onlysfree.com Open in urlscan Pro
147.135.84.19 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://onlysfree.com/
Effective URL:
https://onlysfree.com/
Submission: On June 10 via manual (June 10th 2022, 8:41:05 pm UTC) from GT — Scanned from DE

Summary HTTP 38 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 8 domains to perform 38 HTTP transactions. The main IP is 147.135.84.19, located in United States and belongs to OVH, FR. The main domain is onlysfree.com.
TLS certificate: Issued by R3 on June 8th 2022. Valid for: 3 months.

This is the only time onlysfree.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 15	147.135.84.19 147.135.84.19	16276 (OVH) (OVH)
2	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	45.88.202.101 45.88.202.101	58110 (IPVOLUME) (IPVOLUME)
1	2606:4700:440... 2606:4700:4400::6812:28db	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	91.149.224.12 91.149.224.12	58110 (IPVOLUME) (IPVOLUME)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:303... 2606:4700:3038::6815:ea38	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
38	10

15 147.135.84.19 (United States) 2 redirects

ASN16276 (OVH, FR)
PTR: server37.imagina.com.co

onlysfree.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 45.88.202.101 (Norway)

ASN58110 (IPVOLUME, CH)

z.zz.fo	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:28db (United States)

ASN13335 (CLOUDFLARENET, US)

thumbs2.redgifs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 91.149.224.12 (Norway) 1 redirects

ASN58110 (IPVOLUME, CH)
PTR: static.91.149.224.12.sibyl.li

fs-01.cyberdrop.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

img-01.cyberdrop.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3038::6815:ea38 (United States)

ASN13335 (CLOUDFLARENET, US)

z.zz.ht	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	onlysfree.com 2 redirects onlysfree.com	220 KB
11	zz.fo z.zz.fo	2 MB
5	cyberdrop.to 1 redirects fs-01.cyberdrop.to img-01.cyberdrop.to — Cisco Umbrella Rank: 872967	2 MB
4	zz.ht z.zz.ht	91 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 434	47 KB
1	gstatic.com fonts.gstatic.com	33 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 55	1 KB
1	redgifs.com thumbs2.redgifs.com — Cisco Umbrella Rank: 69467	1 KB
38	8

	Domain	Requested by
15	onlysfree.com	2 redirects onlysfree.com
11	z.zz.fo	onlysfree.com
4	z.zz.ht	onlysfree.com
4	fs-01.cyberdrop.to	1 redirects onlysfree.com
2	cdn.jsdelivr.net	onlysfree.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	onlysfree.com
1	img-01.cyberdrop.to	onlysfree.com
1	thumbs2.redgifs.com	onlysfree.com
38	9

This site contains links to these domains. Also see Links.

Domain
t.me
discord.gg
www.reddit.com
sendvid.com
www.youtube.com

Subject Issuer	Validity	Valid
*.onlysfree.com R3	`2022-06-08` - `2022-09-06`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
z.zz.fo R3	`2022-05-05` - `2022-08-03`	3 months	crt.sh
redgifs.com Cloudflare Inc ECC CA-3	`2021-10-26` - `2022-10-25`	a year	crt.sh
cyberdrop.to R3	`2022-04-12` - `2022-07-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://onlysfree.com/
Frame ID: 55827D39F71B862A26AA3FEA91470E4D
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

OnlysFree.com

Page URL History Show full URLs

http://onlysfree.com/ Page URL
http://onlysfree.com/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=15082338 HTTP 302
http://onlysfree.com/ HTTP 301
https://onlysfree.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

38
Requests

92 %
HTTPS

67 %
IPv6

8
Domains

9
Subdomains

10
IPs

3
Countries

4335 kB
Transfer

8876 kB
Size

3
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://t.me/Palamerdamenu
Title: Telegram

Search URL Search Domain Scan URL

URL: https://discord.gg/
Title: Discord

Search URL Search Domain Scan URL

URL: https://www.reddit.com/r/Pala_Merda_Vault
Title: Reddit

Search URL Search Domain Scan URL

URL: https://sendvid.com/
Title: FOR MOBILE

Search URL Search Domain Scan URL

URL: https://www.youtube.com/
Title: FOR DESKTOP

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://onlysfree.com/ Page URL
http://onlysfree.com/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=15082338 HTTP 302
http://onlysfree.com/ HTTP 301
https://onlysfree.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

https://fs-01.cyberdrop.to/InShot_20211021_161309065-PtlFQFSC.jpg HTTP 302
https://img-01.cyberdrop.to/InShot_20211021_161309065-PtlFQFSC.jpg

38 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
onlysfree.com/ 1 KB
2 KB 829ms
98ms Document
text/html 147.135.84.19
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://onlysfree.com/
Protocol: HTTP/1.1
Server: 147.135.84.19 , United States, ASN16276 (OVH, FR),
Reverse DNS: server37.imagina.com.co
Software: imunify360-webshield/1.18 /
Resource Hash: 0448a17ad53bb6453256021dbbc5745becfa2eacdbd29efe78bacb4ae520d1a6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Connection: close
Content-Type: text/html
Date: Fri, 10 Jun 2022 20:41:00 GMT
Last-Modified: Friday, 10-Jun-2022 20:41:00 GMT
Server: imunify360-webshield/1.18
Transfer-Encoding: chunked
cf-edge-cache: no-cache

GET
H2

200

Primary Request / Show response
onlysfree.com/
Redirect Chain

http://onlysfree.com/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=15082338
http://onlysfree.com/
https://onlysfree.com/

61 KB
12 KB

699ms
511ms

Document
text/html

147.135.84.19
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://onlysfree.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.135.84.19 , United States, ASN16276 (OVH, FR),
Reverse DNS: server37.imagina.com.co
Software: imunify360-webshield/1.18 / PHP/7.4.29
Resource Hash: 4dd9020c23828902c2491cfa2582461487944aee21ed519ac31e65dc2b967a1b

Request headers

Referer: http://onlysfree.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, private
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 10 Jun 2022 20:41:01 GMT
server: imunify360-webshield/1.18
vary: Accept-Encoding
x-powered-by: PHP/7.4.29
x-turbo-charged-by: LiteSpeed

Redirect headers

Connection: close
Content-Length: 707
Content-Type: text/html
Date: Fri, 10 Jun 2022 20:41:00 GMT
Server: imunify360-webshield/1.18
location: https://onlysfree.com/
x-turbo-charged-by: LiteSpeed

