freeethereum.com Open in urlscan Pro
2606:4700:3032::ac43:d3e1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://freeethereum.com/
Effective URL:
https://freeethereum.com/
Submission: On August 05 via manual (August 5th 2020, 2:01:46 am UTC) from PH

Summary HTTP 62 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 17 IPs in 6 countries across 23 domains to perform 62 HTTP transactions. The main IP is 2606:4700:3032::ac43:d3e1, located in United States and belongs to CLOUDFLARENET, US. The main domain is freeethereum.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 31st 2020. Valid for: a year.

This is the only time freeethereum.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 5	2606:4700:303... 2606:4700:3032::ac43:d3e1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
17	104.19.135.78 104.19.135.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:20:... 2606:4700:20::ac43:4a9e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.12.193 151.101.12.193	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	109.206.162.83 109.206.162.83	50245 (SERVEREL-AS) (SERVEREL-AS)
1	151.101.113.44 151.101.113.44	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:818::2003	15169 (GOOGLE) (GOOGLE)
2	148.251.13.139 148.251.13.139	24940 (HETZNER-AS) (HETZNER-AS)
1 2	104.111.230.142 104.111.230.142	16625 (AKAMAI-AS) (AKAMAI-AS)
5 5	18.194.69.213 18.194.69.213	16509 (AMAZON-02) (AMAZON-02)
1 2	18.195.171.24 18.195.171.24	16509 (AMAZON-02) (AMAZON-02)
2 2	99.80.249.40 99.80.249.40	16509 (AMAZON-02) (AMAZON-02)
1	104.16.199.73 104.16.199.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.105.245.4 23.105.245.4	7979 (SERVERS-COM) (SERVERS-COM)
2 2	136.243.56.16 136.243.56.16	24940 (HETZNER-AS) (HETZNER-AS)
2 2	216.58.210.2 216.58.210.2	15169 (GOOGLE) (GOOGLE)
2 2	35.212.212.222 35.212.212.222	19527 (GOOGLE-2) (GOOGLE-2)
2 2	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	2a00:1450:400... 2a00:1450:4001:817::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:817::2004	15169 (GOOGLE) (GOOGLE)
62	17

5 2606:4700:3032::ac43:d3e1 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

freeethereum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 104.19.135.78 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::ac43:4a9e (United States)

ASN13335 (CLOUDFLARENET, US)

ad.bitmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.206.162.83 (Netherlands)

ASN50245 (SERVEREL-AS, NL)
PTR: 83.162.serverel.net

pkhhyool.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.113.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 148.251.13.139 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.139.13.251.148.clients.your-server.de

ad.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.230.142 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.194.69.213 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-69-213.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.171.24 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-171-24.eu-central-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.80.249.40 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.199.73 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.105.245.4 (Russian Federation)

ASN7979 (SERVERS-COM, US)

cm.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 136.243.56.16 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.210.2 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.212.212.222 (Mountain View, United States) 2 redirects

ASN19527 (GOOGLE-2, US)
PTR: 222.212.212.35.bc.googleusercontent.com

rtb-usw.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.30 (Poland) 2 redirects

ASN204995 (RTB-HOUSE-AMS, NL)
PTR: ip-185-184-8-30.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	mgid.com jsc.mgid.com servicer.mgid.com cm.mgid.com cdn.mgid.com s-img.mgid.com c.mgid.com	206 KB
6	bitmedia.io ad.bitmedia.io	18 KB
5	bidswitch.net 5 redirects x.bidswitch.net	2 KB
5	freeethereum.com 1 redirects freeethereum.com	50 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	161 KB
3	googleapis.com fonts.googleapis.com	2 KB
2	creativecdn.com 2 redirects creativecdn.com ams.creativecdn.com	691 B
2	mfadsrvr.com 2 redirects rtb-usw.mfadsrvr.com	822 B
2	doubleclick.net 2 redirects cm.g.doubleclick.net	1 KB
2	adhigh.net 2 redirects px.adhigh.net	945 B
2	adsrvr.org 2 redirects match.adsrvr.org	902 B
2	360yield.com 1 redirects ad.360yield.com	842 B
2	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com	279 B
2	a-ads.com ad.a-ads.com
1	google.com www.google.com
1	lentainform.com cm.lentainform.com	328 B
1	idealmedia.io cm.idealmedia.io	555 B
1	taboola.com cdn.taboola.com	210 B
1	pkhhyool.com pkhhyool.com	9 KB
1	recaptcha.net www.recaptcha.net	904 B
1	imgur.com i.imgur.com	102 KB
0	mixmarket.biz Failed udata.mixmarket.biz Failed
0	cryptoimgs.com Failed www.cryptoimgs.com Failed
62	23

	Domain	Requested by
7	cm.mgid.com	jsc.mgid.com freeethereum.com
6	s-img.mgid.com	freeethereum.com
6	ad.bitmedia.io	freeethereum.com ad.bitmedia.io
5	x.bidswitch.net	5 redirects
5	freeethereum.com	1 redirects freeethereum.com
3	fonts.gstatic.com	freeethereum.com jsc.mgid.com
3	fonts.googleapis.com	freeethereum.com jsc.mgid.com
2	rtb-usw.mfadsrvr.com	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	px.adhigh.net	2 redirects
2	match.adsrvr.org	2 redirects
2	ad.360yield.com	1 redirects freeethereum.com
2	ad.a-ads.com	freeethereum.com
1	www.google.com	www.gstatic.com
1	www.gstatic.com	www.recaptcha.net
1	c.mgid.com	freeethereum.com
1	ams.creativecdn.com	1 redirects
1	creativecdn.com	1 redirects
1	cm.lentainform.com	freeethereum.com
1	cm.idealmedia.io	freeethereum.com
1	eus.rubiconproject.com	cm.mgid.com
1	secure-assets.rubiconproject.com	1 redirects
1	cdn.mgid.com	freeethereum.com
1	servicer.mgid.com	jsc.mgid.com
1	cdn.taboola.com	freeethereum.com
1	pkhhyool.com	freeethereum.com
1	www.recaptcha.net	freeethereum.com
1	i.imgur.com	freeethereum.com
1	jsc.mgid.com	freeethereum.com
0	udata.mixmarket.biz Failed	freeethereum.com
0	www.cryptoimgs.com Failed	freeethereum.com
62	31

This site contains links to these domains. Also see Links.

