etag
"8036fe6d689d79cdf59fe2968856c46a"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
DhsuKDf95cbFBYpyF6LeQ7iQeyBzwjVtxq-Xw_-sY1QiQ7lcV-avjg==
x-cache-hits
1
EBlqDlT.jpg
i.imgur.com/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/EBlqDlT.jpg?g
Requested by
Host: getthemfree.com
URL: https://getthemfree.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.36.193 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
58e65983c7ef4426dc8e721f57d5655fb1d1c2813ab048899bfc65c2619174b2
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 01:30:43 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD12-P2
age
52304
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
content-length
50702
x-served-by
cache-iad-kcgs7200027-IAD
last-modified
Thu, 04 May 2023 22:30:13 GMT
server
cat factory 1.0
x-timer
S1712367043.245285,VS0,VE3
etag
"7d473a70c60eb6fa4530ac19273f22e8"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
9Ajlw35-U8QvKk5ed4yjMp5uxbZxSt8tB-hCVFbDdjzEaiGm1CFuSw==
x-cache-hits
1
impl.v17.30.0.js
live.demand.supply/ 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/impl.v17.30.0.js
Requested by
Host: getthemfree.com
URL: https://getthemfree.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25cb3f54ef0953d30039c1189b90187639aa607db69acc4d247f77ac81191382
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nf-request-id
01HRWM4DP3APY1551MCRVR38HE
date
Sat, 06 Apr 2024 01:30:43 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
age
2009419
cf-polished
origSize=90386
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
server
cloudflare
cache-status
"Netlify Edge"; fwd=miss
etag
W/"6fdb4fd45ffe4cd8c38c39ec9472a221-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin
*
cf-ray
86fe03a45efba4e6-MIA
Z2V0dGhlbWZyZWUuY29tLw==
live.demand.supply/p4/v17-24-0/ 		544 B
508 B 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/p4/v17-24-0/Z2V0dGhlbWZyZWUuY29tLw==
Requested by
Host: getthemfree.com
URL: https://getthemfree.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
979c609807875125b8ec1db7f4414a378a9e29c0dd8184bf7653a7ae52eca2c2

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 01:30:43 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
86fe03a45effa4e6-MIA
alt-svc
h3=":443"; ma=86400
e.js
live.demand.supply/e/ 		0
514 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?e=ll&d=313&cs=c&dsReferer=Z2V0dGhlbWZyZWUuY29tLw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nf-request-id
01HRWM8KC4B7J77MEH1A4GHZ4J
date
Sat, 06 Apr 2024 01:30:43 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
705376
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
cache-status
"Netlify Edge"; fwd=stale
etag
"fbee6989874cef86694d7a2d31af072a-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
86fe03a48bec4954-MIA
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		91 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3185566f6af213fbc25952c158e163b424487337504166d169d84e3e439584e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 01:30:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29524
x-xss-protection
0
server
cafe
etag
66 / 19819 / m202404020101 / config-hash: 7795631271343578687
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 06 Apr 2024 01:30:43 GMT
ds.2.html
live.demand.supply/ 		413 B
615 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/ds.2.html
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nf-request-id
01HRWHAQVE5J15B04D4K3TS10Z
date
Sat, 06 Apr 2024 01:30:43 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
713493
cache-status
"Netlify Edge"; hit
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin
*
cf-ray
86fe03a48beb4954-MIA
alt-svc
h3=":443"; ma=86400
apstag.js
c.amazon-adsystem.com/aax2/ 		298 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.8.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-8-154.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2f2ef1a173106efc9f1e2048ee2a1f0ecac78e166a57e83128776f565312357e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 01:12:55 GMT
content-encoding
gzip
via
1.1 22e9d361a9c4153886c1c8aa0eb4ffa8.cloudfront.net (CloudFront), 1.1 212f3832d7f59d71fd3926166fcc89ae.cloudfront.net (CloudFront)
last-modified
Mon, 25 Mar 2024 17:06:15 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, YUL62-P2
age
1069
x-amz-server-side-encryption
AES256
etag
W/"b9e5bc6ae2304c1ff623d74c6e93fe00"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
6qYch1X1xfESj0AphyXm7SrqpTh04-lt0HfbKBA8KFYnszXb9Pi_dA==
uamp.1.json
live.demand.supply/ 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/uamp.1.json?&dsReferer=Z2V0dGhlbWZyZWUuY29tLw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
561aec52e5ec804ee143532298b8677dcf6da42fec6541484f50cdb94611d65b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nf-request-id
01HRWB6BB9KNQBZ2QBJSSME09D
date
Sat, 06 Apr 2024 01:30:43 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
828741
cache-status
"Netlify Edge"; hit
etag
W/"fb2d66ba4cc9ceaebfe17a5d08cbe63d-ssl-df"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
cf-ray
86fe03a48be84954-MIA
alt-svc
h3=":443"; ma=86400
t.php
c.statcounter.com/ 		192 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?sc_project=11073881&u1=4AB6111D09234FC1CED98D035105D46F&java=1&security=f9d6b577&sc_snum=1&sess=21e3ea&p=0&pv=10&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=800&h=600&camefrom=&u=https%3A//getthemfree.com/&t=Get%20Stuff%20For%20Free%20Online%20-%20Get%20Them%20Free&invisible=1&sc_rum_e_s=1677&sc_rum_e_e=1683&sc_rum_f_s=0&sc_rum_f_e=1674&get_config=true
Requested by
Host: secure.statcounter.com
URL: https://secure.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.95.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 01:30:43 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
access-control-allow-origin
https://getthemfree.com
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials
true
cf-ray
86fe03a4c8cf09ae-MIA
expires
Mon, 26 Jul 1997 05:00:00 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=1.0.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 01:30:43 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
419
etag
W/"e3be409ac3c100e2a5d3f264ec260551"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
86fe03a4ff97748b-MIA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Tue, 09 Apr 2024 01:30:43 GMT
web
onesignal.com/api/v1/sync/bd69a517-9eeb-402d-ad10-9ed664b9ebd7/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/bd69a517-9eeb-402d-ad10-9ed664b9ebd7/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58274c5b2e55bb32d59bbd649ae6e3a4369e8e479b17a0b2c763abb09b8cb0fb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 01:30:43 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
age
1880
cf-polished
origSize=3427
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
363447d4-f54b-4fbd-8d34-0c3e17202133
x-runtime
0.036287
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"039d3743eab3e322b34d9cbde07614f1"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
86fe03a5b8cf748b-MIA
access-control-allow-headers
SDK-Version
expires
Sat, 06 Apr 2024 02:30:43 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTVOmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTVOmu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400italic,700italic,400,700&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b0dab5300943d98f4f20de9d48a49e0186441f6fb8b5e95a9635a30c0b60e72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://getthemfree.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 20:31:30 GMT
x-content-type-options
nosniff
age
17953
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47136
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:04:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Apr 2025 20:31:30 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404020101/ 		406 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404020101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f155.1e100.net
Software
cafe /
Resource Hash
878a4f1b47e555c54778a38536f458ff0176f3f9c6f0e2764c2c0dd081c86efa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 01:30:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140988
x-xss-protection
0
server
cafe
etag
11452425304616282348
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Apr 2024 01:30:43 GMT
getthemfree.com_728x90_sticky_display_bottom_get_sticky_desktop_12-1-22
live.demand.supply/cp/ 		30 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/getthemfree.com_728x90_sticky_display_bottom_get_sticky_desktop_12-1-22?mlcu=b5ed889a-92dc-4713-ac3b-8c777f1c5535&mlos=wi&mlbr=ch&mlla=en&dsReferer=Z2V0dGhlbWZyZWUuY29tLw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.30.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6ec41b2408ba46a257150e2e6ea7389e1c3ddff49bc0db821f62b371f5cc4a5

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 01:30:43 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
86fe03a60d7e4954-MIA
alt-svc
h3=":443"; ma=86400
content-length
30
e.js
live.demand.supply/x/ 		0
509 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/x/e.js?ce=fs&dsReferer=Z2V0dGhlbWZyZWUuY29tLw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.30.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nf-request-id
01HRWB4BN3HCM76XXFR6P9BV2F
date
Sat, 06 Apr 2024 01:30:43 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
716834
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
"f64ad3fd16c8a1f2616df5990f49ab19-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
86fe03a60d7f4954-MIA
js
www.googletagmanager.com/gtag/ 		255 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-18RX439ERZ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-109750086-4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f6050e54c0c05177678a800112feb5049ed12498e467459e9f6690fdbe641163
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 01:30:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91569
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 06 Apr 2024 01:30:43 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-109750086-4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 06 Apr 2024 00:48:27 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
2536
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 06 Apr 2024 02:48:27 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020101/ 		440 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
62160f8005b05333e788cdc838dcddedf2039a7f8084ab5926d11651b4bcdd84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 00:51:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
2333
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141128
x-xss-protection
0
server
cafe
etag
1320909909656752868
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 06 Apr 2025 00:51:50 GMT
collect
analytics.google.com/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-18RX439ERZ&gtm=45je4430v9106563560za200&_p=1712367043188&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=282563199.1712367044&ul=en-us&sr=800x600&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1712367043&sct=1&seg=0&dl=https%3A%2F%2Fgetthemfree.com%2F&dt=Get%20Stuff%20For%20Free%20Online%20-%20Get%20Them%20Free&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1982
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-18RX439ERZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Apr 2024 01:30:43 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://getthemfree.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-18RX439ERZ&cid=282563199.1712367044&gtm=45je4430v9106563560za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-18RX439ERZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Apr 2024 01:30:43 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://getthemfree.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
66ef05f7-ad53-48f6-873a-ac7543370392
config.aps.amazon-adsystem.com/configs/ 		563 B
831 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/66ef05f7-ad53-48f6-873a-ac7543370392
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-74.yul62.r.cloudfront.net
Software
CloudFront /
Resource Hash
70cd8bae6ecc9925627d5ce7a3fbfdc4ac91e7a15918fdd359d71237d225e2b4

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 00:35:29 GMT
via
1.1 483c6b691461cafe6d23d15d609dc486.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
YUL62-C1
age
3314
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
563
x-amz-cf-id
PFC71dE2VJlqkju5ZHcX6Izw0KZbe-B-VraqEq_fZpVbEIck-F7IPQ==
config
c.amazon-adsystem.com/cdn/prod/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fgetthemfree.com&pubid=66ef05f7-ad53-48f6-873a-ac7543370392
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.8.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-8-154.yul62.r.cloudfront.net
Software
Server /
Resource Hash
23452e808e2b39a7c40341c31c2a707a3be2cfbe44800baa75f3dba415f12fcb

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 22:01:52 GMT
via
1.1 212f3832d7f59d71fd3926166fcc89ae.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
YUL62-P2
age
12530
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://getthemfree.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
2956
x-amz-cf-id
GWefJrwWTGNc6zY73fegwYiYLA1bgM1J4LBZqSFgejOJ08n984a5xw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.8.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-8-154.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 01:30:44 GMT
x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding
gzip
via
1.1 8b37208e69f78eef4dd958de00423132.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-P2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
xPr1WwKKB_Kok_WA7KjQyBmGbNPbDc14UOdC0lEEZ7m465FrgId2Kw==
OneSignalSDKStyles.css
onesignal.com/sdks/ 		82 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 01:30:43 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
418
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
86fe03a6fae7748b-MIA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Mon, 06 May 2024 01:30:43 GMT
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: getthemfree.com
URL: https://getthemfree.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.14.152.251 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-14-152-251.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 01:30:44 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Sat, 06 Apr 2024 01:45:44 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: getthemfree.com
URL: https://getthemfree.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.3.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-126.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ff15ac47504bb557006756aaba7dc0eadcf935f9633390f379405085d9f85de8

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 17:08:17 GMT
content-encoding
gzip
via
1.1 726979f71f252186e97d38202269f636.cloudfront.net (CloudFront)
last-modified
Wed, 14 Feb 2024 17:39:34 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P2
age
30148
etag
W/"0f107a0e7753aa69cd07ded21852408c"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
EXGqhCxhtzVnqaR5czst5gHD2D9utfuWJD2hHIXxqnF79GXu-uNH2Q==
ima.js
cdn-ima.33across.com/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ima.js
Requested by
Host: getthemfree.com
URL: https://getthemfree.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb8e4c9428bd82ff15d02b527e9dad30aefef0efe0516ac202dbb8f1b8e320f7