GET
H2 200 main.css
onlysfree.com/assets/css/ 61 KB
9 KB 94ms
93ms Stylesheet
text/css 147.135.84.19
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://onlysfree.com/assets/css/main.css?v2022-06-10-20:41:01
Requested by: Host: onlysfree.com
URL: https://onlysfree.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.135.84.19 , United States, ASN16276 (OVH, FR),
Reverse DNS: server37.imagina.com.co
Software: imunify360-webshield/1.18 /
Resource Hash: b3cb2c3999a1856c68c17e2256448c1ba28e305cc45d06dfa97e0e1675cf134e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onlysfree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 10 Jun 2022 20:41:01 GMT
content-encoding: br
last-modified: Mon, 10 Jan 2022 14:34:22 GMT
server: imunify360-webshield/1.18
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 8512
expires: Fri, 17 Jun 2022 20:41:01 GMT

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.0-beta1/dist/css/ 150 KB
24 KB 77ms
34ms Stylesheet
text/css 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.0.0-beta1/dist/css/bootstrap.min.css

Requested by

Host: onlysfree.com
URL: https://onlysfree.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0267260045096457f26914277f49eef5da5ec54ac6aee8579be4810332e518b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://onlysfree.com/
Origin: https://onlysfree.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 10 Jun 2022 20:41:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7039138
x-jsd-version: 5.0.0-beta1
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19174-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"25617-q3SIoVyTmtfFSq15BDC3uaLXfq4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tp1PD67IcITnq2hx6JFU8YV%2FufnzPMHugiRKqrTUXM5MvhigoBTueBorIzMYmhXBNXxg%2BIb1ZVUlnpot2SP%2B55s7LIp1j%2Blt1e6146q0syM9ECwDiLfFgKBhtQRkB6fTkAsao%2F8UE6Pph31B42Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 7194ece89c38909c-FRA

GET
H2 200 tSAGB.jpg
z.zz.fo/ 74 KB
75 KB 83ms
52ms Image
image/jpeg 45.88.202.101
IPVOLUME

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z.zz.fo/tSAGB.jpg

Requested by

Host: onlysfree.com
URL: https://onlysfree.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.88.202.101 , Norway, ASN58110 (IPVOLUME, CH),

Reverse DNS

Software

nginx /

Resource Hash

03877c2aa693f4066c2d403e832e6000e0d7df6a0ea9d527d3392b4ebff17895

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onlysfree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content
etag: "a6efe896d4d2d962dbe909446155dbdb"
x-amz-request-id: 16F188238827A096
x-cache-status: STALE
x-amz-meta-mtime: 1653242362
x-amz-meta-ctime: 1653242362
x-amz-meta-mode: 33188
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
content-length: 75747
x-xss-protection: 1; mode=block
x-amz-meta-gid: 0
x-amz-bucket-region: no-south-1
last-modified: Sun, 22 May 2022 17:59:23 GMT
server: nginx
date: Fri, 10 Jun 2022 20:41:01 GMT
x-amz-meta-uid: 0
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=1296000
no-gzip-compression: true
accept-ranges: bytes
x-content-type-options: nosniff
x-amz-meta-atime: 1653242362
expires: Sat, 25 Jun 2022 20:41:01 GMT

GET
H2 200 nALag.jpg
z.zz.fo/ 66 KB
66 KB 1641ms
1610ms Image
image/jpeg 45.88.202.101
IPVOLUME

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z.zz.fo/nALag.jpg

Requested by

Host: onlysfree.com
URL: https://onlysfree.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.88.202.101 , Norway, ASN58110 (IPVOLUME, CH),

Reverse DNS

Software

nginx /

Resource Hash

8ad459066a0a2a421b347b964c1cd3b58fe4c4665538c5292888f4dd171247bf

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onlysfree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content
etag: "60962857525b91c0690b1f6b30d63cb3"
x-amz-request-id: 16F18823881E43A8
x-cache-status: STALE
x-amz-meta-mtime: 1653242328
x-amz-meta-ctime: 1653242328
x-amz-meta-mode: 33188
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
content-length: 67389
x-xss-protection: 1; mode=block
x-amz-meta-gid: 0
x-amz-bucket-region: no-south-1
last-modified: Sun, 22 May 2022 17:58:49 GMT
server: nginx
date: Fri, 10 Jun 2022 20:41:01 GMT
x-amz-meta-uid: 0
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=1296000
no-gzip-compression: true
accept-ranges: bytes
x-content-type-options: nosniff
x-amz-meta-atime: 1653242328
expires: Sat, 25 Jun 2022 20:41:01 GMT

GET
H2 200 EaUMe.jpg
z.zz.fo/ 66 KB
67 KB 1642ms
1611ms Image
image/jpeg 45.88.202.101
IPVOLUME

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z.zz.fo/EaUMe.jpg

Requested by

Host: onlysfree.com
URL: https://onlysfree.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.88.202.101 , Norway, ASN58110 (IPVOLUME, CH),

Reverse DNS

Software

nginx /

Resource Hash

9febb552f0ae38b53272ff0fbd15a8001918bdc635bafbe14e76e07d7bf94422

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onlysfree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content
etag: "97c16cc0f183692f3ec7b1563dd76e98"
x-amz-request-id: 16F188238898D28A
x-cache-status: STALE
x-amz-meta-mtime: 1653242331
x-amz-meta-ctime: 1653242331
x-amz-meta-mode: 33188
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
content-length: 67457
x-xss-protection: 1; mode=block
x-amz-meta-gid: 0
x-amz-bucket-region: no-south-1
last-modified: Sun, 22 May 2022 17:58:52 GMT
server: nginx
date: Fri, 10 Jun 2022 20:41:01 GMT
x-amz-meta-uid: 0
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=1296000
no-gzip-compression: true
accept-ranges: bytes
x-content-type-options: nosniff
x-amz-meta-atime: 1653242331
expires: Sat, 25 Jun 2022 20:41:01 GMT

GET
H2 200 bT0aS.jpg
z.zz.fo/ 84 KB
85 KB 1642ms
1611ms Image
image/jpeg 45.88.202.101
IPVOLUME

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z.zz.fo/bT0aS.jpg

Requested by

Host: onlysfree.com
URL: https://onlysfree.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.88.202.101 , Norway, ASN58110 (IPVOLUME, CH),

Reverse DNS

Software

nginx /

Resource Hash

f206b0b96ba307d7bec030738bd12ded2c2d8bd4b5dc81f1a805f9f6729da19d

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onlysfree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content
etag: "687f4138add26215fecdf7b91be3e250"
x-amz-request-id: 16F1882386E79271
x-cache-status: STALE
x-amz-meta-mtime: 1653242394
x-amz-meta-ctime: 1653242394
x-amz-meta-mode: 33188
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
content-length: 86308
x-xss-protection: 1; mode=block
x-amz-meta-gid: 0
x-amz-bucket-region: no-south-1
last-modified: Sun, 22 May 2022 17:59:54 GMT
server: nginx
date: Fri, 10 Jun 2022 20:41:01 GMT
x-amz-meta-uid: 0
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=1296000
no-gzip-compression: true
accept-ranges: bytes
x-content-type-options: nosniff
x-amz-meta-atime: 1653242393
expires: Sat, 25 Jun 2022 20:41:01 GMT