Domain
twitter.com
widgets.mgid.com
www.mgid.com
freenem.com
freecardano.com
coinfaucet.io
freebitcoin.io
freesteam.io
freetether.com
freeusdcoin.com
freebinancecoin.com
free-tron.com
roobet.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-31` - `2021-07-31`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.imgur.com DigiCert SHA2 Secure Server CA	`2020-01-15` - `2022-03-16`	2 years	crt.sh
misc.google.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
pkhhyool.com Let's Encrypt Authority X3	`2020-07-09` - `2020-10-07`	3 months	crt.sh
*.taboola.com DigiCert SHA2 Secure Server CA	`2020-06-01` - `2020-09-10`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.a-ads.com COMODO RSA Domain Validation Secure Server CA	`2018-11-14` - `2020-12-09`	2 years	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-02-13` - `2021-02-17`	2 years	crt.sh
*.360yield.com Amazon	`2019-09-24` - `2020-10-24`	a year	crt.sh
*.lentainform.com Go Daddy Secure Certificate Authority - G2	`2020-01-09` - `2021-01-20`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://freeethereum.com/
Frame ID: 1F9D0AB96D2B9F1D8F98A9DD0C976D7F
Requests: 56 HTTP requests in this frame

Frame: https://ad.a-ads.com/1440813?size=300x250
Frame ID: 7C23E86934C6B608A8D003BA18A28336
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/1440814?size=200x200
Frame ID: 7B664DF78D7B7CE274D2FDFB318C1E8F
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1596592871656456248766
Frame ID: 25AA1C3954F3C5DEE60FB115CC489CAC
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: BA557C60192D07D4A7EC0B78AD21007B
Requests: 1 HTTP requests in this frame

Frame: https://ad.bitmedia.io/p/5f216f6af3b4ec3d84c4905a/?source=https%3A%2F%2Ffreeethereum.com%2F&ref=&ent=46&we=1&fid=84cca29cb8d4dcd7423f0b34e5d40c59&fidnoua=49ae339d064561a0fa1bbc6bad7f8327&impid=97e4484bee783aa29b4aec7f820b7210&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&sig=0x00000&blocksubid=0
Frame ID: D8E37CE45BC2209D27B21C7E29820455
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdNCbUUAAAAACehnS4dFR4JeqUuXakMcTnUIeBB&co=aHR0cHM6Ly9mcmVlZXRoZXJldW0uY29tOjQ0Mw..&hl=en&v=IU7gZ7o6RDdDE6U4Y1YJJWnN&size=invisible&cb=lezqk4s7b999
Frame ID: 93332846034D5CB247264BEA13E77C5E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://freeethereum.com/ HTTP 301
https://freeethereum.com/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

html /<div[^>]+class="g-recaptcha"/i

Page Statistics

62
Requests

73 %
HTTPS

32 %
IPv6

23
Domains

31
Subdomains

17
IPs

6
Countries

549 kB
Transfer

1277 kB
Size

0
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/cryptosfaucets

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=freeethereum.com&utm_medium=referral&utm_campaign=widgets&utm_content=969823

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3805583/i/129774/0/pp/1/1?h=DJIRa0TWmvVTP1PDgM0zwVmTLeJT29s0EBV-v7tiRI9OtkQ4lPBTi0ZRNWeGApPK&rid=885df946-d6bf-11ea-8930-d094662c24f7&tt=Direct&cpm=1&gbpp=1&iv=11

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/5097651/i/129774/0/pp/2/1?h=DJIRa0TWmvVTP1PDgM0zwTClygLDuFgK1YRU0VRPEB_IRUZ00O-vnvvU_r5D23pX&rid=885df946-d6bf-11ea-8930-d094662c24f7&tt=Direct&cpm=1&gbpp=1&iv=11

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3859219/i/129774/0/pp/3/1?h=DJIRa0TWmvVTP1PDgM0zwSf3-kGAfM0Aimmo5G8iWaMx4DlEPISC0QGquDd1Tv-W&rid=885df946-d6bf-11ea-8930-d094662c24f7&tt=Direct&cpm=1&gbpp=1&iv=11

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/6288110/i/129774/0/pp/4/1?h=DJIRa0TWmvVTP1PDgM0zwSAcXPVLr_EmH1RpnN5vU8TZXMDdjb3LPkZsW34nl-M6&rid=885df946-d6bf-11ea-8930-d094662c24f7&tt=Direct&cpm=1&gbpp=1&iv=11

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3805472/i/129774/0/pp/5/1?h=DJIRa0TWmvVTP1PDgM0zwaMlevSzXdghLmUgDPxUNLeOahWJqYpeXnBVEcT2dBep&rid=885df946-d6bf-11ea-8930-d094662c24f7&tt=Direct&cpm=1&gbpp=1&iv=11

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3805664/i/129774/0/pp/6/1?h=DJIRa0TWmvVTP1PDgM0zwVrQ5HBS4pHoFTALzNGeLwCRkQmYwKwiwzHP4pZSrFiZ&rid=885df946-d6bf-11ea-8930-d094662c24f7&tt=Direct&cpm=1&gbpp=1&iv=11

Search URL Search Domain Scan URL

URL: https://freenem.com/

Search URL Search Domain Scan URL

URL: https://freecardano.com/

Search URL Search Domain Scan URL

URL: https://coinfaucet.io/

Search URL Search Domain Scan URL

URL: https://freebitcoin.io/

Search URL Search Domain Scan URL

URL: https://freesteam.io/

Search URL Search Domain Scan URL

URL: https://freetether.com/

Search URL Search Domain Scan URL

URL: https://freeusdcoin.com/

Search URL Search Domain Scan URL

URL: https://freebinancecoin.com/

Search URL Search Domain Scan URL

URL: https://free-tron.com/

Search URL Search Domain Scan URL

URL: https://roobet.com/?ref=freeethereum

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://freeethereum.com/ HTTP 301
https://freeethereum.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 302
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

Request Chain 46

https://x.bidswitch.net/sync?dsp_id=303&user_id=k74aykXPtb1j HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=k74aykXPtb1j HTTP 302
https://ad.360yield.com/match?publisher_dsp_id=191&external_user_id=2a37a876-035b-48f9-97fc-d43c96d610ff HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=191&external_user_id=2a37a876-035b-48f9-97fc-d43c96d610ff

Request Chain 47

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=a359ba04-6492-454b-bca1-ce32d2c3153c&ttl=1599184871

Request Chain 50

https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
https://px.adhigh.net/p/cm/bsw?bidswitch_ssp_id=mgid HTTP 302
https://px.adhigh.net/p/cm/bsw?bidswitch_ssp_id=mgid&bounced=1 HTTP 302
https://x.bidswitch.net/sync?dsp_id=9&user_id=uey7OOYnTJCn.AikABlFzvFhcCg&expires=30&ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=2a37a876-035b-48f9-97fc-d43c96d610ff

Request Chain 51

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azc0YXlrWFB0YjFq&muidn=k74aykXPtb1j HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azc0YXlrWFB0YjFq&muidn=k74aykXPtb1j&google_tc= HTTP 302
https://cm.mgid.com/google?muidn=k74aykXPtb1j&google_ula={guid},5&google_gid=CAESEJPzQjPpvUtxxgCPoqAyC_s&google_cver=1

Request Chain 52

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=287839&c=cfc4fed1-7de4-4bf5-a250-cff1152fd6f7

Request Chain 53

https://creativecdn.com/cm-notify?pi=mgid HTTP 302
https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=9W4Htd5to0dNyLjXXFfh&pi=mgid&tc=1