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 01:30:43 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 20 Mar 2024 17:01:51 GMT
server
cloudflare
age
197677
etag
W/"65fb167f-37c8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
86fe03a7cd397487-MIA
expires
Tue, 09 Apr 2024 01:30:43 GMT
hadron.js
cdn.hadronid.net/ 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fgetthemfree.com%2F&ref=&_it=amazon&partner_id=575
Requested by
Host: getthemfree.com
URL: https://getthemfree.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:35ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ddd96839c08e8cbdd3b1f56569b6d4770021731534b98dd17dec8526bb0d151

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 01:30:43 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 07 Mar 2024 15:57:22 GMT
server
cloudflare
x-amz-request-id
GPA71GZPJYF3GMCR
age
17
etag
W/"4f8d7eccb8b77bff110a91871ebadcc0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3600
cf-ray
86fe03a7cd7ddab9-MIA
x-amz-id-2
wVIO1wrs31x1jKRIz3dKPn3IKJaxmFZdB4TaOgRyJwNYeBol3+8I/Y1HD2dEOHBU8sCH74De62g=
expires
Sat, 06 Apr 2024 02:30:43 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/ 		92 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: getthemfree.com
URL: https://getthemfree.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80e66296a0e785e3cc19809ed93b74703d7e768c03d2eada3badca52dd27ef64
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 01:30:43 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
71ZWQM5RFX2YGD6Y
age
6
x-amz-server-side-encryption
AES256
x-amz-id-2
EC1U/ir6MM+Pieju9KRKXP2l4aYZVjyPF/rhfPopAz4C0nfmp4L5fbjGKeut6RgaNFkrm58d4Ygk+JHIOY5CJw==
last-modified
Wed, 20 Mar 2024 11:38:58 GMT
server
cloudflare
etag
W/"f162f0b97c89da6502a32c3c1206d74e"
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
86fe03a7cf4125b8-MIA
expires
Sat, 06 Apr 2024 02:30:43 GMT
icon
onesignal.com/api/v1/apps/bd69a517-9eeb-402d-ad10-9ed664b9ebd7/ 		278 B
807 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/apps/bd69a517-9eeb-402d-ad10-9ed664b9ebd7/icon
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7a674df31c1c2c7f3310ceed8e8e2243e22cf1a38c6ddedbd8d045891fdcccf
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 01:30:43 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
00567f35-5397-4a93-a8bd-5b86e3d6c394
x-runtime
0.012848
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"c7a674df31c1c2c7f3310ceed8e8e224"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept, Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
cf-ray
86fe03a7ab6e7425-MIA
access-control-allow-headers
SDK-Version
e.js
live.demand.supply/e/ 		0
514 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=getthemfree.com_auto_interstitial_desktop&sn=1&ific=true&e=iar2&dsReferer=Z2V0dGhlbWZyZWUuY29tLw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.30.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nf-request-id
01HRWM8KC4B7J77MEH1A4GHZ4J
date
Sat, 06 Apr 2024 01:30:43 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
705376
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
cache-status
"Netlify Edge"; fwd=stale
etag
"fbee6989874cef86694d7a2d31af072a-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
86fe03a78f2a4954-MIA
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 15 Mar 2024 05:36:12 GMT
content-encoding
gzip
age
1886072
x-guploader-uploadid
ABPtcPoeZX5IgSpuomAIkNvpOSBM4x7PbaQmaGSFJeSXk0VG0ew7Q1adSNrMjFVUwc3NFWdf2OY
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Sat, 15 Mar 2025 05:36:12 GMT
ob.js
cdn-ima.33across.com/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
595b6576e594c3553ce7a36527799e7e613828aa6b3e178831b087a8e6980412

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 01:30:43 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 20 Mar 2024 17:01:57 GMT
server
cloudflare
age
89642
etag
W/"65fb1685-3e0d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
86fe03a7cd3a7487-MIA
expires
Tue, 09 Apr 2024 01:30:43 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
2ac6aef1d4396fbf199ae8dc0a823013452ca6573bd210a77bbab1ac10f93fb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 01:30:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 19 Mar 2024 00:48:43 GMT
server
nginx
etag
W/"65f8e0eb-a5db"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 07 Apr 2024 01:30:44 GMT
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 -, , ASN (),
Reverse DNS
Software
Google Frontend /
Resource Hash
e388e19ca38c825b329e762c79c66bbd41bd334f18312c5e97fde0a8f64bca36

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 01:30:45 GMT
via
1.1 google, 1.1 google
last-modified
Mon, 05 Feb 2024 22:07:56 GMT
server
Google Frontend
etag
cd19e0900da0cdbc6697310fd9330fb6
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
e680337130b2d7391a2d05e602815744
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1195
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.3.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-126.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6cd320c5ba515fef3997afe473332231160a2cb715f1a99679a7cefa1cf0be0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 17:08:17 GMT
content-encoding
gzip
via
1.1 726979f71f252186e97d38202269f636.cloudfront.net (CloudFront)
last-modified
Wed, 14 Feb 2024 17:39:57 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P2
age
30148
etag
W/"21f8671135afbd2e874c42d3dc478afa"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
1svS7hP7YcWuE66xfe6yLeqvGDHjrVWwBnt9M3TJkA8fOxhEOCzd_g==
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
668 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2042256077585477&correlator=2676450340589708&eid=44809527%2C95327886%2C44780989&output=ldjh&gdfp_req=1&vrg=202404020101&ptt=17&impl=fif&iu_parts=44890869%3A21687656306%2Cca-pub-3831894559014614-tag%2Ce90a39f5-1a25-4050-8ba9-f229e83bd149&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=6&sfv=1-0-40&ists=1&fas=8&fsapi=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1712367043778&lmt=1712367043&adxs=-9&adys=-9&biw=1600&bih=1113&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTA1IixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEwNSJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTA1Il1dLDBd&url=https%3A%2F%2Fgetthemfree.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=282563199.1712367044&ga_sid=1712367044&ga_hid=1982678726&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYv4meiOsxSABSAghkEhsKDDMzYWNyb3NzLmNvbRi_iZ6I6zFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Yv4meiOsxSABSAghkEhQKBW9wZW54GL-JnojrMUgAUgIIZBIXCghydGJob3VzZRi_iZ6I6zFIAFICCGQ.&dlt=1712367042926&idt=812&prev_scp=ti%3Db5ed889a-92dc-4713-ac3b-8c777f1c5535%26interstitials-bid%3D23%26bid-p%3Dgoogle%26bsc%3D92&cust_params=amznbid%3D0%26amznp%3D0&adks=3350652972&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
fd435b2174c2323147a144baab9fd98aaf684cf40bc248eee03a636425fabe42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 01:30:44 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
637
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://getthemfree.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
af98924eabbe11dfd04de132ef8e86cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2066 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://af98924eabbe11dfd04de132ef8e86cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://getthemfree.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 06 Apr 2024 01:30:44 GMT
expires
Sun, 06 Apr 2025 01:30:44 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020101/ 		47 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
a0e06102ffd9d34b251fbf44f82f72025838a6e9220a5e78e473fb8162822bce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 18:26:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
25450
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15200
x-xss-protection
0
server
cafe
etag
17623702037466101204
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 05 Apr 2025 18:26:33 GMT
collect
www.google-analytics.com/j/ 		1 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1982678726&t=pageview&_s=1&dl=https%3A%2F%2Fgetthemfree.com%2F&ul=en-us&de=UTF-8&dt=Get%20Stuff%20For%20Free%20Online%20-%20Get%20Them%20Free&sd=24-bit&sr=800x600&vp=1600x1113&je=0&_u=YADAAUABAAAAACAAI~&jid=1471980327&gjid=1227699029&cid=282563199.1712367044&tid=UA-109750086-4&_gid=1058580189.1712367044&_r=1&gtm=457e4430za200&gcd=13l3l3l3l1&dma=0&jsscut=1&z=914018362
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 06 Apr 2024 01:30:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://getthemfree.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 316F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457878580494322&output=html&adk=1812271804&adf=3025194257&lmt=1712367043&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fgetthemfree.com%2F&pra=5&wgl=1&easpi=0&asro=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTA1IixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEwNSJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTA1Il1dLDBd&dt=1712367043490&bpp=3&bdt=564&idt=332&shv=r20240403&mjsv=m202404020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=123696961357&frm=20&pv=2&ga_vid=282563199.1712367044&ga_sid=1712367044&ga_hid=1982678726&ga_fc=1&u_tz=-600&u_his=2&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1113&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081577%2C31082546%2C44795921%2C95329439%2C95329462%2C95329571%2C31081481%2C95321866&oid=2&pvsid=2042256077585477&tmod=1635368768&uas=0&nvt=1&fsapi=1&fc=1920&brdim=350%2C350%2C350%2C350%2C800%2C0%2C1600%2C1200%2C1600%2C1113&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=352
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404020101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.111.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://getthemfree.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
1262
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 06 Apr 2024 01:30:44 GMT
expires
Sat, 06 Apr 2024 01:30:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=preloader-plus&ign=false&pw=1600&ph=1113&x=0&y=973.8
Requested by
Host: getthemfree.com
URL: https://getthemfree.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Apr 2024 01:30:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=prog-bar-wrapper&ign=false&pw=1600&ph=1113&x=0&y=0
Requested by
Host: getthemfree.com
URL: https://getthemfree.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Apr 2024 01:30:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame E52A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457878580494322&output=html&h=280&slotname=6569822962&adk=703261541&adf=3572771682&pi=t.ma~as.6569822962&w=764&fwrn=4&fwrnh=100&lmt=1712367043&rafmt=1&format=764x280&url=https%3A%2F%2Fgetthemfree.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTA1IixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEwNSJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTA1Il1dLDBd&dt=1712367043493&bpp=2&bdt=567&idt=363&shv=r20240403&mjsv=m202404020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=123696961357&frm=20&pv=1&ga_vid=282563199.1712367044&ga_sid=1712367044&ga_hid=1982678726&ga_fc=1&u_tz=-600&u_his=2&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&dmc=8&adx=418&ady=282&biw=1600&bih=1113&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081577%2C31082546%2C44795921%2C95329439%2C95329462%2C95329571%2C31081481%2C95321866&oid=2&pvsid=2042256077585477&tmod=1635368768&uas=0&nvt=1&fc=1920&brdim=350%2C350%2C350%2C350%2C800%2C0%2C1600%2C1200%2C1600%2C1113&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=369
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404020101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.111.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://getthemfree.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
39331
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 06 Apr 2024 01:30:44 GMT
expires
Sat, 06 Apr 2024 01:30:44 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 956B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457878580494322&output=html&h=280&slotname=9153246427&adk=3543362286&adf=47391912&pi=t.ma~as.9153246427&w=764&fwrn=4&fwrnh=100&lmt=1712367043&rafmt=1&format=764x280&url=https%3A%2F%2Fgetthemfree.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTA1IixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEwNSJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTA1Il1dLDBd&dt=1712367043495&bpp=1&bdt=569&idt=385&shv=r20240403&mjsv=m202404020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C764x280&nras=1&correlator=123696961357&frm=20&pv=1&ga_vid=282563199.1712367044&ga_sid=1712367044&ga_hid=1982678726&ga_fc=1&u_tz=-600&u_his=2&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&dmc=8&adx=418&ady=1324&biw=1600&bih=1113&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081577%2C31082546%2C44795921%2C95329439%2C95329462%2C95329571%2C31081481%2C95321866&oid=2&pvsid=2042256077585477&tmod=1635368768&uas=0&nvt=1&fc=1920&brdim=350%2C350%2C350%2C350%2C800%2C0%2C1600%2C1200%2C1600%2C1113&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=390
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404020101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.111.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://getthemfree.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
42149
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 06 Apr 2024 01:30:44 GMT
expires
Sat, 06 Apr 2024 01:30:44 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 985D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457878580494322&output=html&h=280&slotname=9153246427&adk=1226393271&adf=3514278603&pi=t.ma~as.9153246427&w=764&fwrn=4&fwrnh=100&lmt=1712367043&rafmt=1&format=764x280&url=https%3A%2F%2Fgetthemfree.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTA1IixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEwNSJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTA1Il1dLDBd&dt=1712367043496&bpp=1&bdt=570&idt=401&shv=r20240403&mjsv=m202404020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C764x280%2C764x280&nras=1&correlator=123696961357&frm=20&pv=1&ga_vid=282563199.1712367044&ga_sid=1712367044&ga_hid=1982678726&ga_fc=1&u_tz=-600&u_his=2&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&dmc=8&adx=418&ady=2356&biw=1600&bih=1113&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081577%2C31082546%2C44795921%2C95329439%2C95329462%2C95329571%2C31081481%2C95321866&oid=2&pvsid=2042256077585477&tmod=1635368768&uas=0&nvt=1&fc=1920&brdim=350%2C350%2C350%2C350%2C800%2C0%2C1600%2C1200%2C1600%2C1113&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=405
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404020101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.111.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://getthemfree.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
42145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 06 Apr 2024 01:30:44 GMT
expires
Sat, 06 Apr 2024 01:30:44 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
envelope
lexicon.33across.com/v1/
Redirect Chain
  • https://lexicon.33across.com/v1/envelope?pid=001Pg000002x0XYIAY&src=aps&ver=1.9.0
  • https://lexicon.33across.com/v1/envelope?pid=001Pg000002x0XYIAY&src=aps&ver=1.9.0&b=1&g=U%2FSsoVzpsGMQP%2BKcGQ8U12rgemtNt6dksDEFBLl8ypU%3D
42 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=001Pg000002x0XYIAY&src=aps&ver=1.9.0&b=1&g=U%2FSsoVzpsGMQP%2BKcGQ8U12rgemtNt6dksDEFBLl8ypU%3D
Requested by
Host: getthemfree.com
URL: https://getthemfree.com/
Protocol
H2
Server
35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://getthemfree.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Sat, 06 Apr 2024 01:30:44 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://getthemfree.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Sat, 06 Apr 2024 01:30:43 GMT
via
1.1 google
referrer-policy
unsafe-url
vary
origin
access-control-allow-origin
https://getthemfree.com
location
https://lexicon.33across.com/v1/envelope?pid=001Pg000002x0XYIAY&src=aps&ver=1.9.0&b=1&g=U%2FSsoVzpsGMQP%2BKcGQ8U12rgemtNt6dksDEFBLl8ypU%3D
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
hadron.json
id.hadron.ad.gt/v1/ 		100 B
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=575&sync=0&domain=getthemfree.com&url=https://getthemfree.com/
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fgetthemfree.com%2F&ref=&_it=amazon&partner_id=575
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dbb6ceb938165ad38e226f4a0a50d0b2bc2a59f95c64caffe92a083bb7101d4