GET
H2 200 Wx1ak.jpg
z.zz.fo/ 104 KB
104 KB 1642ms
1611ms Image
image/jpeg 45.88.202.101
IPVOLUME

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z.zz.fo/Wx1ak.jpg

Requested by

Host: onlysfree.com
URL: https://onlysfree.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.88.202.101 , Norway, ASN58110 (IPVOLUME, CH),

Reverse DNS

Software

nginx /

Resource Hash

7ac8061110140f3f51ed05e9d910504d6365db7773ebda21f475d9f27bf004ec

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onlysfree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content
etag: "64c432e8e79d465a481564de4611e68e"
x-amz-request-id: 16F1882388101110
x-cache-status: STALE
x-amz-meta-mtime: 1653242387
x-amz-meta-ctime: 1653242387
x-amz-meta-mode: 33188
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
content-length: 106197
x-xss-protection: 1; mode=block
x-amz-meta-gid: 0
x-amz-bucket-region: no-south-1
last-modified: Sun, 22 May 2022 17:59:47 GMT
server: nginx
date: Fri, 10 Jun 2022 20:41:01 GMT
x-amz-meta-uid: 0
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=1296000
no-gzip-compression: true
accept-ranges: bytes
x-content-type-options: nosniff
x-amz-meta-atime: 1653242387
expires: Sat, 25 Jun 2022 20:41:01 GMT

GET
H2 200 qijfP.jpg
z.zz.fo/ 84 KB
85 KB 1641ms
1611ms Image
image/jpeg 45.88.202.101
IPVOLUME

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z.zz.fo/qijfP.jpg

Requested by

Host: onlysfree.com
URL: https://onlysfree.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.88.202.101 , Norway, ASN58110 (IPVOLUME, CH),

Reverse DNS

Software

nginx /

Resource Hash

af24d3e3dcfdeb98050bdfde8eb64db370e3540e3f28543e8afba1e0b5d0ab79

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onlysfree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content
etag: "6e53c186659a2c3316bb8591bcffe53d"
x-amz-request-id: 16F1882387B94F6A
x-cache-status: STALE
x-amz-meta-mtime: 1653242415
x-amz-meta-ctime: 1653242415
x-amz-meta-mode: 33188
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
content-length: 86325
x-xss-protection: 1; mode=block
x-amz-meta-gid: 0
x-amz-bucket-region: no-south-1
last-modified: Sun, 22 May 2022 18:00:15 GMT
server: nginx
date: Fri, 10 Jun 2022 20:41:01 GMT
x-amz-meta-uid: 0
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=1296000
no-gzip-compression: true
accept-ranges: bytes
x-content-type-options: nosniff
x-amz-meta-atime: 1653242415
expires: Sat, 25 Jun 2022 20:41:01 GMT

GET
H2 200 NIwxe.jpg
z.zz.fo/ 119 KB
119 KB 1603ms
1602ms Image
image/jpeg 45.88.202.101
IPVOLUME

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z.zz.fo/NIwxe.jpg

Requested by

Host: onlysfree.com
URL: https://onlysfree.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.88.202.101 , Norway, ASN58110 (IPVOLUME, CH),

Reverse DNS

Software

nginx /

Resource Hash

747b1234151a8f30a171376ef3c64bd2e496884a2ae102fb1f329181f994073e

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onlysfree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content
etag: "5bba480145a7acfe72147e61d00b2e31"
x-amz-request-id: 16F18829ADD02550
x-cache-status: STALE
x-amz-meta-mtime: 1653242330
x-amz-meta-ctime: 1653242330
x-amz-meta-mode: 33188
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
content-length: 121458
x-xss-protection: 1; mode=block
x-amz-meta-gid: 0
x-amz-bucket-region: no-south-1
last-modified: Sun, 22 May 2022 17:58:50 GMT
server: nginx
date: Fri, 10 Jun 2022 20:41:02 GMT
x-amz-meta-uid: 0
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=1296000
no-gzip-compression: true
accept-ranges: bytes
x-content-type-options: nosniff
x-amz-meta-atime: 1653242330
expires: Sat, 25 Jun 2022 20:41:02 GMT

GET
H2 200 fEalZ.jpg
z.zz.fo/ 128 KB
129 KB 1603ms
1603ms Image
image/jpeg 45.88.202.101
IPVOLUME

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z.zz.fo/fEalZ.jpg

Requested by

Host: onlysfree.com
URL: https://onlysfree.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.88.202.101 , Norway, ASN58110 (IPVOLUME, CH),

Reverse DNS

Software

nginx /

Resource Hash

201dc7cf656e2ecbb3ed17caa88e5bca25a41abe5a25f46672a4c2348ef676a2

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onlysfree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content
etag: "0eb85e5bdb0ffd15493d9e3fbfe3ad39"
x-amz-request-id: 16F1882386CC8254
x-cache-status: STALE
x-amz-meta-mtime: 1653242383
x-amz-meta-ctime: 1653242383
x-amz-meta-mode: 33188
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
content-length: 131477
x-xss-protection: 1; mode=block
x-amz-meta-gid: 0
x-amz-bucket-region: no-south-1
last-modified: Sun, 22 May 2022 17:59:43 GMT
server: nginx
date: Fri, 10 Jun 2022 20:41:02 GMT
x-amz-meta-uid: 0
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=1296000
no-gzip-compression: true
accept-ranges: bytes
x-content-type-options: nosniff
x-amz-meta-atime: 1653242383
expires: Sat, 25 Jun 2022 20:41:02 GMT

GET
H2 200 430sc.jpg
z.zz.fo/ 90 KB
91 KB 1603ms
1603ms Image
image/jpeg 45.88.202.101
IPVOLUME

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z.zz.fo/430sc.jpg

Requested by

Host: onlysfree.com
URL: https://onlysfree.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.88.202.101 , Norway, ASN58110 (IPVOLUME, CH),

Reverse DNS

Software

nginx /

Resource Hash

999d9f6acf344181e6f3114587d6ae25757ca225e97c308c8e9b8d826d4f676c

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onlysfree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content
etag: "a4ad0a5d993a58d8491c4b4952eeb43f"
x-amz-request-id: 16F1882388147F8B
x-cache-status: STALE
x-amz-meta-mtime: 1653242368
x-amz-meta-ctime: 1653242368
x-amz-meta-mode: 33188
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
content-length: 92034
x-xss-protection: 1; mode=block
x-amz-meta-gid: 0
x-amz-bucket-region: no-south-1
last-modified: Sun, 22 May 2022 17:59:28 GMT
server: nginx
date: Fri, 10 Jun 2022 20:41:02 GMT
x-amz-meta-uid: 0
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=1296000
no-gzip-compression: true
accept-ranges: bytes
x-content-type-options: nosniff
x-amz-meta-atime: 1653242367
expires: Sat, 25 Jun 2022 20:41:02 GMT