62 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
freeethereum.com/
Redirect Chain

http://freeethereum.com/
https://freeethereum.com/

31 KB
7 KB

505ms
470ms

Document
text/html

2606:4700:3032::ac43:d3e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freeethereum.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d3e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b75e93bbbc583b1f6852d60391bc69d82c2637940af8adc47a519fd8897d1584

Request headers

:method: GET
:authority: freeethereum.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Wed, 05 Aug 2020 02:01:09 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d4cc09894248121528c46a996fb55bef41596592869; expires=Fri, 04-Sep-20 02:01:09 GMT; path=/; domain=.freeethereum.com; HttpOnly; SameSite=Lax; Secure XSRF-TOKEN=eyJpdiI6IkpuTW1EZVJvNkRaUmtpZHpTclwvdVRBPT0iLCJ2YWx1ZSI6IkhBTkFYeUR2Rng1bjEzdmx3YUQyRVRkV01pWWtJdSsxZEtKcjBFRVR6c3dOTkdLVU1oQVwvemlZUE5zWW41UnJKIiwibWFjIjoiMGY3OTZhMTQ3M2ExZWM5ZjBmODhmYjNiNjIyZjViNmJiNGI1ZmNjMTVkN2JkOWNmYjVlNmZjYjkwNzBjZGFkNiJ9; expires=Thu, 06-Aug-2020 02:01:09 GMT; Max-Age=86400; path=/ coinmaster_session=eyJpdiI6InY5T1RiXC9IRkJWRnF5a1NpMHo2enp3PT0iLCJ2YWx1ZSI6IldmREFKaXVUUXBJVFRPVXRya0FrZVFjN3FBbjJtUjQ3RzBFUnhUUVwvVThhbm5KeVRua3JsXC9lMTBhQ1wvbDFtMUwiLCJtYWMiOiJiNDA0NTRjZWY4MGVjNzk1YzExZDRkOGFhMDhiMzQ4Y2E4OTBiYjgzNDJjMDA1N2YxYTIzZDUxYjdmMTRlY2ViIn0%3D; expires=Thu, 06-Aug-2020 02:01:09 GMT; Max-Age=86400; path=/; httponly
cache-control: no-cache, private max-age=2592000
expires: Fri, 04 Sep 2020 02:01:09 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-request-id: 045df2e89c00009bcd93b6e200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5bdcedba99889bcd-AMS
content-encoding: br

Redirect headers

Date: Wed, 05 Aug 2020 02:01:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 05 Aug 2020 03:01:09 GMT
Location: https://freeethereum.com/
cf-request-id: 045df2e86700000c652539b200000001
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 5bdcedba38d80c65-AMS

GET
H2 200 css
fonts.googleapis.com/ 2 KB
672 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: freeethereum.com
URL: https://freeethereum.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a8252492db56de6a43a1e52010746aa4b09c216f522dfaa82a62169a811e3405

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://freeethereum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 05 Aug 2020 02:01:10 GMT
server: ESF
date: Wed, 05 Aug 2020 02:01:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 05 Aug 2020 02:01:10 GMT

GET
H2 200 app.css
freeethereum.com/css/ 223 KB
38 KB 28ms
26ms Stylesheet
text/css 2606:4700:3032::ac43:d3e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freeethereum.com/css/app.css?id=275eb76260b1e10e1d9b
Requested by: Host: freeethereum.com
URL: https://freeethereum.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d3e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8afcbbb162052120275d230259ff330a75fc8c0bbe09070ed2ed021b433ec0ce

Request headers

Referer: https://freeethereum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 05 Aug 2020 02:01:10 GMT
content-encoding: br
cf-cache-status: HIT
age: 365726
cf-polished: origSize=227966
status: 200
cf-request-id: 045df2ea7d00009bcd93b79200000001
last-modified: Fri, 31 Jul 2020 18:31:11 GMT
server: cloudflare
etag: W/"37a7e-5abc0fe3ecb79-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
expires: Sun, 30 Aug 2020 20:25:44 GMT
cache-control: max-age=2592000
cf-ray: 5bdcedbd9ad79bcd-AMS
cf-bgj: minify

GET
H2 200 iconfont.css
freeethereum.com/css/ 11 KB
2 KB 37ms
36ms Stylesheet
text/css 2606:4700:3032::ac43:d3e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freeethereum.com/css/iconfont.css?id=22846a0fc040d265e3cc
Requested by: Host: freeethereum.com
URL: https://freeethereum.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d3e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88edeb0da79da2ee0a1c7a42eaa5ea314965319d967c439b3e9c4eda2b1c010b

Request headers

Referer: https://freeethereum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 05 Aug 2020 02:01:10 GMT
content-encoding: br
cf-cache-status: HIT
age: 365699
cf-polished: origSize=14361
status: 200
cf-request-id: 045df2ea7d00009bcd93b7a200000001
last-modified: Fri, 31 Jul 2020 18:31:11 GMT
server: cloudflare
etag: W/"3819-5abc0fe4003f9-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
expires: Sun, 30 Aug 2020 20:26:11 GMT
cache-control: max-age=2592000
cf-ray: 5bdcedbd9ad89bcd-AMS
cf-bgj: minify

GET
H2 200 freeethereum.css
freeethereum.com/css/ 7 KB
2 KB 56ms
55ms Stylesheet
text/css 2606:4700:3032::ac43:d3e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freeethereum.com/css/freeethereum.css?v=1.4
Requested by: Host: freeethereum.com
URL: https://freeethereum.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d3e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d0187880dfc6f9a491684bf8f988e8d7e3904dc6ee6272c1e10836dceeb5441

Request headers

Referer: https://freeethereum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 05 Aug 2020 02:01:10 GMT
content-encoding: br
cf-cache-status: HIT
age: 365699
cf-polished: origSize=9226
status: 200
cf-request-id: 045df2ea7d00009bcd93b7b200000001
last-modified: Thu, 30 Jul 2020 18:54:44 GMT
server: cloudflare
etag: W/"240a-5abad34a2a205-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
expires: Sun, 30 Aug 2020 20:26:11 GMT
cache-control: max-age=2592000
cf-ray: 5bdcedbd9ad99bcd-AMS
cf-bgj: minify

GET logo-main.png
www.cryptoimgs.com/img/freeethereum/ 0
0

GET
H2 200 freeethereum.com.969823.js Show response
jsc.mgid.com/f/r/ 293 KB
80 KB 75ms
40ms Script
text/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/f/r/freeethereum.com.969823.js
Requested by: Host: freeethereum.com
URL: https://freeethereum.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73cf9bd74a1fc7f95aeb49dc1544633b823d91f018f5fa182fbf7cc0a3499d51

Request headers

Referer: https://freeethereum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 05 Aug 2020 02:01:10 GMT
content-encoding: br
cf-cache-status: HIT
age: 1406
cf-polished: origSize=300072
status: 200
last-modified: Tue, 04 Aug 2020 13:31:42 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 4E80EE6DF0F7A3CB
x-amz-id-2: 2v3hPgqZ9B+dZOmYGLeQurNBSypys+4/1tBxCv8NOkk5LPbO3aEJDVh126oNaPnEjMk2baBysgQ=
cf-bgj: minify
server: cloudflare
etag: W/"a8dd91e7b393156db9248bcfa52b1f8c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cf-request-id: 045df2eadc00009cb1d1b01200000001
cf-ray: 5bdcedbe2b679cb1-AMS
expires: Wed, 05 Aug 2020 03:01:10 GMT