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 06 Apr 2024 01:30:44 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
86fe03ab0c4274b8-MIA
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=575&sync=0&domain=getthemfree.com&url=https://getthemfree.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://getthemfree.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
86fe03aa8b5e74b8-MIA
content-length
0
content-type
application/json
date
Sat, 06 Apr 2024 01:30:44 GMT
debug
OPTIONS block
expires
Sun, 06 Apr 2025 01:30:44 GMT
server
cloudflare
ads
googleads.g.doubleclick.net/pagead/ Frame 290D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457878580494322&output=html&h=280&slotname=9153246427&adk=2392330190&adf=3749224529&pi=t.ma~as.9153246427&w=764&fwrn=4&fwrnh=100&lmt=1712367043&rafmt=1&format=764x280&url=https%3A%2F%2Fgetthemfree.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTA1IixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEwNSJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTA1Il1dLDBd&dt=1712367043497&bpp=1&bdt=571&idt=421&shv=r20240403&mjsv=m202404020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C764x280%2C764x280%2C764x280&nras=1&correlator=123696961357&frm=20&pv=1&ga_vid=282563199.1712367044&ga_sid=1712367044&ga_hid=1982678726&ga_fc=1&u_tz=-600&u_his=2&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&dmc=8&adx=418&ady=3388&biw=1600&bih=1113&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081577%2C31082546%2C44795921%2C95329439%2C95329462%2C95329571%2C31081481%2C95321866&oid=2&pvsid=2042256077585477&tmod=1635368768&uas=0&nvt=1&fc=1920&brdim=350%2C350%2C350%2C350%2C800%2C0%2C1600%2C1200%2C1600%2C1113&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=425
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404020101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.111.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://getthemfree.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
42089
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 06 Apr 2024 01:30:44 GMT
expires
Sat, 06 Apr 2024 01:30:44 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
envelope
lexicon.33across.com/v1/
Redirect Chain
  • https://lexicon.33across.com/v1/envelope?pid=001Pg000002x0XYIAY&src=esp&ver=1.9.0
  • https://lexicon.33across.com/v1/envelope?pid=001Pg000002x0XYIAY&src=esp&ver=1.9.0&b=1&g=zCDgvHxBAKujmK1nSyFGQTaaax4IM5J2V7FdKMFbgYk%3D
42 B
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=001Pg000002x0XYIAY&src=esp&ver=1.9.0&b=1&g=zCDgvHxBAKujmK1nSyFGQTaaax4IM5J2V7FdKMFbgYk%3D
Requested by
Host: getthemfree.com
URL: https://getthemfree.com/
Protocol
H2
Server
35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://getthemfree.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Sat, 06 Apr 2024 01:30:44 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://getthemfree.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Sat, 06 Apr 2024 01:30:44 GMT
via
1.1 google
referrer-policy
unsafe-url
vary
origin
access-control-allow-origin
https://getthemfree.com
location
https://lexicon.33across.com/v1/envelope?pid=001Pg000002x0XYIAY&src=esp&ver=1.9.0&b=1&g=zCDgvHxBAKujmK1nSyFGQTaaax4IM5J2V7FdKMFbgYk%3D
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
e.js
live.demand.supply/e/ 		0
516 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=getthemfree.com_728x90_sticky_display_bottom_get_sticky_desktop_12-1-22&pdc=0.48292219638824463&e=tcp&dsReferer=Z2V0dGhlbWZyZWUuY29tLw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.30.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nf-request-id
01HRWM8KC4B7J77MEH1A4GHZ4J
date
Sat, 06 Apr 2024 01:30:44 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
705377
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
cache-status
"Netlify Edge"; fwd=stale
etag
"fbee6989874cef86694d7a2d31af072a-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
86fe03aa1a464954-MIA
getthemfree.com_728x90_sticky_display_bottom_get_sticky_desktop_12-1-22
api.demand.supply/v17-24-0/a/ 		378 B
731 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.demand.supply/v17-24-0/a/getthemfree.com_728x90_sticky_display_bottom_get_sticky_desktop_12-1-22?&dsReferer=Z2V0dGhlbWZyZWUuY29tLw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.30.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.134.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39e050c4b7ea462b37b6f3ac2cab54e28a3d41f0bb5ca867d42eed13db896c69

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 01:30:44 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
5786
etag
W/"17a-OOhdbKTw468dSx2KRRvMmteqHrg"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
86fe03aa5d2f25a3-MIA
alt-svc
h3=":443"; ma=86400
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fgetthemfree.com%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fgetthemfree.com%2F&rid=esp&cc=1
85 B
194 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fgetthemfree.com%2F&rid=esp&cc=1
Requested by
Host: getthemfree.com
URL: https://getthemfree.com/
Protocol
H2
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
58054b6418eea2eee57bdd56d2b904c6a29d099d4fc13ca21406bf35a8aab715

Request headers

accept-language
en-US,en;q=0.9
Referer
https://getthemfree.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Sat, 06 Apr 2024 01:30:44 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-o95LwyQXmzAfkmREOp3YZS5R6do"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://getthemfree.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Sat, 06 Apr 2024 01:30:44 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://getthemfree.com
location
/esp?url=https%3A%2F%2Fgetthemfree.com%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
bid
aax.amazon-adsystem.com/e/dtb/ 		176 B
510 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fgetthemfree.com%2F&pid=MzKngN0FwFgKb&cb=0&ws=1600x1113&v=24.305.1002&t=2000&slots=%5B%7B%22sd%22%3A%22getthemfree.com_728x90_sticky_display_bottom_get_sticky_desktop_12-1-22%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22x86%22%2C%22bitness%22%3A%2264%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22Win32%22%2C%22version%22%3A%5B%2210%22%2C%220%22%2C%220%22%5D%7D%2C%22browsers%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%5B%22123%22%2C%220%22%2C%226312%22%2C%22105%22%5D%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%5B%228%22%2C%220%22%2C%220%22%2C%220%22%5D%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%5B%22123%22%2C%220%22%2C%226312%22%2C%22105%22%5D%7D%5D%7D%7D%7D&sm=a52dec9a-9bb7-43a6-a0fd-596f952c70ab&pubid=66ef05f7-ad53-48f6-873a-ac7543370392&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.215.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-215-181.yul62.r.cloudfront.net
Software
Server /
Resource Hash
f55623b3cea4c97af0d0e39ddd297a2f4a90769153fa8ff592cbf2318ac80f73

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 01:30:44 GMT
via
1.1 32ea9b2b7eaaba833294021989c78c08.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
YUL62-P1
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://getthemfree.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
176
x-amz-cf-id
FcXAAqfUSqYjUdzKUaMgpH5hq_RqTD1YS_bBVHp8CIswn0PhavV_Jw==
syncframe
gum.criteo.com/ Frame C0D9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=getthemfree.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://getthemfree.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 06 Apr 2024 01:30:43 GMT
server
Kestrel
server-processing-duration-in-ticks
516923
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
map
bcp.crwdcntrl.net/6/ 		154 B
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.198.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-198-116.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
0f1a83a67a5608a3e9f40bedb3cb8c22400fa7c951c6c9ed69558a0e34c724ee

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 06 Apr 2024 01:30:44 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://getthemfree.com
cache-control
no-cache
x-server
10.40.54.203
access-control-allow-credentials
true
content-length
154
expires
0
e.js
live.demand.supply/e/ 		0
516 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=getthemfree.com_auto_interstitial_desktop&e=nai&dsReferer=Z2V0dGhlbWZyZWUuY29tLw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.30.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nf-request-id
01HRWM8KC4B7J77MEH1A4GHZ4J
date
Sat, 06 Apr 2024 01:30:44 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
705377
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
cache-status
"Netlify Edge"; fwd=stale
etag
"fbee6989874cef86694d7a2d31af072a-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
86fe03ab4b964954-MIA
e.js
live.demand.supply/e/ 		0
514 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=getthemfree.com_auto_interstitial_desktop&sn=2&ific=false&e=iar2&dsReferer=Z2V0dGhlbWZyZWUuY29tLw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.30.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nf-request-id
01HRWM8KC4B7J77MEH1A4GHZ4J
date
Sat, 06 Apr 2024 01:30:44 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
705377
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
cache-status
"Netlify Edge"; fwd=stale
etag
"fbee6989874cef86694d7a2d31af072a-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
86fe03ab4b9d4954-MIA
ads
securepubads.g.doubleclick.net/gampad/ 		933 B
472 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2042256077585477&correlator=2928850731347203&eid=44809527%2C95327886%2C44780989&output=ldjh&gdfp_req=1&vrg=202404020101&ptt=17&impl=fif&iu_parts=44890869%3A21687656306%2Cca-pub-3831894559014614-tag%2Cf43314da-9035-4dea-9918-d647b422c50d&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=7&sfv=1-0-40&ists=1&fas=8&fsapi=1&eri=1&sc=1&cookie=ID%3Da26cef00da2202be%3AT%3D1712367043%3ART%3D1712367043%3AS%3DALNI_MZldF_o87_fO4diu5oxaGRlHih6_Q&gpic=UID%3D00000dd911bead51%3AT%3D1712367043%3ART%3D1712367043%3AS%3DALNI_MZ6BQyeYkT9Kot3pOWKcuS2vXVCVA&abxe=1&dt=1712367044359&lmt=1712367044&adxs=-9&adys=-9&biw=1600&bih=1113&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTA1IixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEwNSJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTA1Il1dLDBd&url=https%3A%2F%2Fgetthemfree.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=282563199.1712367044&ga_sid=1712367044&ga_hid=1982678726&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYv4meiOsxSABSAghkEhsKDDMzYWNyb3NzLmNvbRjSjZ6I6zFIAFICCG8SHQoOZXNwLmNyaXRlby5jb20Yv4meiOsxSABSAghkEhQKBW9wZW54GL-JnojrMUgAUgIIZBIXCghydGJob3VzZRi_iZ6I6zFIAFICCGQ.&dlt=1712367042926&idt=812&prev_scp=ti%3Db5ed889a-92dc-4713-ac3b-8c777f1c5535%26interstitials-bid%3D10%26bid-p%3Dgoogle%26bsc%3D92&cust_params=amznbid%3D1%26amznp%3D1&adks=3356468593&frm=20&eo_id_str=ID%3De00f5e8bfd01bfe2%3AT%3D1712367043%3ART%3D1712367043%3AS%3DAA-AfjYflCpcJTD5txsj03ti1KZU
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
9dbb63d80117871fa00d9750af1b2c223b449f4c1525acb5040b932eb4241208
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 01:30:44 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
440
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://getthemfree.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
map
bcp.crwdcntrl.net/6/ 		154 B
610 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.198.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-198-116.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
4eec87ac4ec72c8dcc82ae2234e510c62466d85805f92fd7251a998c260a70e2