GET
H2 200 2kFtR.jpg
z.zz.fo/ 98 KB
99 KB 1603ms
1603ms Image
image/jpeg 45.88.202.101
IPVOLUME

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z.zz.fo/2kFtR.jpg

Requested by

Host: onlysfree.com
URL: https://onlysfree.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.88.202.101 , Norway, ASN58110 (IPVOLUME, CH),

Reverse DNS

Software

nginx /

Resource Hash

9bd94accd8c739e0d9d31a73b91f2dea77b4e549c4d2a65e433385b423f3423a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onlysfree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content
etag: "f673aa8f260601be582547bf1c67ad91"
x-amz-request-id: 16F18829ADF5724E
x-cache-status: STALE
x-amz-meta-mtime: 1653242340
x-amz-meta-ctime: 1653242340
x-amz-meta-mode: 33188
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
content-length: 100449
x-xss-protection: 1; mode=block
x-amz-meta-gid: 0
x-amz-bucket-region: no-south-1
last-modified: Sun, 22 May 2022 17:59:01 GMT
server: nginx
date: Fri, 10 Jun 2022 20:41:02 GMT
x-amz-meta-uid: 0
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=1296000
no-gzip-compression: true
accept-ranges: bytes
x-content-type-options: nosniff
x-amz-meta-atime: 1653242339
expires: Sat, 25 Jun 2022 20:41:02 GMT

GET
H2 404 AbsolutePotableAltiplanochinchillamouse-small.gif
thumbs2.redgifs.com/ 1 KB
1 KB 253ms
208ms Image
image/jpeg 2606:4700:4400::6812:28db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thumbs2.redgifs.com/AbsolutePotableAltiplanochinchillamouse-small.gif

Requested by

Host: onlysfree.com
URL: https://onlysfree.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:28db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20e9aab22032d85684d7d916a1013f7c577a132a5b10ea3fd3578e8d0b28a711

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onlysfree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 10 Jun 2022 20:41:01 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1097
x-xss-protection: 0
timing-allow-origin: *
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/jpeg
vary: Origin, Accept-Encoding
cache-control: no-cache
cf-ray: 7194ece8ddb55caa-FRA
expires: Sat, 11 Jun 2022 00:41:01 GMT

GET
H2 200 8qHP1.jpg
z.zz.fo/ 1 MB
1 MB 1604ms
1603ms Image
image/jpeg 45.88.202.101
IPVOLUME

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z.zz.fo/8qHP1.jpg

Requested by

Host: onlysfree.com
URL: https://onlysfree.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.88.202.101 , Norway, ASN58110 (IPVOLUME, CH),

Reverse DNS

Software

nginx /

Resource Hash

110f8527ebb496f11b4174da982240969c49adb4b0dd9eae08a7c49acde1a334

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onlysfree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content
etag: "c2bb2ff73a662e03bae02daf161ac628"
x-amz-request-id: 16D2D0223CAE83C9
x-cache-status: STALE
x-amz-meta-mtime: 1634852095
x-amz-meta-ctime: 1634852095
x-amz-meta-mode: 33188
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
content-length: 1501348
x-xss-protection: 1; mode=block
x-amz-meta-gid: 0
x-amz-bucket-region: no-south-1
last-modified: Thu, 21 Oct 2021 21:34:55 GMT
server: nginx
date: Fri, 10 Jun 2022 20:41:02 GMT
x-amz-meta-uid: 0
vary: Origin
content-type: image/jpeg
cache-control: max-age=1296000
accept-ranges: bytes
x-content-type-options: nosniff
x-amz-meta-atime: 1634852095
expires: Sat, 25 Jun 2022 20:41:02 GMT

GET
H2

200

InShot_20211021_161309065-PtlFQFSC.jpg
img-01.cyberdrop.to/
Redirect Chain

https://fs-01.cyberdrop.to/InShot_20211021_161309065-PtlFQFSC.jpg
https://img-01.cyberdrop.to/InShot_20211021_161309065-PtlFQFSC.jpg

1 MB
1 MB

73ms
26ms

Image
image/jpeg

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-01.cyberdrop.to/InShot_20211021_161309065-PtlFQFSC.jpg

Requested by

Host: onlysfree.com
URL: https://onlysfree.com/

Protocol

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bcac4cd85d9d3921824ce584d71726128a889bfc4cb8ce14f4bd7fa53828ca2c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; media-src 'self';
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onlysfree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 10 Jun 2022 20:41:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1199600
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1550942
x-xss-protection: 1; mode=block
last-modified: Thu, 21 Oct 2021 22:28:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "6171e99a-17aa5e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8tkJcveBN%2FUmMzvv2UsJTQKj4CfpkYbEi4tbLg2D6005dkYLPPA5%2B5UZ1tiWbPzO1WUzKckxfe3zrgFx9%2Bn20PhVHtZ9ZOyKXYXzz6S6h%2BJcZ0uBualhLMYK%2F4JD7hIpAABUQUVbAWO3wC5XLuJSHwPA"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000, no-transform
x-nexus: fs-24-1
content-security-policy: default-src 'none'; img-src 'self'; media-src 'self';
accept-ranges: bytes
cf-ray: 7194ece99f109b74-FRA
expires: Sat, 27 May 2023 23:27:41 GMT

Redirect headers

location: https://img-01.cyberdrop.to/InShot_20211021_161309065-PtlFQFSC.jpg
date: Fri, 10 Jun 2022 20:41:01 GMT
cache-control: max-age=31536000, public, no-transform
server: nginx
content-type: text/html
content-length: 138
expires: Sat, 10 Jun 2023 20:41:01 GMT