GET home-bottom-banner.jpg
www.cryptoimgs.com/img/freeethereum/ 0
0

GET partner-logo.png
www.cryptoimgs.com/img/freenem/ 0
0

GET partner-logo.png
www.cryptoimgs.com/img/freecardano/ 0
0

GET partner-logo.png
www.cryptoimgs.com/img/coinfaucet/ 0
0

GET partner-logo.png
www.cryptoimgs.com/img/freebitcoin/ 0
0

GET partner-logo.png
www.cryptoimgs.com/img/freesteam/ 0
0

GET partner-logo.png
www.cryptoimgs.com/img/freetether/ 0
0

GET partner-logo.png
www.cryptoimgs.com/img/freeusdcoin/ 0
0

GET partner-logo.png
www.cryptoimgs.com/img/freebinancecoin/ 0
0

GET partner-logo.png
www.cryptoimgs.com/img/freetron/ 0
0

GET
H2 200 5f216f6af3b4ec3d84c4905a Show response
ad.bitmedia.io/js/adbybm.js/ 70 KB
17 KB 134ms
101ms Script
application/javascript 2606:4700:20::ac43:4a9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.bitmedia.io/js/adbybm.js/5f216f6af3b4ec3d84c4905a

Requested by

Host: freeethereum.com
URL: https://freeethereum.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a9e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ddb8e1ae52bfc17a11c345ab2b1c51fcb7ab9fcb28a9fd7f8eab9dad9a2a42f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Referer: https://freeethereum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 05 Aug 2020 02:01:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
status: 200
cf-request-id: 045df2ead900009c152280d200000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800, public
cf-ray: 5bdcedbe2e659c15-AMS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Wed, 05 Aug 2020 02:31:10 GMT

GET
H2 200 wlHPayV.jpg
i.imgur.com/ 101 KB
102 KB 69ms
22ms Image
image/jpeg 151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/wlHPayV.jpg

Requested by

Host: freeethereum.com
URL: https://freeethereum.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

ae52ae228197923eb20efed582cbd3383d6df4a6767187f757cac2dd18aecd1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://freeethereum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 05 Aug 2020 02:01:10 GMT
x-content-type-options: nosniff
age: 5528500
x-cache: HIT, HIT
status: 200
content-length: 103886
x-served-by: cache-bwi5120-BWI, cache-fra19130-FRA
last-modified: Tue, 02 Jun 2020 02:19:30 GMT
server: cat factory 1.0
x-timer: S1596592870.123946,VS0,VE1
etag: "2d7842970aa8980ced80374465e795fa"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 3, 1

GET app.js
www.cryptoimgs.com/js/ 0
0

GET
H2 200 api.js Show response
www.recaptcha.net/recaptcha/ 731 B
904 B 98ms
51ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api.js?render=explicit&onload=onScriptLoad

Requested by

Host: freeethereum.com
URL: https://freeethereum.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8ab45cbbae433c652f495d697ea596e94e5972e500f2d757a25b570c825a591c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://freeethereum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 05 Aug 2020 02:01:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 468
x-xss-protection: 1; mode=block
expires: Wed, 05 Aug 2020 02:01:10 GMT

GET
H/1.1 200
OK lib.js Show response
pkhhyool.com/pn21ywqw/z/sc/scssx/1775409/ 23 KB
9 KB 72ms
20ms Script
text/javascript 109.206.162.83
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pkhhyool.com/pn21ywqw/z/sc/scssx/1775409/lib.js

Requested by

Host: freeethereum.com
URL: https://freeethereum.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),

Reverse DNS

83.162.serverel.net

Software

nginx /

Resource Hash

8efa9f5f991ea185c87e822128ce5fe7177c8c14137c27d63f5b99a3188c5884

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://freeethereum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 05 Aug 2020 02:01:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Connection: keep-alive
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000

GET
H2 200 css
fonts.googleapis.com/ 2 KB
607 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito

Requested by

Host: freeethereum.com
URL: https://freeethereum.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b58d5490059a38ce2030dda0ee7328a793fcb05a163ceeea5b38ae4b8504b15b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://freeethereum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 05 Aug 2020 00:05:12 GMT
server: ESF
date: Wed, 05 Aug 2020 02:01:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 05 Aug 2020 02:01:10 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/digitechservices-freeethereum/ 14 B
210 B 162ms
118ms Script
application/javascript 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/digitechservices-freeethereum/loader.js
Requested by: Host: freeethereum.com
URL: https://freeethereum.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: c0c07d5e1cc6e9994f621fb965165bc0106d1a26a04e70bd13c0778af0b93e37

Request headers

Referer: https://freeethereum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 05 Aug 2020 02:01:10 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1596592870.188195,VS0,VE99
x-served-by: cache-hhn4023-HHN
x-cache: HIT
abp: 87
status: 200
cache-control: private,max-age=14401
accept-ranges: bytes, bytes
content-type: application/javascript
content-length: 14
retry-after: 0
x-cache-hits: 0

GET sprites.png
www.cryptoimgs.com/img/freeethereum/ 0
0

GET home-main-banner.jpg
www.cryptoimgs.com/img/freeethereum/ 0
0

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: freeethereum.com
URL: https://freeethereum.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans
Origin: https://freeethereum.com

Response headers

date: Mon, 27 Jul 2020 11:36:35 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 743075
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Tue, 27 Jul 2021 11:36:35 GMT

GET
H/1.1 200
OK 1440813
ad.a-ads.com/ Frame 7C23 0
0 89ms
37ms Document
text/html 148.251.13.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1440813?size=300x250

Requested by

Host: freeethereum.com
URL: https://freeethereum.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

148.251.13.139 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.139.13.251.148.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) / Phusion Passenger

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://freeethereum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://freeethereum.com/

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Wed, 05 Aug 2020 02:01:10 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger
Content-Encoding: gzip

GET
H/1.1 200
OK 1440814
ad.a-ads.com/ Frame 7B66 0
0 84ms
34ms Document
text/html 148.251.13.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1440814?size=200x200

Requested by

Host: freeethereum.com
URL: https://freeethereum.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

148.251.13.139 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.139.13.251.148.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) / Phusion Passenger

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://freeethereum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://freeethereum.com/

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Wed, 05 Aug 2020 02:01:10 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger
Content-Encoding: gzip

GET sprites.png
www.cryptoimgs.com/img/freeethereum/ 0
0

GET
H2 200 css
fonts.googleapis.com/ 25 KB
1 KB 15ms
15ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/r/freeethereum.com.969823.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a20070fc475f7befb15e531f7212f19fa7502ee9a53fcabf36d42a09ac9260b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://freeethereum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 05 Aug 2020 01:45:49 GMT
server: ESF
date: Wed, 05 Aug 2020 02:01:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 05 Aug 2020 02:01:10 GMT