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 06 Apr 2024 01:30:44 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://getthemfree.com
cache-control
no-cache
x-server
10.40.59.125
access-control-allow-credentials
true
content-length
154
expires
0
575
a.ad.gt/api/v1/u/matches/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/575?_it=amazon
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fgetthemfree.com%2F&ref=&_it=amazon&partner_id=575
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22542da93948262e8f80f10cabdd6bbf80b4b341fddba371cbbf59368ccfb10a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 01:30:44 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sat, 06 Apr 2024 01:23:54 GMT
server
cloudflare
age
215
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
86fe03ac19cb6dc8-MIA
pd
google-bidout-d.openx.net/w/1.0/ Frame DF0E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

Referer
https://getthemfree.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
452
content-type
text/html
date
Sat, 06 Apr 2024 01:30:44 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ca-pub-4457878580494322
fundingchoicesmessages.google.com/i/ 		180 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-4457878580494322?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404020101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
043695f80dfeffcab7618fe294701f6c1d87209e21704efea9c9d622f8ba3acf
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-cwvqTlJL6hSwMIkR-wH_Og' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 01:30:44 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-cwvqTlJL6hSwMIkR-wH_Og' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw1JBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJo6vL5kkgFgNiPnWTWdVAWLN9dNZA4E45vl01hQgdkqfwRoAxD71M1ijgLj15jnWyUB8csF51otAnPTvPGsBEAvxcBw5fWgDm8CJXS1bmQCICzW3"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pfno&evt=place&vh=1113&eid=42532561&hl=en&pvc=2042256077585477
Requested by
Host: getthemfree.com
URL: https://getthemfree.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Apr 2024 01:30:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
575
p.ad.gt/api/v1/p/ 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.ad.gt/api/v1/p/575
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/575?_it=amazon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f252a047f9dfad47818bd0f2a42487e719c8de0e9c0d0bf6e29eb7e3d2835829

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 01:30:44 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sat, 06 Apr 2024 01:28:37 GMT
server
cloudflare
age
28
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
86fe03acef345c71-MIA
halo_match
ids.ad.gt/api/v1/ 		43 B
170 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/halo_match?id=AU1D-0100-001712367045-DAC05IDJ-9FPM&halo_id=060kihgfc676faj6hbef6ekceadlebk8k98yusqoi020oew0sgmo0myimek0mgy4y
Requested by
Host: getthemfree.com
URL: https://getthemfree.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 01:30:44 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
86fe03ace96eb3c2-MIA
content-length
43
content-type
image/gif
match
ids.ad.gt/api/v1/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001712367045-DAC05IDJ-9FPM&adnxs_id=$UID&gdpr=0
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001712367045-DAC05IDJ-9FPM%26adnxs_id%3D%24UID%26gdpr%3D0
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001712367045-DAC05IDJ-9FPM&adnxs_id=6467454702009562819&gdpr=0
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001712367045-DAC05IDJ-9FPM&adnxs_id=6467454702009562819&gdpr=0
Requested by
Host: getthemfree.com
URL: https://getthemfree.com/
Protocol
H2
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://getthemfree.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Sat, 06 Apr 2024 01:30:44 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
86fe03ae5c0fb3c2-MIA
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 06 Apr 2024 01:30:44 GMT
an-x-request-uuid
b0150ab2-1ff6-4493-9cad-0173f9470115
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001712367045-DAC05IDJ-9FPM&adnxs_id=6467454702009562819&gdpr=0
x-proxy-origin
38.132.118.72; 38.132.118.72; 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
t_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001712367045-DAC05IDJ-9FPM&gdpr=0
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001712367045-DAC05IDJ-9FPM&gdpr=0
  • https://ids.ad.gt/api/v1/t_match?tdid=eaaad294-9533-4309-bb27-817f6f3d1234&id=AU1D-0100-001712367045-DAC05IDJ-9FPM
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/t_match?tdid=eaaad294-9533-4309-bb27-817f6f3d1234&id=AU1D-0100-001712367045-DAC05IDJ-9FPM
Requested by
Host: getthemfree.com
URL: https://getthemfree.com/
Protocol
H2
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://getthemfree.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Sat, 06 Apr 2024 01:30:44 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
86fe03adcaeab3c2-MIA
content-length
43
content-type
image/gif

Redirect headers

location
https://ids.ad.gt/api/v1/t_match?tdid=eaaad294-9533-4309-bb27-817f6f3d1234&id=AU1D-0100-001712367045-DAC05IDJ-9FPM
date
Sat, 06 Apr 2024 01:30:44 GMT
server
Kestrel
content-length
259
pbm_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001712367045-DAC05IDJ-9FPM
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001712367045-DAC05IDJ-9FPM
  • https://ids.ad.gt/api/v1/pbm_match?pbm=761E79A2-5107-44BC-B0BE-DD796766C5F8&id=AU1D-0100-001712367045-DAC05IDJ-9FPM
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/pbm_match?pbm=761E79A2-5107-44BC-B0BE-DD796766C5F8&id=AU1D-0100-001712367045-DAC05IDJ-9FPM
Requested by
Host: getthemfree.com
URL: https://getthemfree.com/
Protocol
H2
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://getthemfree.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Sat, 06 Apr 2024 01:30:44 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
86fe03adcae6b3c2-MIA
content-length
43
content-type
image/gif

Redirect headers

location
https://ids.ad.gt/api/v1/pbm_match?pbm=761E79A2-5107-44BC-B0BE-DD796766C5F8&id=AU1D-0100-001712367045-DAC05IDJ-9FPM
date
Sat, 06 Apr 2024 01:30:43 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
token
token.rubiconproject.com/ 		0
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001712367045-DAC05IDJ-9FPM&gdpr=0
Requested by
Host: getthemfree.com
URL: https://getthemfree.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
44e748b6247b033344ab4f6b8c0f8cbb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tapad_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001712367045-DAC05IDJ-9FPM&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001712367045...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001712367045-DAC05IDJ-9FPM&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001712...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=1040fa65-5a2e-44cb-8ff8-eb56ec9e2e84%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fi...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=eaaad294-9533-4309-bb27-817f6f3d1234&ttd_puid=1040fa65-5a2e-44cb-8ff8-eb56ec9e2e84%2Chttps%253A%252F%252Fids.ad.gt%252Fap...
  • https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001712367045-DAC05IDJ-9FPM&tapad_id=1040fa65-5a2e-44cb-8ff8-eb56ec9e2e84
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001712367045-DAC05IDJ-9FPM&tapad_id=1040fa65-5a2e-44cb-8ff8-eb56ec9e2e84
Requested by
Host: getthemfree.com
URL: https://getthemfree.com/
Protocol
H2
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://getthemfree.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Sat, 06 Apr 2024 01:30:44 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
86fe03ae5c10b3c2-MIA
content-length
43
content-type
image/gif

Redirect headers

date
Sat, 06 Apr 2024 01:30:44 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001712367045-DAC05IDJ-9FPM&tapad_id=1040fa65-5a2e-44cb-8ff8-eb56ec9e2e84
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
g_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001712367045-DAC05IDJ-9FPM
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001712367045-DAC05IDJ-9FPM&google_gid=CAESEMePMk1i9mC5Alv3SmdebG0&google_cver=1&google_ula=450542624,0
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001712367045-DAC05IDJ-9FPM&google_gid=CAESEMePMk1i9mC5Alv3SmdebG0&google_cver=1&google_ula=450542624,0
Requested by
Host: getthemfree.com
URL: https://getthemfree.com/
Protocol
H2
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://getthemfree.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Sat, 06 Apr 2024 01:30:44 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
86fe03ad7a4ab3c2-MIA
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 06 Apr 2024 01:30:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001712367045-DAC05IDJ-9FPM&google_gid=CAESEMePMk1i9mC5Alv3SmdebG0&google_cver=1&google_ula=450542624,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
357
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001712367045-DAC05IDJ-9FPM
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcxMjM2NzA0NS1EQUMwNUlESi05RlBN
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcxMjM2NzA0NS1EQUMwNUlESi05RlBN
Requested by
Host: getthemfree.com
URL: https://getthemfree.com/
Protocol
H2
Server
142.251.167.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://getthemfree.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Apr 2024 01:30:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcxMjM2NzA0NS1EQUMwNUlESi05RlBN
date
Sat, 06 Apr 2024 01:30:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
86fe03acf980b3c2-MIA
content-type
text/html; charset=utf-8
amo_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODI0MTY1OC90LzA/url/https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Famo_match%3Fturn_id%3D%24!%7BTURN_UUID%7D%26id%3DAU1D-0100-001712367045-DAC05IDJ-9FPM
  • https://ids.ad.gt/api/v1/amo_match?turn_id=3063437934731683584&id=AU1D-0100-001712367045-DAC05IDJ-9FPM
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/amo_match?turn_id=3063437934731683584&id=AU1D-0100-001712367045-DAC05IDJ-9FPM
Requested by
Host: getthemfree.com
URL: https://getthemfree.com/
Protocol
H2
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://getthemfree.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Sat, 06 Apr 2024 01:30:44 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
86fe03ae5c13b3c2-MIA
content-length
43
content-type
image/gif

Redirect headers

location
https://ids.ad.gt/api/v1/amo_match?turn_id=3063437934731683584&id=AU1D-0100-001712367045-DAC05IDJ-9FPM
pragma
no-cache
date
Sat, 06 Apr 2024 01:30:44 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
adb_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=348447&dpuuid=AU1D-0100-001712367045-DAC05IDJ-9FPM&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001712367045-DAC05I...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=348447&dpuuid=AU1D-0100-001712367045-DAC05IDJ-9FPM&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-01...
  • https://ids.ad.gt/api/v1/adb_match?adb=09726853124841323783055383026355538446&id=AU1D-0100-001712367045-DAC05IDJ-9FPM
43 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/adb_match?adb=09726853124841323783055383026355538446&id=AU1D-0100-001712367045-DAC05IDJ-9FPM
Requested by
Host: getthemfree.com
URL: https://getthemfree.com/
Protocol
H2
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://getthemfree.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Sat, 06 Apr 2024 01:30:45 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
86fe03af8dc0b3c2-MIA
content-length
43
content-type
image/gif

Redirect headers

dcs
dcs-prod-va6-2-v058-053f24b87.edge-va6.demdex.com 3 ms
pragma
no-cache
date
Sat, 06 Apr 2024 01:30:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
Nr/eI30qQtI=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://ids.ad.gt/api/v1/adb_match?adb=09726853124841323783055383026355538446&id=AU1D-0100-001712367045-DAC05IDJ-9FPM
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
0
sync.1rx.io/usersync/audigent/ 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/audigent/0?dspret=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001712367045-DAC05IDJ-9FPM%26unruly_id%3D%5BRX_UUID%5D
Requested by
Host: getthemfree.com
URL: https://getthemfree.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.13 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Apr 2024 01:30:46 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
iu3
s.amazon-adsystem.com/ Frame AEB8
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_n-adMediaV1_n-simpli.fi_rbd_n-baidu_n-Beeswax_cnv_sovrn_n-Outbrain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_n-adMediaV1_n-simpli.fi_rbd_n-baidu_n-Beeswax_cnv_sovrn_n-Outbrain&dcc=t
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_n-adMediaV1_n-simpli.fi_rbd_n-baidu_n-Beeswax_cnv_sovrn_n-Outbrain&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://getthemfree.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
346
Content-Type
text/html;charset=ISO-8859-1
Date
Sat, 06 Apr 2024 01:30:44 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
8R7NCZXHYNWMSV7058B8