GET
H2 200 searchComponent.js Show response
onlysfree.com/assets/js/ 528 B
464 B 95ms
91ms Script
application/javascript 147.135.84.19
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://onlysfree.com/assets/js/searchComponent.js?v20220610
Requested by: Host: onlysfree.com
URL: https://onlysfree.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.135.84.19 , United States, ASN16276 (OVH, FR),
Reverse DNS: server37.imagina.com.co
Software: imunify360-webshield/1.18 /
Resource Hash: ad52d960a701ac9a83810eb2ae02da4e150b9a9cff3cd4170ea20baff2db6300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onlysfree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 10 Jun 2022 20:41:01 GMT
content-encoding: br
last-modified: Mon, 10 Jan 2022 14:34:21 GMT
server: imunify360-webshield/1.18
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 197
expires: Fri, 17 Jun 2022 20:41:01 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
onlysfree.com/assets/js/ 87 KB
30 KB 148ms
145ms Script
application/javascript 147.135.84.19
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://onlysfree.com/assets/js/jquery-3.5.1.min.js
Requested by: Host: onlysfree.com
URL: https://onlysfree.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.135.84.19 , United States, ASN16276 (OVH, FR),
Reverse DNS: server37.imagina.com.co
Software: imunify360-webshield/1.18 /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onlysfree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 10 Jun 2022 20:41:01 GMT
content-encoding: br
last-modified: Mon, 10 Jan 2022 14:34:21 GMT
server: imunify360-webshield/1.18
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 30280
expires: Fri, 17 Jun 2022 20:41:01 GMT

GET
H2 200 browser.min.js Show response
onlysfree.com/assets/js/ 2 KB
1008 B 149ms
146ms Script
application/javascript 147.135.84.19
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://onlysfree.com/assets/js/browser.min.js
Requested by: Host: onlysfree.com
URL: https://onlysfree.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.135.84.19 , United States, ASN16276 (OVH, FR),
Reverse DNS: server37.imagina.com.co
Software: imunify360-webshield/1.18 /
Resource Hash: 63572a849a602527e0deeca58b30c53e3d43f07be21b4ba24b30832062da875c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onlysfree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 10 Jun 2022 20:41:01 GMT
content-encoding: br
last-modified: Mon, 10 Jan 2022 14:34:22 GMT
server: imunify360-webshield/1.18
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 741
expires: Fri, 17 Jun 2022 20:41:01 GMT

GET
H2 200 breakpoints.min.js Show response
onlysfree.com/assets/js/ 2 KB
1012 B 150ms
146ms Script
application/javascript 147.135.84.19
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://onlysfree.com/assets/js/breakpoints.min.js
Requested by: Host: onlysfree.com
URL: https://onlysfree.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.135.84.19 , United States, ASN16276 (OVH, FR),
Reverse DNS: server37.imagina.com.co
Software: imunify360-webshield/1.18 /
Resource Hash: 6986954512ea7fc9ea45934177dfc8aca9ed69dd08976114b0eb39a3e58d201d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onlysfree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 10 Jun 2022 20:41:01 GMT
content-encoding: br
last-modified: Mon, 10 Jan 2022 14:34:21 GMT
server: imunify360-webshield/1.18
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 745
expires: Fri, 17 Jun 2022 20:41:01 GMT

GET
H2 200 util.js Show response
onlysfree.com/assets/js/ 12 KB
3 KB 186ms
183ms Script
application/javascript 147.135.84.19
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://onlysfree.com/assets/js/util.js
Requested by: Host: onlysfree.com
URL: https://onlysfree.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.135.84.19 , United States, ASN16276 (OVH, FR),
Reverse DNS: server37.imagina.com.co
Software: imunify360-webshield/1.18 /
Resource Hash: b5424d77c6e517893b9adc5a6cf11428e58461ad9768ad056d918ff1d295c5f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onlysfree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 10 Jun 2022 20:41:01 GMT
content-encoding: br
last-modified: Mon, 10 Jan 2022 14:34:22 GMT
server: imunify360-webshield/1.18
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
alt-svc: h3-34=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-27=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 3028
expires: Fri, 17 Jun 2022 20:41:01 GMT

GET
H2 200 main.js Show response
onlysfree.com/assets/js/ 6 KB
2 KB 187ms
183ms Script
application/javascript 147.135.84.19
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://onlysfree.com/assets/js/main.js
Requested by: Host: onlysfree.com
URL: https://onlysfree.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.135.84.19 , United States, ASN16276 (OVH, FR),
Reverse DNS: server37.imagina.com.co
Software: imunify360-webshield/1.18 /
Resource Hash: e553c6ae0d5e8d70d36c9dc5b0e4afc77f0067b0312a26f7398d9ad14108a258

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onlysfree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 10 Jun 2022 20:41:01 GMT
content-encoding: br
last-modified: Mon, 10 Jan 2022 14:34:21 GMT
server: imunify360-webshield/1.18
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
alt-svc: h3-34=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-27=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 1737
expires: Fri, 17 Jun 2022 20:41:01 GMT

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.0.0-beta1/dist/js/ 79 KB
23 KB 75ms
70ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.0.0-beta1/dist/js/bootstrap.bundle.min.js

Requested by

Host: onlysfree.com
URL: https://onlysfree.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

886a0d1005f4d663e11473c81ea20b2b9d618372313df55223d2c571dffc5698

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://onlysfree.com/
Origin: https://onlysfree.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 10 Jun 2022 20:41:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7039138
x-jsd-version: 5.0.0-beta1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19137-FRA, cache-hhn4029-HHN
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"13bb5-zUKjci8NkL/tAMsum+NysHqoVi8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YMD7cPRpLtT%2B%2FKlh57gJgyKkECHWex%2FWdzsmek0OElUtM3YATOguUbGRCBe7G9AsVnszgHOaZ%2BaSRjQp6YPwZS3yRn0uIzMb%2FuNZ14RnMA1nR1T%2FMaZGwV8V5SNnVPx91dHHxc21ekJ77HLXtHE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 7194ece89c39909c-FRA

GET
H2 200 DarkMode.js Show response
onlysfree.com/assets/js/ 3 KB
1 KB 187ms
184ms Script
application/javascript 147.135.84.19
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://onlysfree.com/assets/js/DarkMode.js
Requested by: Host: onlysfree.com
URL: https://onlysfree.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.135.84.19 , United States, ASN16276 (OVH, FR),
Reverse DNS: server37.imagina.com.co
Software: imunify360-webshield/1.18 /
Resource Hash: 5961da7b93c907f7a9604f2eda995b23a6530ce2ecd95737c76b1c851ac48fe8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onlysfree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 10 Jun 2022 20:41:01 GMT
content-encoding: br
last-modified: Mon, 10 Jan 2022 14:34:21 GMT
server: imunify360-webshield/1.18
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
alt-svc: h3-34=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-27=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 618
expires: Fri, 17 Jun 2022 20:41:01 GMT

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cc9e8cc05e3e311d68c5b09d4534cdb791e24299ae1c06fdf9c2c4f3e8ad91b1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 206 InShot_20211021_155706651-JLD4B3aC.mp4
fs-01.cyberdrop.to/ 39 KB
0 1684ms
1603ms Media
video/mp4 91.149.224.12
IPVOLUME