GET
DATA 200
OK truncated
/ 632 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b31062abec9d4536524232f02801803517829af29b44c85b59696d52bc7107cc

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: freeethereum.com
URL: https://freeethereum.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
Origin: https://freeethereum.com

Response headers

date: Wed, 29 Jul 2020 22:18:12 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 531778
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Thu, 29 Jul 2021 22:18:12 GMT

GET
H2 200 1 Show response
servicer.mgid.com/969823/ 4 KB
2 KB 68ms
66ms Script
application/x-javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/969823/1?w=1110&h=648&p3_w=358&p3_h=304&cols=3&pv=5&cbuster=1596592870281722324634&uniqId=16f36&niet=4g&nisd=false&ref=&lu=https%3A%2F%2Ffreeethereum.com%2F&pageView=1&pvid=173bc59d38ab57a7d08&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/r/freeethereum.com.969823.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f299bfd239174988432232c1b6882d366ad26e3b59eee064c2a42af56b1d8c6

Request headers

Referer: https://freeethereum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Aug 2020 02:01:10 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5bdcedbf5bd89cb1-AMS
content-type: application/x-javascript; charset=utf-8
cf-request-id: 045df2eb9200009cb1d1b03200000001

GET
H2 200 /
ad.bitmedia.io/pv/59f754de9fb624001c97a543/ 35 B
364 B 102ms
102ms Image
image/gif 2606:4700:20::ac43:4a9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.bitmedia.io/pv/59f754de9fb624001c97a543/?source=https%3A%2F%2Ffreeethereum.com%2F&ref=&ent=46&we=1&fid=84cca29cb8d4dcd7423f0b34e5d40c59&fidnoua=49ae339d064561a0fa1bbc6bad7f8327&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&sig=0x00000&blocksubid=0&impid=97e4484bee783aa29b4aec7f820b7210

Requested by

Host: freeethereum.com
URL: https://freeethereum.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a9e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Referer: https://freeethereum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 05 Aug 2020 02:01:11 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
content-type: image/gif
access-control-allow-origin: *
cf-ray: 5bdcedc7c9bf9c15-AMS
content-length: 35
cf-request-id: 045df2f0dd00009c1522831200000001

GET
H2 200 i.js Show response
cm.mgid.com/ 1 KB
801 B 73ms
71ms Script
application/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?cbuster=1596592871649605806682
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/r/freeethereum.com.969823.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a90895053ae32ff570a35aba7b59d73ba91fa9349fdc2481c49029b1749a49c7

Request headers

Referer: https://freeethereum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 05 Aug 2020 02:01:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: d2ac4704-d9f7-4b25-87b5-d7d7371df698
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 045df2f0e900009cb1d1b18200000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5bdcedc7def79cb1-AMS

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/r/freeethereum.com.969823.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
Origin: https://freeethereum.com

Response headers

date: Wed, 29 Jul 2020 23:10:45 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 528626
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Thu, 29 Jul 2021 23:10:45 GMT

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame 25AA 186 B
473 B 74ms
74ms Script
application/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1596592871656456248766
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/r/freeethereum.com.969823.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e83fc3dc542e7be4f58dea74a3d729956bf590acec4c8521de9dc8a74b276c6

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 05 Aug 2020 02:01:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 6de5f32f-51b5-40e6-9280-aabcda4cde7a
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 045df2f0f000009cb1d1b1a200000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5bdcedc7ef019cb1-AMS

GET
H2 200 ByMGID.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 24ms
21ms Image
image/svg+xml 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/ByMGID.svg
Requested by: Host: freeethereum.com
URL: https://freeethereum.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad

Request headers

Referer: https://freeethereum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 05 Aug 2020 02:01:11 GMT
content-encoding: br
cf-cache-status: HIT
age: 1380
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: EDD0957952C83C96
x-amz-id-2: 5KTvy9umK7Q9q7ayYfRhARbIRy2XVYo4Q/XpLliaGD20EGMrNCeynM9vzhfKBPhTvzrfw18tEFk=
last-modified: Thu, 07 May 2020 09:36:25 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1588844166/ctime:1588844166/gid:0/gname:root/md5:17534e4d893e6f9d5f70f8483530ae6e/mode:33206/mtime:1588844166/uid:0/uname:root
etag: W/"17534e4d893e6f9d5f70f8483530ae6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cf-request-id: 045df2f10200009cb1d1b1e200000001
cf-ray: 5bdcedc80f0f9cb1-AMS

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0L2MyNDc3MTBkOGI5MjA2ZDQxMzNkNjUxMmE1ZTM0YjY2LmpwZz90PTE0OTc5ODQzNTM0MTg*.webp
s-img.mgid.com/g/3805583/492x328/56x0x595x396/ 21 KB
22 KB 28ms
26ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805583/492x328/56x0x595x396/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0L2MyNDc3MTBkOGI5MjA2ZDQxMzNkNjUxMmE1ZTM0YjY2LmpwZz90PTE0OTc5ODQzNTM0MTg*.webp
Requested by: Host: freeethereum.com
URL: https://freeethereum.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 422dd65bdb9fec3f67bcf9274bd99e6bcddea0d84ec870402a49bac4091c690d

Request headers

Referer: https://freeethereum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 05 Aug 2020 02:01:11 GMT
cf-cache-status: HIT
age: 7414687
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21930
cf-request-id: 045df2f10100009cb1d1b1c200000001
last-modified: Wed, 03 Jul 2019 13:56:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5bdcedc80f0c9cb1-AMS
cf-bgj: h2pri

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0L2QzZjQxMWMyNGJkODEzYzQxODdmOGNmM2NmNjI3MTMyLmpwZWc*.webp
s-img.mgid.com/g/5097651/492x328/0x15x820x546/ 29 KB
29 KB 24ms
21ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/5097651/492x328/0x15x820x546/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0L2QzZjQxMWMyNGJkODEzYzQxODdmOGNmM2NmNjI3MTMyLmpwZWc*.webp
Requested by: Host: freeethereum.com
URL: https://freeethereum.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1bef92308d8597f102168fbec9d8cae0376ec897663270f14b49d71842917e0

Request headers

Referer: https://freeethereum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 05 Aug 2020 02:01:11 GMT
cf-cache-status: HIT
age: 15164838
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29976
cf-request-id: 045df2f10200009cb1d1b1d200000001
last-modified: Tue, 11 Feb 2020 13:32:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5bdcedc80f0e9cb1-AMS
cf-bgj: h2pri

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzA3Zjc2Mzc3NzkwYTRmOWVkMjMwMTI1MWQ5Njg2NDc3LmpwZWc*.webp
s-img.mgid.com/g/3859219/492x328/59x0x1083x722/ 15 KB
16 KB 26ms
24ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3859219/492x328/59x0x1083x722/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzA3Zjc2Mzc3NzkwYTRmOWVkMjMwMTI1MWQ5Njg2NDc3LmpwZWc*.webp
Requested by: Host: freeethereum.com
URL: https://freeethereum.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2721375e510d9968223949e107f53b2d8a230e70303cbe939d25315d6751e192