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Sat, 06 Apr 2024 01:30:44 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_n-adMediaV1_n-simpli.fi_rbd_n-baidu_n-Beeswax_cnv_sovrn_n-Outbrain&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
BH58CGTMNCXCGZKMZYRK
EVpFXUU8TSSaF5rKrl4H_cropped-cropped-1%201.png
img.onesignal.com/permanent/b92eb784-0bd4-49d9-8b15-18e8deae2e88/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.onesignal.com/permanent/b92eb784-0bd4-49d9-8b15-18e8deae2e88/EVpFXUU8TSSaF5rKrl4H_cropped-cropped-1%201.png
Requested by
Host: getthemfree.com
URL: https://getthemfree.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d3fb964b8ce3d568784ea5165f3821e84242b33cdf03305f5ab9dde70cf61ce
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-goog-encryption-kms-key-name
projects/core-infra-onesignal/locations/europe-west4/keyRings/keyring-kms-onesignal/cryptoKeys/img-persistence-bucket-onesignal/cryptoKeyVersions/1
date
Sat, 06 Apr 2024 01:30:44 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
REVALIDATED
cf-polished
origSize=30355, status=vary_header_present
x-guploader-uploadid
ABPtcPrR6vt6wF0oFp0yZ-uVgu7TDrW9pYFl6WUA51Erg0fyPFDTZyJRC8I7lRn_cbZ0cmCdaTo
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
24372
pragma
no-cache
cf-bgj
imgq:85,h2pri
last-modified
Mon, 10 Apr 2023 22:27:20 GMT
server
cloudflare
etag
"-CLj/y4auoP4CEAE="
vary
Origin, Accept-Encoding
x-goog-generation
1681165640728504
content-type
image/png
x-goog-hash
crc32c=BnLVLg==, md5=kM4JQ9fBBq1HDrk0c2GYHw==
cache-control
public, max-age=2678400
x-goog-stored-content-length
30355
accept-ranges
bytes
cf-ray
86fe03ad4c50748b-MIA
expires
Tue, 07 May 2024 01:30:44 GMT
ecommerce.js
www.google-analytics.com/plugins/ua/ 		1 KB
655 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ecommerce.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f100.1e100.net
Software
sffe /
Resource Hash
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 00:38:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
3123
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
630
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 06 Apr 2024 01:38:41 GMT
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f100.1e100.net
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 00:38:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
3123
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1129
x-xss-protection
0
last-modified
Tue, 27 Jun 2023 17:28:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 06 Apr 2024 01:38:41 GMT
js
www.googletagmanager.com/gtag/ 		238 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FVWZ0RM4DH&l=audDataLayer
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/575
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.111.97 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
6198a468dc557e5119cf65cd1e0135fe44c3b815ac6f05dbadbe0bc9a3aae157
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 01:30:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86578
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 06 Apr 2024 01:30:44 GMT
collect
a.ad.gt/api/v1/ 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/collect
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/575
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://getthemfree.com
date
Sat, 06 Apr 2024 01:30:44 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
86fe03adaefc21d9-MIA
vary
Origin
getpixels
pixels.ad.gt/api/v1/ 		0
88 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixels.ad.gt/api/v1/getpixels?tagger_id=f7b95b0c694085b0d152470e14dcafaa&url=https%3A%2F%2Fgetthemfree.com%2F&code=%27none%27
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/575
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 01:30:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
86fe03ae5b7ca53f-MIA
AGSKWxV4VE999HeTEBChHlbUtWUTppZDJLnfRBS-bjyY0SM1SIwtq328eh3J0-MKKa5zZX0QdEqA80Zsx0mmncVem52shygrYQP-vnZTbBpE7kmYOz5NAPs5bVaFg3-gWM0Qc75gc-shoQ==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxV4VE999HeTEBChHlbUtWUTppZDJLnfRBS-bjyY0SM1SIwtq328eh3J0-MKKa5zZX0QdEqA80Zsx0mmncVem52shygrYQP-vnZTbBpE7kmYOz5NAPs5bVaFg3-gWM0Qc75gc-shoQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEyMzY3MDQ0LDgzNTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9nZXR0aGVtZnJlZS5jb20vIixudWxsLFtbOCwic0didTlBR1NnWWciXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.sGbu9AGSgYg.es5.O/am=wA/d=1/rs=AJlcJMz_w28gmMhOLqu37j7B7vieKY5s0w/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c1a6e5fda58b66eb968470d311e14b89bbcdacff622c985c490796aea0e1f834
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-iIJvMn3sK4RAxINVg9f-uw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 01:30:44 GMT
content-security-policy
script-src 'report-sample' 'nonce-iIJvMn3sK4RAxINVg9f-uw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjqtHikmLw1pBiUAzbyXTi1m2mC0B83ukO03UgrmV4xtQKxAYaz5ksgPjdl5dMHF9fMkkAsRoQ862bzqoCxJrrp7MGAnHM8-msKUDslD6DNQCIfepnsEYBcevNc6yTgfjkgvOsF4E46d951gIgFuLhOHL60AY2gRurPi5jBgCoBDxk"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		56 KB
19 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2042256077585477&correlator=496550980549208&eid=44809527%2C95327886%2C44780989&output=ldjh&gdfp_req=1&vrg=202404020101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&gpp_sid=-1&iu_parts=44890869%3A21687656306%2Cca-pub-3831894559014614-tag%2Ccabcae0f-c39a-4a7b-9f31-2444f6453dc4&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=9&sfv=1-0-40&fas=1&eri=1&sc=1&cookie=ID%3Da26cef00da2202be%3AT%3D1712367043%3ART%3D1712367043%3AS%3DALNI_MZldF_o87_fO4diu5oxaGRlHih6_Q&gpic=UID%3D00000dd911bead51%3AT%3D1712367043%3ART%3D1712367043%3AS%3DALNI_MZ6BQyeYkT9Kot3pOWKcuS2vXVCVA&abxe=1&dt=1712367044841&lmt=1712367044&adxs=-9&adys=-9&biw=1600&bih=1113&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTA1IixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEwNSJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTA1Il1dLDBd&url=https%3A%2F%2Fgetthemfree.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=282563199.1712367044&ga_sid=1712367044&ga_hid=1982678726&ga_fc=true&a3p=EhsKDDMzYWNyb3NzLmNvbRjSjZ6I6zFIAFICCG8SGgoNY3J3ZGNudHJsLm5ldBIAGKKPnojrMUgAEh0KDmVzcC5jcml0ZW8uY29tGL-JnojrMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2ljak0zY0U5VE1sUlRNSGwzTTJNemIxWnhhbGxMVVQwOUluMD0YwY6eiOsxSAASFwoIcnRiaG91c2UYv4meiOsxSABSAghk&dlt=1712367042926&idt=812&prev_scp=ti%3Db5ed889a-92dc-4713-ac3b-8c777f1c5535%26chrand%3Dy%26pof%3D0%26pdc%3D0.4829%26interstitials-bid%3D0.01%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D92&adks=2197342843&frm=20&eo_id_str=ID%3De00f5e8bfd01bfe2%3AT%3D1712367043%3ART%3D1712367043%3AS%3DAA-AfjYflCpcJTD5txsj03ti1KZU
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
a54feec32cf37e1aaa1e81139f47487f3ce884ff2188329da9d78dc35a204ec3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 01:30:45 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19636
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://getthemfree.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
e.js
live.demand.supply/e/ 		0
514 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=getthemfree.com_auto_interstitial_desktop&e=nai&dsReferer=Z2V0dGhlbWZyZWUuY29tLw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.30.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nf-request-id
01HRWM8KC4B7J77MEH1A4GHZ4J
date
Sat, 06 Apr 2024 01:30:44 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
705377
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
cache-status
"Netlify Edge"; fwd=stale
etag
"fbee6989874cef86694d7a2d31af072a-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
86fe03ae8f974954-MIA
e.js
live.demand.supply/e/ 		0
514 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=getthemfree.com_auto_interstitial_desktop&sn=3&ific=false&e=iar2&dsReferer=Z2V0dGhlbWZyZWUuY29tLw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.30.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nf-request-id
01HRWM8KC4B7J77MEH1A4GHZ4J
date
Sat, 06 Apr 2024 01:30:45 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
705378
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
cache-status
"Netlify Edge"; fwd=stale
etag
"fbee6989874cef86694d7a2d31af072a-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
86fe03ae8f9f4954-MIA
ads
securepubads.g.doubleclick.net/gampad/ 		185 KB
52 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2042256077585477&correlator=2199336677448650&eid=44809527%2C95327886%2C44780989&output=ldjh&gdfp_req=1&vrg=202404020101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&gpp_sid=-1&iu_parts=44890869%3A21687656306%2Cca-pub-3831894559014614-tag%2C518dc1f0-8d94-4ee5-bb04-435931b345a2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=10&sfv=1-0-40&ists=1&fas=8&fsapi=1&eri=1&sc=1&cookie=ID%3Da26cef00da2202be%3AT%3D1712367043%3ART%3D1712367043%3AS%3DALNI_MZldF_o87_fO4diu5oxaGRlHih6_Q&gpic=UID%3D00000dd911bead51%3AT%3D1712367043%3ART%3D1712367043%3AS%3DALNI_MZ6BQyeYkT9Kot3pOWKcuS2vXVCVA&abxe=1&dt=1712367044877&lmt=1712367044&adxs=-9&adys=-9&biw=1600&bih=1113&scr_x=0&scr_y=0&btvi=-1&ucis=4&oid=2&u_his=2&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTA1IixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEwNSJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTA1Il1dLDBd&url=https%3A%2F%2Fgetthemfree.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=282563199.1712367044&ga_sid=1712367044&ga_hid=1982678726&ga_fc=true&a3p=EhsKDDMzYWNyb3NzLmNvbRjSjZ6I6zFIAFICCG8SGgoNY3J3ZGNudHJsLm5ldBIAGKKPnojrMUgAEh0KDmVzcC5jcml0ZW8uY29tGL-JnojrMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2ljak0zY0U5VE1sUlRNSGwzTTJNemIxWnhhbGxMVVQwOUluMD0YwY6eiOsxSAASFwoIcnRiaG91c2UYv4meiOsxSABSAghk&dlt=1712367042926&idt=812&prev_scp=ti%3Db5ed889a-92dc-4713-ac3b-8c777f1c5535%26interstitials-bid%3D0.2%26bid-p%3Dgoogle%26bsc%3D92&adks=3913562656&frm=20&eo_id_str=ID%3De00f5e8bfd01bfe2%3AT%3D1712367043%3ART%3D1712367043%3AS%3DAA-AfjYflCpcJTD5txsj03ti1KZU
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
01e8ad78b60e06c7162adc28083b1d7dcced588001e9870155503f262e55387e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 01:30:45 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53195
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://getthemfree.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
275 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e9d4e4eff46320270755a91dbe4d1e822ce9a4c5e990e0f0a5038b3b6c4b8ea
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://getthemfree.com
date
Sat, 06 Apr 2024 01:30:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
container.html
af98924eabbe11dfd04de132ef8e86cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AA43 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://af98924eabbe11dfd04de132ef8e86cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://getthemfree.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 06 Apr 2024 01:30:45 GMT
expires
Sun, 06 Apr 2025 01:30:45 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e.js
live.demand.supply/e/ 		0
516 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.2&b=3&r=getthemfree.com_auto_interstitial_desktop&sy=f1e98736-de9a-41e0-8bd3-caa100b0dc31&ts=92&cd=2&pud=313&pus=c&pue=1615&pid=234&pis=c&pie=1848&ppd=438&pps=a&ppe=2052&pcl=1712&ttc=2055&tti=3794&ttif=0&lca=2052&lcak=ppe&lct=2052&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=getthemfree.com&mlre=undefined&mlin=1&mlsi=undefinedxundefined&mlbw=4g&mlcs=NaN&mltp=unset&e=lm&dsReferer=Z2V0dGhlbWZyZWUuY29tLw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.30.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nf-request-id
01HRWM8KC4B7J77MEH1A4GHZ4J
date
Sat, 06 Apr 2024 01:30:45 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
705378
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
cache-status
"Netlify Edge"; fwd=stale
etag
"fbee6989874cef86694d7a2d31af072a-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
86fe03b1fb034954-MIA
container.html
af98924eabbe11dfd04de132ef8e86cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 668A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://af98924eabbe11dfd04de132ef8e86cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://getthemfree.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 06 Apr 2024 01:30:45 GMT
expires
Sun, 06 Apr 2025 01:30:45 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sda.css
live.demand.supply/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/css/sda.css
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
649af545f5efd2a265363ceeb7fdf9dc6dc8c85dfba4d7d3a538930c3d181b39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nf-request-id
01HRW74RH3VG6G854KNSSQY470
date
Sat, 06 Apr 2024 01:30:45 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
server
cloudflare
age
1587208
cache-status
"Netlify Edge"; fwd=miss
etag
W/"033ba994148e3694747e352e8919f29e-ssl-df"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
max-age=2592000,immutable,stale-if-error=604800
cf-ray
86fe03b26d53a4e6-MIA
alt-svc
h3=":443"; ma=86400
/
fundingchoicesmessages.google.com/f/AGSKWxUhDYOJzQvY6r9FkeMJ36qK4F4Srr-FgYCsqX_-iCVHYuHlF-CKVfRN5TCY9HRaIW4lL4hXzne8YvfrlCcmpDosRYLZNncuUppdghvks29NEE8PxIAYa7k5Y76V_YU8x_Ja4yVI4WU18qHi0e5X2p-CW3xUE... 		54 B
110 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUhDYOJzQvY6r9FkeMJ36qK4F4Srr-FgYCsqX_-iCVHYuHlF-CKVfRN5TCY9HRaIW4lL4hXzne8YvfrlCcmpDosRYLZNncuUppdghvks29NEE8PxIAYa7k5Y76V_YU8x_Ja4yVI4WU18qHi0e5X2p-CW3xUEN23Tazo8ykkuLYy8CiuC4i40lVwTOGt/_.za/ads./clickboothad.=GetSponsorAds&_ads.html-ad/dist/
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.sGbu9AGSgYg.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwA5cs1QTtFRmG_GKR0UrFZHYFwzw/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.113 -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
cab2395492e689393f4384aa6c526264253d1872ca05d1ce9a2e743c661d0bc0
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-UvfskCXBEr74Sp4cUXc7Dg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 01:30:45 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-UvfskCXBEr74Sp4cUXc7Dg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmLw15BiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJo6vL5kkgFgNiPnWTWdVAWLN9dNZA4E45vl01hQgdkqfwRoAxD71M1ijgLj15jnWyUB8csF51otAnPTvPGsBEAvxcBw9fWgDm0DDpAXTmQCM0jVU"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
osd.js
pagead2.googlesyndication.com/pagead/ 		61 B
76 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/osd.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.sGbu9AGSgYg.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwA5cs1QTtFRmG_GKR0UrFZHYFwzw/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f155.1e100.net
Software
cafe /
Resource Hash
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 01:28:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
142
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51
x-xss-protection
0
server
cafe
etag
16023549773543154165
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sat, 06 Apr 2024 02:28:23 GMT
AGSKWxUOVFBWTkNbbwJKsRLJY9nRZ_l49Z5-EO0shSwrEtqsX8k_PATYzp1Z9TSDwYSINObG5d6-CwPMuPEeW02boZqfOUxfepaF9Nv_JhFHVS7sMR3EuTZJrzFpY__ULznvI-03mXd2Qg==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUOVFBWTkNbbwJKsRLJY9nRZ_l49Z5-EO0shSwrEtqsX8k_PATYzp1Z9TSDwYSINObG5d6-CwPMuPEeW02boZqfOUxfepaF9Nv_JhFHVS7sMR3EuTZJrzFpY__ULznvI-03mXd2Qg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.sGbu9AGSgYg.es5.O/am=wA/d=1/rs=AJlcJMz_w28gmMhOLqu37j7B7vieKY5s0w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.113 -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Hqqnv8gzEHN1ev4pIQ6GwQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 06 Apr 2024 01:30:45 GMT
content-security-policy
script-src 'report-sample' 'nonce-Hqqnv8gzEHN1ev4pIQ6GwQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw0pBiqGV4xtQKxE7pM1hDgFiIh-Po6UMb2AROfJ92hAkAyFcMvg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://getthemfree.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
v3
id5-sync.com/gm/ 		0
0
AGSKWxUOVFBWTkNbbwJKsRLJY9nRZ_l49Z5-EO0shSwrEtqsX8k_PATYzp1Z9TSDwYSINObG5d6-CwPMuPEeW02boZqfOUxfepaF9Nv_JhFHVS7sMR3EuTZJrzFpY__ULznvI-03mXd2Qg==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUOVFBWTkNbbwJKsRLJY9nRZ_l49Z5-EO0shSwrEtqsX8k_PATYzp1Z9TSDwYSINObG5d6-CwPMuPEeW02boZqfOUxfepaF9Nv_JhFHVS7sMR3EuTZJrzFpY__ULznvI-03mXd2Qg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.sGbu9AGSgYg.es5.O/am=wA/d=1/rs=AJlcJMz_w28gmMhOLqu37j7B7vieKY5s0w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.113 -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-TCEtgoxUAwwzK7cFfOA2Ng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 06 Apr 2024 01:30:45 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-TCEtgoxUAwwzK7cFfOA2Ng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw0ZBiqGV4xtQKxE7pM1hDgFiIh-Po6UMb2AQu_Fp0hAkAygMM3w"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://getthemfree.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUOVFBWTkNbbwJKsRLJY9nRZ_l49Z5-EO0shSwrEtqsX8k_PATYzp1Z9TSDwYSINObG5d6-CwPMuPEeW02boZqfOUxfepaF9Nv_JhFHVS7sMR3EuTZJrzFpY__ULznvI-03mXd2Qg==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUOVFBWTkNbbwJKsRLJY9nRZ_l49Z5-EO0shSwrEtqsX8k_PATYzp1Z9TSDwYSINObG5d6-CwPMuPEeW02boZqfOUxfepaF9Nv_JhFHVS7sMR3EuTZJrzFpY__ULznvI-03mXd2Qg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.sGbu9AGSgYg.es5.O/am=wA/d=1/rs=AJlcJMz_w28gmMhOLqu37j7B7vieKY5s0w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.113 -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7cjP2nxPXUZ0IrEYsAOmUA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 06 Apr 2024 01:30:45 GMT
content-security-policy
script-src 'report-sample' 'nonce-7cjP2nxPXUZ0IrEYsAOmUA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktHikmLw1JBiWMy_i6mW4RlTKxA7pc9gDQFiIR6Oo6cPbWATWHCm9wgTAPtlDds"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://getthemfree.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUOVFBWTkNbbwJKsRLJY9nRZ_l49Z5-EO0shSwrEtqsX8k_PATYzp1Z9TSDwYSINObG5d6-CwPMuPEeW02boZqfOUxfepaF9Nv_JhFHVS7sMR3EuTZJrzFpY__ULznvI-03mXd2Qg==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUOVFBWTkNbbwJKsRLJY9nRZ_l49Z5-EO0shSwrEtqsX8k_PATYzp1Z9TSDwYSINObG5d6-CwPMuPEeW02boZqfOUxfepaF9Nv_JhFHVS7sMR3EuTZJrzFpY__ULznvI-03mXd2Qg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.sGbu9AGSgYg.es5.O/am=wA/d=1/rs=AJlcJMz_w28gmMhOLqu37j7B7vieKY5s0w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.113 -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-bl8UQ23twWY4MG_BiPrSqw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 06 Apr 2024 01:30:45 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-bl8UQ23twWY4MG_BiPrSqw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw15BiqGV4xtQKxE7pM1hDgFiIh-Po6UMb2AQmdHUeYQIAxx4MGQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://getthemfree.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWdHohPFu9q4ZYCEZ3ShpfRwawS-M2bt3vsl6S-8VVbyJAeEG3MvFIc_6mv53HnbwceTZ197Mz9h2HzSgbMGiGH9oXlqTzgdHNeynV-fxxwkBMAMpOj6Uwvjrfkt77dIzbO7OVySA==
fundingchoicesmessages.google.com/f/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWdHohPFu9q4ZYCEZ3ShpfRwawS-M2bt3vsl6S-8VVbyJAeEG3MvFIc_6mv53HnbwceTZ197Mz9h2HzSgbMGiGH9oXlqTzgdHNeynV-fxxwkBMAMpOj6Uwvjrfkt77dIzbO7OVySA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEyMzY3MDQ1LDYyODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vZ2V0dGhlbWZyZWUuY29tLyIsbnVsbCxbWzgsInNHYnU5QUdTZ1lnIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.sGbu9AGSgYg.es5.O/am=wA/d=1/rs=AJlcJMz_w28gmMhOLqu37j7B7vieKY5s0w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.113 -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
05b2ad1b47c1135b48a487ae14860898293c6f902ea25aba18da196beebc0ce0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-YBqkWZ_kpb6bTbK1T7n1DQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 01:30:45 GMT
content-security-policy
script-src 'report-sample' 'nonce-YBqkWZ_kpb6bTbK1T7n1DQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjqtDikmLw0JBiOHHrNtMFID7vdIfpOhDXMjxjagViA43nTBZA_O7LSyaOry-ZJIBYDYj51k1nVQFizfXTWQOBOOb5dNYUIHZKn8EaAMQ-9TNYo4C49eY51slAfHLBedaLQJz07zxrARAL8XAcPX1oA5vAjLlvDjIBAAQBOvQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95abaca5a5f710cf478b0360960174ac2153a14f8e875794d2dda4df164263ae