General

Check archive.org

Show headers Download Go to

Full URL

https://fs-01.cyberdrop.to/InShot_20211021_155706651-JLD4B3aC.mp4

Requested by

Host: onlysfree.com
URL: https://onlysfree.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.149.224.12 , Norway, ASN58110 (IPVOLUME, CH),

Reverse DNS

static.91.149.224.12.sibyl.li

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; media-src 'self';
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onlysfree.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 10 Jun 2022 20:41:03 GMT
last-modified: Thu, 21 Oct 2021 22:26:12 GMT
server: nginx
etag: "6171e904-27910f"
x-frame-options: SAMEORIGIN
content-type: video/mp4
Content-Range: bytes 0-2593038/2593039
cache-control: max-age=31536000, public, no-transform
x-nexus: fs-24-1
content-security-policy: default-src 'none'; img-src 'self'; media-src 'self';
Content-Length: 2593039
x-xss-protection: 1; mode=block
expires: Sat, 10 Jun 2023 20:41:03 GMT

GET
H2 206 ts4qi.mp4
z.zz.ht/ 60 KB
0 85ms
45ms Media
video/mp4 2606:4700:3038::6815:ea38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://z.zz.ht/ts4qi.mp4

Requested by

Host: onlysfree.com
URL: https://onlysfree.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:ea38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onlysfree.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 10 Jun 2022 20:41:01 GMT
x-content-type-options: nosniff
cf-cache-status: STALE
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 16F274A7C4D7A4AD
Content-Range: bytes 0-13612098/13612099
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 13612099
x-xss-protection: 1; mode=block
x-amz-bucket-region: no-south-1
last-modified: Tue, 21 Sep 2021 01:12:23 GMT
server: cloudflare
etag: "91049dc1a48fe05fc3f177b993128302"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wfi1Uot68%2FgUuOm23zKxzaE4x12VDhKmvaCVohhX5vUALgB4i1ovSvW3EDvlfCfZNTHvtL0U8gdlcQRcma56r94gV1XxA2gOHYSj1Zt5dFpzX2zcLvs7zs6lme%2BO23WjNNQxaHDh"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
vary: Origin, Accept-Encoding
cache-control: public, max-age=14400
content-security-policy: block-all-mixed-content
cf-ray: 7194ece94b4a9963-FRA
x-amz-meta-mtime: 1620600462.311151472

GET
H2 200 fontawesome-all.min.css
onlysfree.com/assets/css/ 55 KB
12 KB 132ms
132ms Stylesheet
text/css 147.135.84.19
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://onlysfree.com/assets/css/fontawesome-all.min.css
Requested by: Host: onlysfree.com
URL: https://onlysfree.com/assets/css/main.css?v2022-06-10-20:41:01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.135.84.19 , United States, ASN16276 (OVH, FR),
Reverse DNS: server37.imagina.com.co
Software: imunify360-webshield/1.18 /
Resource Hash: c3937df2f85d56068eeafb080d2445a3c9a25e3a30c7881904bea8de118071fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onlysfree.com/assets/css/main.css?v2022-06-10-20:41:01
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 10 Jun 2022 20:41:01 GMT
content-encoding: br
last-modified: Mon, 10 Jan 2022 14:34:22 GMT
server: imunify360-webshield/1.18
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 11729
expires: Fri, 17 Jun 2022 20:41:01 GMT

GET
H2 200 css
fonts.googleapis.com/ 17 KB
1 KB 136ms
51ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,400italic,600,700italic|Roboto+Slab:400,700

Requested by

Host: onlysfree.com
URL: https://onlysfree.com/assets/css/main.css?v2022-06-10-20:41:01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3e579a1ccb2bc652b61564d863c63b838b2b3f53d53f296d6f48bde196d27e27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onlysfree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 10 Jun 2022 20:41:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 10 Jun 2022 20:41:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Jun 2022 20:41:01 GMT

GET
H2 206 ts4qi.mp4
z.zz.ht/ 77 KB
77 KB 1153ms
1152ms Media
video/mp4 2606:4700:3038::6815:ea38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://z.zz.ht/ts4qi.mp4

Requested by

Host: onlysfree.com
URL: https://onlysfree.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:ea38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d242161a7304184a3321780468bbd09c5983a48bc6eda254ab9ca11d5ca37c3

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onlysfree.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Range: bytes=13533184-

Response headers

date: Fri, 10 Jun 2022 20:41:02 GMT
x-content-type-options: nosniff
cf-cache-status: STALE
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 16F274A7C4D7A4AD
Content-Range: bytes 13533184-13612098/13612099
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 78915
x-xss-protection: 1; mode=block
x-amz-bucket-region: no-south-1
last-modified: Tue, 21 Sep 2021 01:12:23 GMT
server: cloudflare
etag: "91049dc1a48fe05fc3f177b993128302"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QkbmNNMAHw1kU6cYwPlks0XIOjnMIZ2g%2FEVd9l1kqAbZ%2F36RknRwu1RyEgHl75YO17vemdOzaEQcudUuBTvU4y5TReWWuHTOqis1yNPvy68DyHPA024ddTOLn87%2FSdBZgfeOwfMF"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
vary: Origin, Accept-Encoding
cache-control: public, max-age=14400
content-security-policy: block-all-mixed-content
cf-ray: 7194ece99bd89963-FRA
x-amz-meta-mtime: 1620600462.311151472

GET
H2 200 BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v23/ 32 KB
33 KB 121ms
37ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v23/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,400italic,600,700italic|Roboto+Slab:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c2dd34c8a8d2ed4b4e91eed55c2404518bb4a5ff02ae68e7a08f4e14ddb3e46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://onlysfree.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 22:19:20 GMT
x-content-type-options: nosniff
age: 253301
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32876
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:18:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Jun 2023 22:19:20 GMT

GET
H3-Q050 200 fa-brands-400.woff2
onlysfree.com/assets/webfonts/ 73 KB
73 KB 191ms
94ms Font
font/woff2 147.135.84.19
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://onlysfree.com/assets/webfonts/fa-brands-400.woff2
Requested by: Host: onlysfree.com
URL: https://onlysfree.com/assets/css/fontawesome-all.min.css
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 147.135.84.19 , United States, ASN16276 (OVH, FR),
Reverse DNS: server37.imagina.com.co
Software: LiteSpeed /
Resource Hash: 1f49b8706547682e2c5ed6642a2f2dcbd287da458314b967c60d774aa7edb473

Request headers

Referer: https://onlysfree.com/assets/css/fontawesome-all.min.css
Origin: https://onlysfree.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 10 Jun 2022 20:41:01 GMT
last-modified: Mon, 10 Jan 2022 14:34:18 GMT
server: LiteSpeed
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 74508
expires: Fri, 17 Jun 2022 20:41:01 GMT