Request headers

Referer: https://freeethereum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 05 Aug 2020 02:01:11 GMT
cf-cache-status: HIT
age: 7414526
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15832
cf-request-id: 045df2f10100009cb1d1b1b200000001
last-modified: Fri, 12 Jul 2019 07:58:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5bdcedc80f0b9cb1-AMS
cf-bgj: h2pri

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0L2ExZTM3ODBhMjg1NjYyODg1OGY0ODY3MzE1ZDg1ZTZmLnBuZw**.webp
s-img.mgid.com/g/6288110/492x328/0x137x1079x719/ 7 KB
7 KB 26ms
26ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/6288110/492x328/0x137x1079x719/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0L2ExZTM3ODBhMjg1NjYyODg1OGY0ODY3MzE1ZDg1ZTZmLnBuZw**.webp
Requested by: Host: freeethereum.com
URL: https://freeethereum.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68aee398105a3468e636a73de710bd722672f47b37b3d1e660e3a99120974882

Request headers

Referer: https://freeethereum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 05 Aug 2020 02:01:11 GMT
cf-cache-status: HIT
x-mg-request-uuid: db0a72f4-b231-4c15-908f-6a6a39be2483
age: 2279149
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6708
cf-request-id: 045df2f10e00009cb1d1b22200000001
last-modified: Thu, 09 Jul 2020 16:55:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5bdcedc81f189cb1-AMS

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDMtMjEvMTAxOTI0LzlkOGQ4MjVjNTkxZGVkN2NmN2NhZjY3MDMwZWQyOGE3LmpwZz90PTE0OTAxMjQ3NDc5NDY*.webp
s-img.mgid.com/g/3805472/492x328/0x0x492x328/ 22 KB
22 KB 28ms
28ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805472/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDMtMjEvMTAxOTI0LzlkOGQ4MjVjNTkxZGVkN2NmN2NhZjY3MDMwZWQyOGE3LmpwZz90PTE0OTAxMjQ3NDc5NDY*.webp
Requested by: Host: freeethereum.com
URL: https://freeethereum.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 210e8c57220cc2bdc452bbae6cf87d8eb9b6a539b7b6799c812cba32a63803bb

Request headers

Referer: https://freeethereum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 05 Aug 2020 02:01:11 GMT
cf-cache-status: HIT
age: 7678537
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22464
cf-request-id: 045df2f10e00009cb1d1b20200000001
last-modified: Wed, 03 Jul 2019 13:04:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5bdcedc81f159cb1-AMS
cf-bgj: h2pri

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC8xODRjNzBkZDRmYWVkZGY5MTU1YTdiZGQ3MmFjNTE5My5qcGVn.webp
s-img.mgid.com/g/3805664/492x328/0x0x640x426/ 24 KB
24 KB 24ms
23ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805664/492x328/0x0x640x426/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC8xODRjNzBkZDRmYWVkZGY5MTU1YTdiZGQ3MmFjNTE5My5qcGVn.webp
Requested by: Host: freeethereum.com
URL: https://freeethereum.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ab6cb4eb776f9efe7313cc580c802a49ebf65a4e689867f25d6c3250298435b

Request headers

Referer: https://freeethereum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 05 Aug 2020 02:01:11 GMT
cf-cache-status: HIT
age: 27028099
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24432
cf-request-id: 045df2f10e00009cb1d1b21200000001
last-modified: Mon, 08 Jul 2019 08:17:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5bdcedc81f179cb1-AMS
cf-bgj: h2pri

GET
H/1.1

200
OK

usync.html
eus.rubiconproject.com/ Frame BA55
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

0
0

65ms
21ms

Document
text/html

104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?cbuster=1596592871649605806682
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://freeethereum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://freeethereum.com/

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Wed, 29 Jul 2020 16:40:43 GMT
Content-Encoding: gzip
Content-Length: 9471
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=16287
Expires: Wed, 05 Aug 2020 06:32:38 GMT
Date: Wed, 05 Aug 2020 02:01:11 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date: Wed, 05 Aug 2020 02:01:11 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2

200

match
ad.360yield.com/ul_cb/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=k74aykXPtb1j
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=k74aykXPtb1j
https://ad.360yield.com/match?publisher_dsp_id=191&external_user_id=2a37a876-035b-48f9-97fc-d43c96d610ff
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=191&external_user_id=2a37a876-035b-48f9-97fc-d43c96d610ff

43 B
443 B

29ms
29ms

Image
image/gif

18.195.171.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=191&external_user_id=2a37a876-035b-48f9-97fc-d43c96d610ff
Requested by: Host: freeethereum.com
URL: https://freeethereum.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.171.24 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-171-24.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://freeethereum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Wed, 05 Aug 2020 02:01:11 GMT
access-control-allow-origin: *
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

status: 302
date: Wed, 05 Aug 2020 02:01:11 GMT
content-type: text/plain
content-length: 0
location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=191&external_user_id=2a37a876-035b-48f9-97fc-d43c96d610ff
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=a359ba04-6492-454b-bca1-ce32d2c3153c&ttl=1599184871

43 B
218 B

69ms
69ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=a359ba04-6492-454b-bca1-ce32d2c3153c&ttl=1599184871
Requested by: Host: freeethereum.com
URL: https://freeethereum.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://freeethereum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Aug 2020 02:01:11 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-mg-request-uuid: 96282f84-c0bd-45a9-a101-4b10bd215ffb
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5bdcedc93f8b9cb1-AMS
content-type: image/gif
cf-request-id: 045df2f1be00009cb1d1b29200000001
server: cloudflare

Redirect headers

pragma: no-cache
date: Wed, 05 Aug 2020 02:01:11 GMT
x-aspnet-version: 4.0.30319
status: 302
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=a359ba04-6492-454b-bca1-ce32d2c3153c&ttl=1599184871
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H2 200 /
cm.idealmedia.io/setmuidn/ 0
555 B 129ms
83ms Image
image/gif 104.16.199.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=k74aykXPtb1j
Requested by: Host: freeethereum.com
URL: https://freeethereum.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.199.73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://freeethereum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Aug 2020 02:01:11 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5bdcedc8aa27f965-BRU
content-type: image/gif
cf-request-id: 045df2f1650000f96510168200000001

GET
H2 200 /
cm.lentainform.com/setmuidn/ 0
328 B 173ms
55ms Image
image/gif 23.105.245.4
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lentainform.com/setmuidn/?muidf=k74aykXPtb1j
Requested by: Host: freeethereum.com
URL: https://freeethereum.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.105.245.4 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://freeethereum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Aug 2020 02:01:11 GMT
server: nginx/1.19.0
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=mgid
https://x.bidswitch.net/ul_cb/sync?ssp=mgid
https://px.adhigh.net/p/cm/bsw?bidswitch_ssp_id=mgid
https://px.adhigh.net/p/cm/bsw?bidswitch_ssp_id=mgid&bounced=1
https://x.bidswitch.net/sync?dsp_id=9&user_id=uey7OOYnTJCn.AikABlFzvFhcCg&expires=30&ssp=mgid
https://cm.mgid.com/m?cdsp=433145&c=2a37a876-035b-48f9-97fc-d43c96d610ff