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
AGSKWxUOVFBWTkNbbwJKsRLJY9nRZ_l49Z5-EO0shSwrEtqsX8k_PATYzp1Z9TSDwYSINObG5d6-CwPMuPEeW02boZqfOUxfepaF9Nv_JhFHVS7sMR3EuTZJrzFpY__ULznvI-03mXd2Qg==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUOVFBWTkNbbwJKsRLJY9nRZ_l49Z5-EO0shSwrEtqsX8k_PATYzp1Z9TSDwYSINObG5d6-CwPMuPEeW02boZqfOUxfepaF9Nv_JhFHVS7sMR3EuTZJrzFpY__ULznvI-03mXd2Qg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.sGbu9AGSgYg.es5.O/am=wA/d=1/rs=AJlcJMz_w28gmMhOLqu37j7B7vieKY5s0w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.113 -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-5_h1mJweOdq6QZbfTugM5w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 06 Apr 2024 01:30:45 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-5_h1mJweOdq6QZbfTugM5w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw0JBiqGV4xtQKxE7pM1hDgFiIh-Po6UMb2ARe9LbNYwYAx6AMRQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://getthemfree.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUV6apUrffN3m7_uAQUXXXP0jW2zMPy-2IwrAxHOrxtUC3GcidW4OFEnWm-vV0yAU0evljXZ6E0tsQTEJTxmqrqf0YjxaebZxH5BCcxXhC-DEA2OZ63u60qAtLnQMOt07_HY2alsA==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUV6apUrffN3m7_uAQUXXXP0jW2zMPy-2IwrAxHOrxtUC3GcidW4OFEnWm-vV0yAU0evljXZ6E0tsQTEJTxmqrqf0YjxaebZxH5BCcxXhC-DEA2OZ63u60qAtLnQMOt07_HY2alsA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEyMzY3MDQ1LDc5OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vZ2V0dGhlbWZyZWUuY29tLyIsbnVsbCxbWzgsInNHYnU5QUdTZ1lnIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.sGbu9AGSgYg.es5.O/am=wA/d=1/rs=AJlcJMz_w28gmMhOLqu37j7B7vieKY5s0w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.113 -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
63f940cc29c9f4c4732e5ae63b3ef608a3096fb8e93aeac57cbf28a2c92467a9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-_qt8MzzWBtyqc5W9Xbhxuw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 01:30:45 GMT
content-security-policy
script-src 'report-sample' 'nonce-_qt8MzzWBtyqc5W9Xbhxuw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmJw1pBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJo6vL5kkgFgNiPnWTWdVAWLN9dNZA4E45vl01hQgdkqfwRoAxD71M1ijgLj15jnWyUB8csF51otAnPTvPGsBEAvxcBw9fWgDm8CJVztnMwMAijY2Bg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWejCwC82jLIwydxc_NjOqyPzIlbx-DidAlAlOkhWfyBmyh1Hl2L7ol4hJgpBpXX-1jqiflqdlzhHgYP4wY0FHpr-l8K8htyoGQYBpi1r9WewpAkkuQRz379yzBwadaElF-YqbGBg==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWejCwC82jLIwydxc_NjOqyPzIlbx-DidAlAlOkhWfyBmyh1Hl2L7ol4hJgpBpXX-1jqiflqdlzhHgYP4wY0FHpr-l8K8htyoGQYBpi1r9WewpAkkuQRz379yzBwadaElF-YqbGBg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEyMzY3MDQ1LDkxNzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9nZXR0aGVtZnJlZS5jb20vIixudWxsLFtbOCwic0didTlBR1NnWWciXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.sGbu9AGSgYg.es5.O/am=wA/d=1/rs=AJlcJMz_w28gmMhOLqu37j7B7vieKY5s0w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.113 -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
e396897cca14063a3f4a473c19abca306a1eda652fbd6da5f7d37c4c81c41736
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-yXhPuwNogXyW35xW-ZvQgw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 01:30:45 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-yXhPuwNogXyW35xW-ZvQgw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmII1pBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJo6vL5kkgFgNiPnWTWdVAWLN9dNZA4E45vl01hQgdkqfwRoAxD71M1ijgLj15jnWyUB8csF51otAnPTvPGsBEAvxcBw9fWgDm8CB59PPMAMAkZ42Gg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUXfRD5OI-yoFo_GdSRrJbULqmBcSqC5_mGC3hDNgHnqAI5HUMQfXs7S4dz29XmqQjOagAgUU4JAdDowhJWuTeLRX3XVVGWDWO7MrKQmDJOyrIkoE8Ks3XxXoQ4hgaKRLKB5NUQqA==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUXfRD5OI-yoFo_GdSRrJbULqmBcSqC5_mGC3hDNgHnqAI5HUMQfXs7S4dz29XmqQjOagAgUU4JAdDowhJWuTeLRX3XVVGWDWO7MrKQmDJOyrIkoE8Ks3XxXoQ4hgaKRLKB5NUQqA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.sGbu9AGSgYg.es5.O/am=wA/d=1/rs=AJlcJMz_w28gmMhOLqu37j7B7vieKY5s0w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.113 -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-rSfa9UENiZBm_6QqScjPeA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 06 Apr 2024 01:30:46 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-rSfa9UENiZBm_6QqScjPeA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw1pBiqGV4xtQKxE7pM1hDgFiIm-PY6UMb2AQerJgiDQC7hgvj"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://getthemfree.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUOVFBWTkNbbwJKsRLJY9nRZ_l49Z5-EO0shSwrEtqsX8k_PATYzp1Z9TSDwYSINObG5d6-CwPMuPEeW02boZqfOUxfepaF9Nv_JhFHVS7sMR3EuTZJrzFpY__ULznvI-03mXd2Qg==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUOVFBWTkNbbwJKsRLJY9nRZ_l49Z5-EO0shSwrEtqsX8k_PATYzp1Z9TSDwYSINObG5d6-CwPMuPEeW02boZqfOUxfepaF9Nv_JhFHVS7sMR3EuTZJrzFpY__ULznvI-03mXd2Qg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.sGbu9AGSgYg.es5.O/am=wA/d=1/rs=AJlcJMz_w28gmMhOLqu37j7B7vieKY5s0w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.113 -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-e_NaA5CquRmz7OcMqvQUGw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://getthemfree.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 06 Apr 2024 01:30:46 GMT
content-security-policy
script-src 'report-sample' 'nonce-e_NaA5CquRmz7OcMqvQUGw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw0JBiqGV4xtQKxE7pM1hDgFiIm-PY6UMb2AQazr-WBAC6xAv8"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://getthemfree.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
id5-sync.com
URL
https://id5-sync.com/gm/v3