GET
H3-Q050 200 fa-solid-900.woff2
onlysfree.com/assets/webfonts/ 74 KB
74 KB 190ms
94ms Font
font/woff2 147.135.84.19
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://onlysfree.com/assets/webfonts/fa-solid-900.woff2
Requested by: Host: onlysfree.com
URL: https://onlysfree.com/assets/css/fontawesome-all.min.css
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 147.135.84.19 , United States, ASN16276 (OVH, FR),
Reverse DNS: server37.imagina.com.co
Software: LiteSpeed /
Resource Hash: cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0

Request headers

Referer: https://onlysfree.com/assets/css/fontawesome-all.min.css
Origin: https://onlysfree.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 10 Jun 2022 20:41:01 GMT
last-modified: Mon, 10 Jan 2022 14:34:18 GMT
server: LiteSpeed
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 75440
expires: Fri, 17 Jun 2022 20:41:01 GMT

GET ts4qi.mp4
z.zz.ht/ 0
0

GET
H3 206 ts4qi.mp4
z.zz.ht/ 13 KB
14 KB 48ms
47ms Media
video/mp4 2606:4700:3038::6815:ea38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://z.zz.ht/ts4qi.mp4

Requested by

Host: onlysfree.com
URL: https://onlysfree.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:ea38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87859479c5dae8437c4f758649af3737cc5ba82e65a87a89f8d9e6b8806b32dc

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onlysfree.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Range: bytes=13598720-

Response headers

date: Fri, 10 Jun 2022 20:41:02 GMT
x-content-type-options: nosniff
cf-cache-status: STALE
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 16F274A7C4D7A4AD
Content-Range: bytes 13598720-13612098/13612099
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 13379
x-xss-protection: 1; mode=block
x-amz-bucket-region: no-south-1
last-modified: Tue, 21 Sep 2021 01:12:23 GMT
server: cloudflare
etag: "91049dc1a48fe05fc3f177b993128302"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M3BYUHkRlakaVown1QSy73vDxlyu%2Fc%2BFYKdecDUYa%2BJXhuqDfDP7eSpC1hfcyjZCWmJeqLpSOobj3llEpUuRfaOyFqww0iSvVFjmditgfZqUmbBXQ%2Bdd0g2Jsu6YMPzutpx1nA1f"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
vary: Origin, Accept-Encoding
cache-control: public, max-age=14400
content-security-policy: block-all-mixed-content
cf-ray: 7194ecf0d9e05c9e-FRA
x-amz-meta-mtime: 1620600462.311151472

GET
H3 206 ts4qi.mp4
z.zz.ht/ 4 MB
0 45ms
45ms Media
video/mp4 2606:4700:3038::6815:ea38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://z.zz.ht/ts4qi.mp4

Requested by

Host: onlysfree.com
URL: https://onlysfree.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:ea38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onlysfree.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Range: bytes=32768-

Response headers

date: Fri, 10 Jun 2022 20:41:02 GMT
x-content-type-options: nosniff
cf-cache-status: STALE
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 16F274A7C4D7A4AD
Content-Range: bytes 32768-13612098/13612099
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 13579331
x-xss-protection: 1; mode=block
x-amz-bucket-region: no-south-1
last-modified: Tue, 21 Sep 2021 01:12:23 GMT
server: cloudflare
etag: "91049dc1a48fe05fc3f177b993128302"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DSszXXzT%2FgtCzFckHndO8hfw1jfNlOgzEncauGnjNXXMNhj633wL8MQgcIpCnvbUV0tEHtYJ5y%2Bpliv0tsslocRNa9h5yN5tkVyuWafvaVgp7UnOPxH7szoqFUOeq%2Bqg9DIBBfmb"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
vary: Origin, Accept-Encoding
cache-control: public, max-age=14400
content-security-policy: block-all-mixed-content
cf-ray: 7194ecf17ae35c9e-FRA
x-amz-meta-mtime: 1620600462.311151472

GET
H2 206 InShot_20211021_155706651-JLD4B3aC.mp4
fs-01.cyberdrop.to/ 36 KB
37 KB 174ms
172ms Media
video/mp4 91.149.224.12
IPVOLUME

General

Check archive.org

Show headers Download Go to

Full URL

https://fs-01.cyberdrop.to/InShot_20211021_155706651-JLD4B3aC.mp4

Requested by

Host: onlysfree.com
URL: https://onlysfree.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.149.224.12 , Norway, ASN58110 (IPVOLUME, CH),

Reverse DNS

static.91.149.224.12.sibyl.li

Software

nginx /

Resource Hash

c16b27b28427bc1deea88cf0fe094c42a7df36e016c8a6b24800d339042c89ef

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; media-src 'self';
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onlysfree.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Range: bytes=2555904-

Response headers

date: Fri, 10 Jun 2022 20:41:03 GMT
last-modified: Thu, 21 Oct 2021 22:26:12 GMT
server: nginx
etag: "6171e904-27910f"
x-frame-options: SAMEORIGIN
content-type: video/mp4
Content-Range: bytes 2555904-2593038/2593039
cache-control: max-age=31536000, public, no-transform
x-nexus: fs-24-1
content-security-policy: default-src 'none'; img-src 'self'; media-src 'self';
Content-Length: 37135
x-xss-protection: 1; mode=block
expires: Sat, 10 Jun 2023 20:41:03 GMT

GET
H2 206 InShot_20211021_155706651-JLD4B3aC.mp4
fs-01.cyberdrop.to/ 225 KB
0 174ms
174ms Media
video/mp4 91.149.224.12
IPVOLUME

General

Check archive.org

Show headers Download Go to

Full URL

https://fs-01.cyberdrop.to/InShot_20211021_155706651-JLD4B3aC.mp4

Requested by

Host: onlysfree.com
URL: https://onlysfree.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.149.224.12 , Norway, ASN58110 (IPVOLUME, CH),

Reverse DNS

static.91.149.224.12.sibyl.li

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; media-src 'self';
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onlysfree.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Range: bytes=32768-

Response headers

date: Fri, 10 Jun 2022 20:41:04 GMT
last-modified: Thu, 21 Oct 2021 22:26:12 GMT
server: nginx
etag: "6171e904-27910f"
x-frame-options: SAMEORIGIN
content-type: video/mp4
Content-Range: bytes 32768-2593038/2593039
cache-control: max-age=31536000, public, no-transform
x-nexus: fs-24-1
content-security-policy: default-src 'none'; img-src 'self'; media-src 'self';
Content-Length: 2560271
x-xss-protection: 1; mode=block
expires: Sat, 10 Jun 2023 20:41:04 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: z.zz.ht
URL: https://z.zz.ht/ts4qi.mp4