43 B
226 B

70ms
70ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=2a37a876-035b-48f9-97fc-d43c96d610ff
Requested by: Host: freeethereum.com
URL: https://freeethereum.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://freeethereum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Aug 2020 02:01:12 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-mg-request-uuid: dbaf6eb0-b5eb-4576-b1d0-42fb599503ef
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5bdcedc9ffd69cb1-AMS
content-type: image/gif
cf-request-id: 045df2f23600009cb1d1b33200000001
server: cloudflare

Redirect headers

status: 302
date: Wed, 05 Aug 2020 02:01:11 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: //cm.mgid.com/m?cdsp=433145&c=2a37a876-035b-48f9-97fc-d43c96d610ff
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azc0YXlrWFB0YjFq&muidn=k74aykXPtb1j
https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azc0YXlrWFB0YjFq&muidn=k74aykXPtb1j&google_tc=
https://cm.mgid.com/google?muidn=k74aykXPtb1j&google_ula={guid},5&google_gid=CAESEJPzQjPpvUtxxgCPoqAyC_s&google_cver=1

0
199 B

65ms
65ms

Image
text/plain

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=k74aykXPtb1j&google_ula={guid},5&google_gid=CAESEJPzQjPpvUtxxgCPoqAyC_s&google_cver=1
Requested by: Host: freeethereum.com
URL: https://freeethereum.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://freeethereum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Aug 2020 02:01:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5bdcedc90f7a9cb1-AMS
content-type: text/plain
cf-request-id: 045df2f1a800009cb1d1b27200000001

Redirect headers

pragma: no-cache
date: Wed, 05 Aug 2020 02:01:11 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=k74aykXPtb1j&google_ula={guid},5&google_gid=CAESEJPzQjPpvUtxxgCPoqAyC_s&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
https://cm.mgid.com/m?cdsp=287839&c=cfc4fed1-7de4-4bf5-a250-cff1152fd6f7

43 B
345 B

75ms
75ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=287839&c=cfc4fed1-7de4-4bf5-a250-cff1152fd6f7
Requested by: Host: freeethereum.com
URL: https://freeethereum.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://freeethereum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Aug 2020 02:01:12 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-mg-request-uuid: 601de767-f44a-4113-a4db-fb063f95edbd
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5bdcedcd18e99cb1-AMS
content-type: image/gif
cf-request-id: 045df2f42a00009cb1d1b3e200000001
server: cloudflare

Redirect headers

date: Wed, 05 Aug 2020 02:01:12 GMT
via: 1.1 google
status: 302
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: //cm.mgid.com/m?cdsp=287839&c=cfc4fed1-7de4-4bf5-a250-cff1152fd6f7
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid
https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1
https://cm.mgid.com/m?cdsp=501037&c=9W4Htd5to0dNyLjXXFfh&pi=mgid&tc=1

43 B
248 B

72ms
71ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501037&c=9W4Htd5to0dNyLjXXFfh&pi=mgid&tc=1
Requested by: Host: freeethereum.com
URL: https://freeethereum.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://freeethereum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Aug 2020 02:01:12 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-mg-request-uuid: 026c21b2-93a2-40e0-a9b0-247b4c96694a
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5bdcedc9cfc09cb1-AMS
content-type: image/gif
cf-request-id: 045df2f21f00009cb1d1b32200000001
server: cloudflare

Redirect headers

status: 302
pragma: no-cache
date: Wed, 05 Aug 2020 02:01:11 GMT, Wed, 05 Aug 2020 02:01:11 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
location: https://cm.mgid.com/m?cdsp=501037&c=9W4Htd5to0dNyLjXXFfh&pi=mgid&tc=1
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET tr.php
udata.mixmarket.biz/ Frame 25AA 0
0

GET
H2 200 /
ad.bitmedia.io/p/5f216f6af3b4ec3d84c4905a/ Frame D8E3 0
0 124ms
124ms Document
text/html 2606:4700:20::ac43:4a9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.bitmedia.io/p/5f216f6af3b4ec3d84c4905a/?source=https%3A%2F%2Ffreeethereum.com%2F&ref=&ent=46&we=1&fid=84cca29cb8d4dcd7423f0b34e5d40c59&fidnoua=49ae339d064561a0fa1bbc6bad7f8327&impid=97e4484bee783aa29b4aec7f820b7210&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&sig=0x00000&blocksubid=0

Requested by

Host: ad.bitmedia.io
URL: https://ad.bitmedia.io/js/adbybm.js/5f216f6af3b4ec3d84c4905a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a9e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: ad.bitmedia.io
:scheme: https
:path: /p/5f216f6af3b4ec3d84c4905a/?source=https%3A%2F%2Ffreeethereum.com%2F&ref=&ent=46&we=1&fid=84cca29cb8d4dcd7423f0b34e5d40c59&fidnoua=49ae339d064561a0fa1bbc6bad7f8327&impid=97e4484bee783aa29b4aec7f820b7210&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&sig=0x00000&blocksubid=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://freeethereum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: hid=4c733349dafcae75bfd7cce5911b3d232fd29a7ce9d8c60b60db4766d082c683
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://freeethereum.com/

Response headers

status: 200
date: Wed, 05 Aug 2020 02:01:12 GMT
content-type: text/html
set-cookie: __cfduid=dc2a774115125f8e51a188c62d447ae351596592872; expires=Fri, 04-Sep-20 02:01:12 GMT; path=/; domain=.bitmedia.io; HttpOnly; SameSite=Lax; Secure
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-request-id: 045df2f27300009c152283f200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
server: cloudflare
cf-ray: 5bdcedca5ac49c15-AMS
content-encoding: br

GET
H2 200 5f216f6af3b4ec3d84c4905a
ad.bitmedia.io/pb/59f754de9fb624001c97a543/ 0
196 B 108ms
108ms Image
text/plain 2606:4700:20::ac43:4a9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.bitmedia.io/pb/59f754de9fb624001c97a543/5f216f6af3b4ec3d84c4905a?type=overlapping&fid=84cca29cb8d4dcd7423f0b34e5d40c59&fidnoua=49ae339d064561a0fa1bbc6bad7f8327&ref=&impid=97e4484bee783aa29b4aec7f820b7210

Requested by

Host: freeethereum.com
URL: https://freeethereum.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a9e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Referer: https://freeethereum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 05 Aug 2020 02:01:12 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
status: 200
cf-ray: 5bdcedca5abf9c15-AMS
content-length: 0
cf-request-id: 045df2f27200009c152283e200000001

GET
H2 200 /
ad.bitmedia.io/reconfirm/ 35 B
267 B 121ms
120ms Image
image/gif 2606:4700:20::ac43:4a9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.bitmedia.io/reconfirm/?clickid=undefined&token=undefined