Verdicts & Comments Add Verdict or Comment

349 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 undefined| $ function| jQuery object| preloader_plus function| documentInitOneSignal function| OneSignal object| adsbygoogle function| gtag object| dataLayer object| now number| theYear number| sc_project string| sc_security number| sc_invisible string| scJsHost string| demandSupplySc string| demandSupplyCr number| demandSupplySr object| houseAdCampaigns number| demandSupplyPDI number| demandSupplyDFSS number| demandSupplyCRR object| demandSupply object| googletag object| apstag function| _statcounter number| __oneSignalSdkLoadCount object| _oneSignalInitOptions function| __jp0 object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| Bh object| dspbjs object| demandSupplyFS object| _app object| google_tag_manager string| GoogleAnalyticsObject function| ga object| gaGlobal object| _aps boolean| apstagLOADED object| apscustom object| lotame_sync_16576 function| ha object| gaplugins object| gaData function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| _33AcrossIdMappingsProvider object| hadron boolean| __halo_loaded__ object| _33across object| __id5_finalization_registry object| ID5 object| regeneratorRuntime object| ox_esp object| PublisherCommonId object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_152 object| Criteo object| Criteo_identitytag_152 function| lotameIsCompatible function| sync16576_aa function| sync16576_c undefined| sync16576_d undefined| sync16576_ba undefined| sync16576_e function| sync16576_f object| sync16576_h function| sync16576_ca function| sync16576_j function| sync16576_da object| sync16576_ object| sync16576_t object| sync16576_ga object| sync16576_u object| sync16576_pa function| sync16576_a function| sync16576_b function| sync16576_g function| sync16576_i function| sync16576_k function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_o function| sync16576_p function| sync16576_q function| sync16576_r function| sync16576_fa function| sync16576_ea function| sync16576_s function| sync16576_v function| sync16576_x function| sync16576_y function| sync16576_z function| sync16576_ha function| sync16576_ia function| sync16576_A function| sync16576_ja function| sync16576_B function| sync16576_C function| sync16576_w function| sync16576_D function| sync16576_ka function| sync16576_E function| sync16576_F function| sync16576_G function| sync16576_la function| sync16576_H function| sync16576_I function| sync16576_J function| sync16576_K function| sync16576_L function| sync16576_M function| sync16576_ma function| sync16576_na function| sync16576_oa function| sync16576_N function| sync16576_O function| sync16576_qa function| sync16576_P function| sync16576_ra function| sync16576_sa function| sync16576_ta function| sync16576_Q function| sync16576_ua function| sync16576_va function| sync16576_wa function| sync16576_xa function| sync16576_R function| sync16576_ya function| sync16576_S function| sync16576_T function| sync16576_U function| sync16576_V function| sync16576_za function| sync16576_W function| sync16576_X function| sync16576_Y function| sync16576_Z function| sync16576__ function| sync16576_0 function| sync16576_Da function| sync16576_Aa function| sync16576_1 function| sync16576_Ca function| sync16576_Ba function| sync16576_2 function| sync16576_3 function| sync16576_4 function| sync16576_5 function| sync16576_Fa function| sync16576_Ga function| sync16576_Ia function| sync16576_Ea function| sync16576_7 function| sync16576_Ha function| sync16576_Ka function| sync16576_Ja function| sync16576_8 function| sync16576_6 function| sync16576_9 function| sync16576_La function| sync16576_Ma function| sync16576_Na function| sync16576_Oa function| sync16576_$ function| sync16576_Pa function| sync16576_Qa function| sync16576_Ra function| sync16576_Sa function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_t object| sync16589_ga object| sync16589_u object| sync16589_pa function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_v function| sync16589_x function| sync16589_y function| sync16589_z function| sync16589_ha function| sync16589_ia function| sync16589_A function| sync16589_ja function| sync16589_B function| sync16589_C function| sync16589_w function| sync16589_D function| sync16589_ka function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_la function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_M function| sync16589_ma function| sync16589_na function| sync16589_oa function| sync16589_N function| sync16589_O function| sync16589_qa function| sync16589_P function| sync16589_ra function| sync16589_sa function| sync16589_ta function| sync16589_Q function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_xa function| sync16589_R function| sync16589_ya function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_za function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Da function| sync16589_Aa function| sync16589_1 function| sync16589_Ca function| sync16589_Ba function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Fa function| sync16589_Ga function| sync16589_Ia function| sync16589_Ea function| sync16589_7 function| sync16589_Ha function| sync16589_Ka function| sync16589_Ja function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_La function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_$ function| sync16589_Pa function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa object| lotame_sync_16589 object| au object| googlefc boolean| adsbygoogle_ama_fc_has_run object| googTempStyleOverrideInfo object| googNavStack object| auvars function| docReady object| autag object| audDataLayer function| audGtag object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| NDhkNTI2M2IxMjUzYmY5N2xvYWRlcl9qcw== string| NDhkNTI2M2IxMjUzYmY5N2NhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady

53 Cookies

Domain/Path Name / Value
.getthemfree.com/ Name: wschkid
Value: 441170aa56721044e9049a17a15bdc021d9655ff.1712453441.1
.demand.supply/ Name: __cf_bm
Value: QVPMfbyfJvs22B0axkCnaEeq9fh3leaTjh89isffX5I-1712367043-1.0.1.1-roGY74sifDp4Y.6f15o_PhO3gYaE_jcPfwVW7iCy2ZLqsWQI_FB7hgOunJJqo5LyPX7v7gPFBObKaLj9V0OoWw
.onesignal.com/ Name: __cf_bm
Value: 8Tw2UQNH.0SsvYVCrTsy3rDqkjZgBuiq9A9IfPkCp2A-1712367043-1.0.1.1-RnvOnrVuqldVJdUxGX95L3wCgEv80QzsC4V5I5V1ZeEHVjFDYv9BfbWX.VQmqSu3pudF2cY77wlgb47qTGRXAQ
.getthemfree.com/ Name: sc_is_visitor_unique
Value: rx11073881.1712367043.4AB6111D09234FC1CED98D035105D46F.1.1.1.1.1.1.1.1.1
.statcounter.com/ Name: is_unique
Value: sc11073881.1712367043.0
.statcounter.com/ Name: is_visitor_unique
Value: 1712367043149227250
.getthemfree.com/ Name: _ga
Value: GA1.2.282563199.1712367044
.getthemfree.com/ Name: _gid
Value: GA1.2.1058580189.1712367044
.getthemfree.com/ Name: _gat_gtag_UA_109750086_4
Value: 1
.33across.com/ Name: check
Value: true
.openx.net/ Name: i
Value: af7ee939-2d93-4b4c-b0dd-cde856a8d829|1712367044
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.criteo.com/ Name: uid
Value: 61211c6c-3a6c-42b4-a8cc-de5a799fe3d7
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: c3706df20eeaebe3a95f242c3c5be74
.getthemfree.com/ Name: _cc_id
Value: c3706df20eeaebe3a95f242c3c5be74
.getthemfree.com/ Name: _au_1d
Value: AU1D-0100-001712367045-DAC05IDJ-9FPM
.getthemfree.com/ Name: panoramaId_expiry
Value: 1712453444507
.openx.net/ Name: pd
Value: v2|1712367044|vMgavPkWgy
.tapad.com/ Name: TapAd_TS
Value: 1712367044636
.tapad.com/ Name: TapAd_DID
Value: 1040fa65-5a2e-44cb-8ff8-eb56ec9e2e84
.pubmatic.com/ Name: KTPCACOOKIE
Value: true
.getthemfree.com/ Name: cto_bundle
Value: SEJ3L19iWGozYnhaVkVWS0xwcDdESEVhNVJuYXdoMVJ1aDB4RG5hZ3lLV3pMRG53Z2ROV2Q2SWJxTkpxRjdqT0laRUNDT28lMkYlMkJzJTJGWklBRHFOREpmdHJxbTV3T1BjU09pdlZhRGdZaW9MJTJCb2JFa0pGUWpmUWpheWtBNGxQTjRpTXFCdndpbCUyQm1UWERsbmJxTU5iWHBobSUyRnpwOUElM0QlM0Q
.yahoo.com/ Name: A3
Value: d=AQABBMSlEGYCEIx29gxyKQmcTCbGlyFXXn8FEgEBAQH3EWYaZgAAAAAA_eMAAA&S=AQAAAlPXI6Lj9MBlL603bZLHRJA
.adnxs.com/ Name: XANDR_PANID
Value: u3jxo79M-xp5ETuU4UmduNeHgZfo6oHK4ipjXHwq8iPgjfw2reXDaM-sSDuYg7bM6Er3YPk0sEF3D6bgtn8ra8aYlSkjNNSeJIY17YKxdGI.
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 6467454702009562819
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 761E79A2-5107-44BC-B0BE-DD796766C5F8
.rubiconproject.com/ Name: khaos
Value: LUNF4JUK-1W-BT8T
.rubiconproject.com/ Name: audit
Value: 1|LkI5wEg5h+fDfS0B77SjKPOdXzftL3TGJNQk6t47XA6bz16xSA9sXflXifKVRunJXrQNqxmT5NbyUhTWCqUS/Pv31DA4fHDqMp0HTDw5gZ7V/IjBlWfcnYv0e5GmBiHGvbTLcU59jlsUGKtMlIUuHDtI8JxSLcfiYPDxny9O7hNPVHjylZIeXNAPlTu0R9RN
.adsrvr.org/ Name: TDID
Value: eb42d5e4-2180-4109-a1fc-5b2e81dffb24
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!2329
.turn.com/ Name: uid
Value: 3063437934731683584
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.doubleclick.net/ Name: IDE
Value: AHWqTUnHQxMQ_AnP5UXuJlqeYb0vxqWoYVUXE-achHKZNox2SmAQYCy10eBQ-8F2aAE
.amazon-adsystem.com/ Name: ad-id
Value: A_T8jISRnkjRko7eTHcFVtk
.getthemfree.com/ Name: __gads
Value: ID=e5655131fbc1b1d9:T=1712367044:RT=1712367044:S=ALNI_MYqTFVpxksvq3WgD9Vf-iMi53jdLw
.getthemfree.com/ Name: __gpi
Value: UID=00000dd9111c5957:T=1712367044:RT=1712367044:S=ALNI_MYhg4_giUvPjCl-K7QMQNyurxqdnA
.getthemfree.com/ Name: __eoi
Value: ID=288470bf9fd2561f:T=1712367044:RT=1712367044:S=AA-AfjYQpjMRDsDCAdfdW8OAIbyz
.demdex.net/ Name: demdex
Value: 09726853124841323783055383026355538446
.dpm.demdex.net/ Name: dpm
Value: 09726853124841323783055383026355538446
.simpli.fi/ Name: suid
Value: B3071817ACD0489ABC0A9D5DD85ECD45
.doubleclick.net/ Name: DSID
Value: NO_DATA
.sharethrough.com/ Name: stx_user_id
Value: 8581b669-d69b-4883-aeb1-9901f4aa6510
.s3xified.com/ Name: admRtbUidCkey34334Ssp245
Value: 3ee3ceffccefc96897943b17d985f6ad
.mediago.io/ Name: __mguid_
Value: 6b362933dc2c8fc82x73qj00lunf4k5x
.zemanta.com/ Name: zuid
Value: 1S7aJ5PaEiQBwcpeMjN1
.bidr.io/ Name: bito
Value: AAC8AE7MIUwAAGJyvndUZg
.bidr.io/ Name: bitoIsSecure
Value: ok
.adsrvr.org/ Name: TDCPM
Value: CAESGwoMc2hhcmV0aHJvdWdoEgsI3pvk6ub46jwQBRgBIAEoAjILCIiS55f9-Oo8EAU4AVoMc2hhcmV0aHJvdWdoYAI.
.getthemfree.com/ Name: _ga_18RX439ERZ
Value: GS1.1.1712367043.1.0.1712367045.58.0.0
.dotomi.com/ Name: DotomiTest
Value: 2a018eabb50c116d
.technoratimedia.com/ Name: tads_ipv6
Value: 2001:550:1d05:1::8