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.onlysfree.com/	1970-01-20 04:24:45	Name: wschkid Value: 110a3e8eaddaafe021c3eca306caade7ee7d82f3.1654980060.1
onlysfree.com/	1970-01-20 03:41:40	Name: XSRF-TOKEN Value: eyJpdiI6IjN6OGR4YldtZnFoRGZtMFo4ZVJOZXc9PSIsInZhbHVlIjoiNVBRYUtLOWo2OWVPZnlsNWFabU9YVlFSTDA1NGVHYVd4UUtWQS8wWU5XYnZJRjBHd01oV1UrNndNc0RpNGgvQjNqdTN0MGFHMUhwN1dtN2ZzWitJTmZYa1hxTHIyZjh4Q0Y1MnUvL05DMjIxTDV3S1JuNTNYamRTT1RpK3dqVk8iLCJtYWMiOiIzMmY1ZDA4NzY1ZmRmYzE4OWJjOThlOGY5YjNiYzQwMDFmYzRmOWQ3MmJmZTc0YjZlMWQ0Y2ZjNzhjNzM1NjIwIn0%3D
onlysfree.com/	1970-01-20 03:41:40	Name: onlysfreecom_session Value: eyJpdiI6IjhqR1V4TjJzZ0NBTldRUUJZRTlGOWc9PSIsInZhbHVlIjoiQUxrbFlzaTBKYThkbkJUWHpNazZEUC85WU1RM01sN0YzYytVOEJPbHJ6M2tsUXA1VExmdEQxZXhqSkhKUVNlckdrT1pUeSs5aU5Way80UVZVaDdWY0czSUdPNSt3WStGOFYrZklQSzNHS3l6SjJGSFdUejFlMUU5K2lLRGRKcGciLCJtYWMiOiI0M2U1NDdkZTYxMzQzY2ZmYThlYTdiNDRiMGUxZmE1ZjNkZDgwZWNhOWY1NGFlZTYwYTdiMjRkZjBlOWI1YWE4In0%3D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://thumbs2.redgifs.com/AbsolutePotableAltiplanochinchillamouse-small.gif Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
fs-01.cyberdrop.to
img-01.cyberdrop.to
onlysfree.com
thumbs2.redgifs.com
z.zz.fo
z.zz.ht
z.zz.ht
147.135.84.19
2606:4700:3038::6815:ea38
2606:4700:4400::6812:28db
2606:4700::6810:5514
2a00:1450:4001:810::200a
2a00:1450:4001:82a::2003
2a06:98c1:3121::3
45.88.202.101
91.149.224.12
0267260045096457f26914277f49eef5da5ec54ac6aee8579be4810332e518b6
03877c2aa693f4066c2d403e832e6000e0d7df6a0ea9d527d3392b4ebff17895
0448a17ad53bb6453256021dbbc5745becfa2eacdbd29efe78bacb4ae520d1a6
110f8527ebb496f11b4174da982240969c49adb4b0dd9eae08a7c49acde1a334
1f49b8706547682e2c5ed6642a2f2dcbd287da458314b967c60d774aa7edb473
201dc7cf656e2ecbb3ed17caa88e5bca25a41abe5a25f46672a4c2348ef676a2
20e9aab22032d85684d7d916a1013f7c577a132a5b10ea3fd3578e8d0b28a711
2c2dd34c8a8d2ed4b4e91eed55c2404518bb4a5ff02ae68e7a08f4e14ddb3e46
2d242161a7304184a3321780468bbd09c5983a48bc6eda254ab9ca11d5ca37c3
3e579a1ccb2bc652b61564d863c63b838b2b3f53d53f296d6f48bde196d27e27
4dd9020c23828902c2491cfa2582461487944aee21ed519ac31e65dc2b967a1b
5961da7b93c907f7a9604f2eda995b23a6530ce2ecd95737c76b1c851ac48fe8
63572a849a602527e0deeca58b30c53e3d43f07be21b4ba24b30832062da875c
6986954512ea7fc9ea45934177dfc8aca9ed69dd08976114b0eb39a3e58d201d
747b1234151a8f30a171376ef3c64bd2e496884a2ae102fb1f329181f994073e
7ac8061110140f3f51ed05e9d910504d6365db7773ebda21f475d9f27bf004ec
87859479c5dae8437c4f758649af3737cc5ba82e65a87a89f8d9e6b8806b32dc
886a0d1005f4d663e11473c81ea20b2b9d618372313df55223d2c571dffc5698
8ad459066a0a2a421b347b964c1cd3b58fe4c4665538c5292888f4dd171247bf
999d9f6acf344181e6f3114587d6ae25757ca225e97c308c8e9b8d826d4f676c
9bd94accd8c739e0d9d31a73b91f2dea77b4e549c4d2a65e433385b423f3423a
9febb552f0ae38b53272ff0fbd15a8001918bdc635bafbe14e76e07d7bf94422
ad52d960a701ac9a83810eb2ae02da4e150b9a9cff3cd4170ea20baff2db6300
af24d3e3dcfdeb98050bdfde8eb64db370e3540e3f28543e8afba1e0b5d0ab79
b3cb2c3999a1856c68c17e2256448c1ba28e305cc45d06dfa97e0e1675cf134e
b5424d77c6e517893b9adc5a6cf11428e58461ad9768ad056d918ff1d295c5f6
bcac4cd85d9d3921824ce584d71726128a889bfc4cb8ce14f4bd7fa53828ca2c
c16b27b28427bc1deea88cf0fe094c42a7df36e016c8a6b24800d339042c89ef
c3937df2f85d56068eeafb080d2445a3c9a25e3a30c7881904bea8de118071fa
cc9e8cc05e3e311d68c5b09d4534cdb791e24299ae1c06fdf9c2c4f3e8ad91b1
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
e553c6ae0d5e8d70d36c9dc5b0e4afc77f0067b0312a26f7398d9ad14108a258
f206b0b96ba307d7bec030738bd12ded2c2d8bd4b5dc81f1a805f9f6729da19d
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

onlysfree.com Open in urlscan Pro 147.135.84.19 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

38 Requests

92 %HTTPS

67 %IPv6

8 Domains

9 Subdomains

10 IPs

3 Countries

4335 kBTransfer

8876 kBSize

3 Cookies

5 Outgoing links

Page URL History

Redirected requests

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

onlysfree.com Open in urlscan Pro
147.135.84.19 Public Scan

Screenshot
Live screenshot

Full Image

38
Requests

92 %
HTTPS

67 %
IPv6

8
Domains

9
Subdomains

10
IPs

3
Countries

4335 kB
Transfer

8876 kB
Size

3
Cookies

38 HTTP transactions
1 data transactions