266 Console Messages

Source Level URL
Text
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://p.ad.gt/api/v1/p/575
Message:
Unrecognized feature: 'attribution-reporting'.
deprecation warning URL: https://www.google-analytics.com/analytics.js(Line 82)
Message:
The keyword 'push-button' specified to an 'appearance' property is not standardized. It will be removed in the future.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://getthemfree.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
aax.amazon-adsystem.com
af98924eabbe11dfd04de132ef8e86cd.safeframe.googlesyndication.com
analytics.google.com
api.demand.supply
bcp.crwdcntrl.net
c.amazon-adsystem.com
c.statcounter.com
cdn-ima.33across.com
cdn.hadronid.net
cdn.id5-sync.com
cdn.onesignal.com
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
d.turn.com
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
getthemfree.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
i.imgur.com
id.hadron.ad.gt
id5-sync.com
ids.ad.gt
image2.pubmatic.com
img.onesignal.com
invstatic101.creativecdn.com
lb.eu-1-id5-sync.com
lexicon.33across.com
live.demand.supply
match.adsrvr.org
oa.openxcdn.net
oajs.openx.net
onesignal.com
p.ad.gt
pagead2.googlesyndication.com
pixel.tapad.com
pixels.ad.gt
s.amazon-adsystem.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.statcounter.com
securepubads.g.doubleclick.net
static.criteo.net
stats.g.doubleclick.net
sync.1rx.io
tags.crwdcntrl.net
token.rubiconproject.com
www.google-analytics.com
www.googletagmanager.com
id5-sync.com
104.16.133.22
104.16.134.22
104.17.111.223
104.20.95.138
13.225.195.74
142.251.111.155
142.251.111.97
142.251.167.155
142.251.167.156
146.75.36.193
15.197.193.217
162.19.138.83
172.253.115.113
172.253.62.100
172.253.63.155
172.64.152.89
172.67.198.47
18.214.198.116
23.14.152.251
2606:4700:10::6816:3456
2606:4700:10::6816:35ad
2606:4700:10::6816:445
2606:4700:10::6816:545
2606:4700:10::ac43:17ea
2607:f8b0:4004:c06::5f
2607:f8b0:4004:c06::71
2607:f8b0:4004:c06::84
2607:f8b0:4004:c06::8b
2607:f8b0:4004:c07::5e
2607:f8b0:4004:c07::8a
2607:f8b0:4004:c08::9b
2607:f8b0:4004:c19::61
2607:f8b0:4004:c19::9d
2620:100:a001::4
2620:100:a001::c
2620:112:f008:200::101
3.161.215.181
3.162.3.126
3.162.8.154
34.102.146.192
34.111.113.62
34.120.135.53
34.96.70.87
34.98.64.218
35.171.196.178
35.244.193.51
52.46.143.56
68.67.178.10
69.173.151.100
69.194.240.13
8.28.7.83
01e8ad78b60e06c7162adc28083b1d7dcced588001e9870155503f262e55387e
043695f80dfeffcab7618fe294701f6c1d87209e21704efea9c9d622f8ba3acf
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
05b2ad1b47c1135b48a487ae14860898293c6f902ea25aba18da196beebc0ce0
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08780e374b41f3c8d8bdffdc9f54643c85bfbfea42232d082a9d714ac6f614bd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d
0eef34c4edfb01eeb5ddb3c6e4126066bfffbc17dbcd4a5d5c28987abbe1400e
0f1a83a67a5608a3e9f40bedb3cb8c22400fa7c951c6c9ed69558a0e34c724ee
163f56b3b6e604ea7f6aae49c6f6069fc9626233680d09d8a1034440d93d4ac4
22542da93948262e8f80f10cabdd6bbf80b4b341fddba371cbbf59368ccfb10a
23452e808e2b39a7c40341c31c2a707a3be2cfbe44800baa75f3dba415f12fcb
25cb3f54ef0953d30039c1189b90187639aa607db69acc4d247f77ac81191382
2ac6aef1d4396fbf199ae8dc0a823013452ca6573bd210a77bbab1ac10f93fb5
2ddd96839c08e8cbdd3b1f56569b6d4770021731534b98dd17dec8526bb0d151
2f2ef1a173106efc9f1e2048ee2a1f0ecac78e166a57e83128776f565312357e
3185566f6af213fbc25952c158e163b424487337504166d169d84e3e439584e1
35dbe43884ae9399e35f22ff0e1aa7ba4ae61266351b591bacaf8393be7f873f
39e050c4b7ea462b37b6f3ac2cab54e28a3d41f0bb5ca867d42eed13db896c69
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
47c1a4540623d2e00f1e4922f331b9aaf09b4da9b3a0ee3339a5793dd062fc0c
4eec87ac4ec72c8dcc82ae2234e510c62466d85805f92fd7251a998c260a70e2
514ae0bec3cdce13932a24325f6b140a60659443940bfdeee8329b5833dfeed0
52eeddca070a378eff31e61eed1f2f9c4068550af86bad3cfde565c07d933ea3
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
561aec52e5ec804ee143532298b8677dcf6da42fec6541484f50cdb94611d65b
58054b6418eea2eee57bdd56d2b904c6a29d099d4fc13ca21406bf35a8aab715
58274c5b2e55bb32d59bbd649ae6e3a4369e8e479b17a0b2c763abb09b8cb0fb
58e65983c7ef4426dc8e721f57d5655fb1d1c2813ab048899bfc65c2619174b2
595b6576e594c3553ce7a36527799e7e613828aa6b3e178831b087a8e6980412
5e9d4e4eff46320270755a91dbe4d1e822ce9a4c5e990e0f0a5038b3b6c4b8ea
6198a468dc557e5119cf65cd1e0135fe44c3b815ac6f05dbadbe0bc9a3aae157
62160f8005b05333e788cdc838dcddedf2039a7f8084ab5926d11651b4bcdd84
63f940cc29c9f4c4732e5ae63b3ef608a3096fb8e93aeac57cbf28a2c92467a9
649af545f5efd2a265363ceeb7fdf9dc6dc8c85dfba4d7d3a538930c3d181b39
68420f584eab089b657ad902b4749ab0a21a6731f50b636f48be68143dc09bd9
69e7e4728a3be58f64bae22c06c2d0daef329647c7c50cdce7fb5a49252cc7e1
6b0dab5300943d98f4f20de9d48a49e0186441f6fb8b5e95a9635a30c0b60e72
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ba4994619bacb4023ca637093fb78a7a5bf7c915443d5e358b1646a36ca5253
70cd8bae6ecc9925627d5ce7a3fbfdc4ac91e7a15918fdd359d71237d225e2b4
72e392b667e641122a7ee134d02b734093a8273640121ac968118595a6ca4a6b
7b096cfae2525b059116d8b86e549bf6ae43fdcc78a90c72a3a42236d5caac52
7dbb6ceb938165ad38e226f4a0a50d0b2bc2a59f95c64caffe92a083bb7101d4
7e510e61c497d334da21eccda06df5d3a428c9ea94d6903b6138e7c7255aba0f
80e66296a0e785e3cc19809ed93b74703d7e768c03d2eada3badca52dd27ef64
878a4f1b47e555c54778a38536f458ff0176f3f9c6f0e2764c2c0dd081c86efa
88ce1658ba2be3aff3ee7f42554d9ee76bcc30bcc037343bb1b81de28d4fde55
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
95abaca5a5f710cf478b0360960174ac2153a14f8e875794d2dda4df164263ae
979c609807875125b8ec1db7f4414a378a9e29c0dd8184bf7653a7ae52eca2c2
9d3fb964b8ce3d568784ea5165f3821e84242b33cdf03305f5ab9dde70cf61ce
9dbb63d80117871fa00d9750af1b2c223b449f4c1525acb5040b932eb4241208
a0e06102ffd9d34b251fbf44f82f72025838a6e9220a5e78e473fb8162822bce
a2bfecfe18c5752df616d64c3e0e8e909d26f168e9b764778d70d4f5771092ce
a54feec32cf37e1aaa1e81139f47487f3ce884ff2188329da9d78dc35a204ec3
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
bf091f26e0956a5868ecb095198d1d2c8b11707602106292c8b88de49995b1f7
c1a6e5fda58b66eb968470d311e14b89bbcdacff622c985c490796aea0e1f834
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
c7a674df31c1c2c7f3310ceed8e8e2243e22cf1a38c6ddedbd8d045891fdcccf
c93380f71bab57d15c959a18670753a916d470527ace7beb5b119f851fcedbab
cab2395492e689393f4384aa6c526264253d1872ca05d1ce9a2e743c661d0bc0
cb8e4c9428bd82ff15d02b527e9dad30aefef0efe0516ac202dbb8f1b8e320f7
d6ec41b2408ba46a257150e2e6ea7389e1c3ddff49bc0db821f62b371f5cc4a5
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dc8e02e4c8cbc847c79e57f90b4255e2d1fdc8938b8f63455eb8187f0981e6f9
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e388e19ca38c825b329e762c79c66bbd41bd334f18312c5e97fde0a8f64bca36
e396897cca14063a3f4a473c19abca306a1eda652fbd6da5f7d37c4c81c41736
e3ad907e499584dd836b99d39ab55cd0d83a3e2e2c3029a2ac2f8cb757bb1db6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
ed957d4626abb7a1f34c1842566c2d09eacd7764f1c7be7bb09f5db5afcbd6de
ee2142d2d84e169a6f92e80040206a8ec7e7cd466fa0f131aee972c4ff512a78
f252a047f9dfad47818bd0f2a42487e719c8de0e9c0d0bf6e29eb7e3d2835829
f55623b3cea4c97af0d0e39ddd297a2f4a90769153fa8ff592cbf2318ac80f73
f6050e54c0c05177678a800112feb5049ed12498e467459e9f6690fdbe641163
f6cd320c5ba515fef3997afe473332231160a2cb715f1a99679a7cefa1cf0be0
fba67d08e60f2178d9725dc3cb7a1b7106b1a1831ae66543e2ccc27cd81e95b9
fc7851d85e3a071b8ebfe213f2eb716ade4ac37424fb1acc303d8f94042015e6
fd435b2174c2323147a144baab9fd98aaf684cf40bc248eee03a636425fabe42
fef220df8fc6b0e5b86f10511750a9e03d5ab1de896a1bc4519f860d0683fc75
ff15ac47504bb557006756aaba7dc0eadcf935f9633390f379405085d9f85de8