Requested by

Host: freeethereum.com
URL: https://freeethereum.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a9e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Referer: https://freeethereum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Aug 2020 02:01:12 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 5bdcedcbab539c15-AMS
content-length: 35
cf-request-id: 045df2f34600009c1522853200000001

GET
H2 200 /
ad.bitmedia.io/reconfirm/ 35 B
118 B 131ms
131ms Image
image/gif 2606:4700:20::ac43:4a9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.bitmedia.io/reconfirm/?clickid=3cbf0b46-456f-413f-b815-f2382475539c&token=03AGdBq25TGB4V0W1y_kdpiDv-sv7pBshOSdjXmudpKMWzBGhoiTToJbq55twzK22ZBVE8_l2G6rRYSZi6h8rIZHvMqibJeTqW3UTpCvb9nfZnYwJRu_Ey1uVZUDe5N60WTv-EjgrULFUzrJjZQ_ViFrfhzdbKbEFYV1OIeuz3evVh-clQwJ-xUDQ54fvRB0ZjDRHiZ9LaceyzoXaIeYLij1lHuVfEj_C5FjWTraJdByx0AqazHQY2WhShieng6AlqLyez7tq1vW8_ZDecmieC1F7c0WZbnlnhPN0yVGe0D_qMSo1oqbu7UMtX2uxheR0LRzSOxUk_vJCMURht_nuzBtQuGBD0g4dqqr5BtfHFd4ry3KB6gu0I6ywimnkma2SZRFyzkQ7D2OfwGrS989l5BNwuWo52Hu7xgg

Requested by

Host: freeethereum.com
URL: https://freeethereum.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a9e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Referer: https://freeethereum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Aug 2020 02:01:12 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 5bdcedcebc689c15-AMS
content-length: 35
cf-request-id: 045df2f53200009c1522860200000001

GET
H2 200 c
c.mgid.com/ 43 B
378 B 77ms
64ms Image
image/gif 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?f=1&pv=3&v=359|239|8|DJIRa0TWmvVTP1PDgM0zwTClygLDuFgK1YRU0VRPEB_IRUZ00O-vnvvU_r5D23pX&fw=1&extjs=66046&v=359|239|8|DJIRa0TWmvVTP1PDgM0zwSf3-kGAfM0Aimmo5G8iWaMx4DlEPISC0QGquDd1Tv-W&v=359|239|8|DJIRa0TWmvVTP1PDgM0zwVmTLeJT29s0EBV-v7tiRI9OtkQ4lPBTi0ZRNWeGApPK&imgdim=1&cid=969823&h2=OhYoaE2KvQNUloliI1BFSvN-fy5S3o8nVYjDcujLCRw*&rid=885df946-d6bf-11ea-8930-d094662c24f7&tt=Direct&pageImp=1&muid=k74aykXPtb1j&cbuster=1596592872760572884261&tpl=0
Requested by: Host: freeethereum.com
URL: https://freeethereum.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://freeethereum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Aug 2020 02:01:12 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-mg-request-uuid: 8a5b4f57-dc7b-4bb8-8b23-6df83300579a
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5bdcedcee97a9cb1-AMS
content-type: image/gif
cf-request-id: 045df2f54c00009cb1d1b41200000001
server: cloudflare

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/IU7gZ7o6RDdDE6U4Y1YJJWnN/ 332 KB
130 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/IU7gZ7o6RDdDE6U4Y1YJJWnN/recaptcha__en.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?render=explicit&onload=onScriptLoad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b49b397871dff384aab300554a8f1745d86e020edd55dea9f1ad58209a1b7563

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freeethereum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 17:22:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 03 Aug 2020 04:06:51 GMT
server: sffe
age: 117520
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133278
x-xss-protection: 0
expires: Tue, 03 Aug 2021 17:22:42 GMT

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame 9333 0
0 27ms
27ms Document
text/html 2a00:1450:4001:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdNCbUUAAAAACehnS4dFR4JeqUuXakMcTnUIeBB&co=aHR0cHM6Ly9mcmVlZXRoZXJldW0uY29tOjQ0Mw..&hl=en&v=IU7gZ7o6RDdDE6U4Y1YJJWnN&size=invisible&cb=lezqk4s7b999

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/IU7gZ7o6RDdDE6U4Y1YJJWnN/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cHin4DlZnyt5PdPFGBM3KA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LdNCbUUAAAAACehnS4dFR4JeqUuXakMcTnUIeBB&co=aHR0cHM6Ly9mcmVlZXRoZXJldW0uY29tOjQ0Mw..&hl=en&v=IU7gZ7o6RDdDE6U4Y1YJJWnN&size=invisible&cb=lezqk4s7b999
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://freeethereum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://freeethereum.com/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 05 Aug 2020 02:01:22 GMT
content-security-policy: script-src 'report-sample' 'nonce-cHin4DlZnyt5PdPFGBM3KA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 9556
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.cryptoimgs.com
URL: https://www.cryptoimgs.com/img/freeethereum/logo-main.png?v=1.5

Domain: www.cryptoimgs.com
URL: https://www.cryptoimgs.com/img/freeethereum/home-bottom-banner.jpg

Domain: www.cryptoimgs.com
URL: https://www.cryptoimgs.com/img/freenem/partner-logo.png?v=1.22

Domain: www.cryptoimgs.com
URL: https://www.cryptoimgs.com/img/freecardano/partner-logo.png?v=1.22

Domain: www.cryptoimgs.com
URL: https://www.cryptoimgs.com/img/coinfaucet/partner-logo.png?v=1.22

Domain: www.cryptoimgs.com
URL: https://www.cryptoimgs.com/img/freebitcoin/partner-logo.png?v=1.22

Domain: www.cryptoimgs.com
URL: https://www.cryptoimgs.com/img/freesteam/partner-logo.png?v=1.22

Domain: www.cryptoimgs.com
URL: https://www.cryptoimgs.com/img/freetether/partner-logo.png?v=1.22

Domain: www.cryptoimgs.com
URL: https://www.cryptoimgs.com/img/freeusdcoin/partner-logo.png?v=1.22

Domain: www.cryptoimgs.com
URL: https://www.cryptoimgs.com/img/freebinancecoin/partner-logo.png?v=1.22

Domain: www.cryptoimgs.com
URL: https://www.cryptoimgs.com/img/freetron/partner-logo.png?v=1.22

Domain: www.cryptoimgs.com
URL: https://www.cryptoimgs.com/js/app.js?v=1.39

Domain: www.cryptoimgs.com
URL: https://www.cryptoimgs.com/img/freeethereum/sprites.png

Domain: www.cryptoimgs.com
URL: https://www.cryptoimgs.com/img/freeethereum/home-main-banner.jpg

Domain: www.cryptoimgs.com
URL: https://www.cryptoimgs.com/img/freeethereum/sprites.png?v=1.4

Domain: www.cryptoimgs.com
URL: https://www.cryptoimgs.com/img/freeethereum/sprites.png?v=1.3

Domain: udata.mixmarket.biz
URL: https://udata.mixmarket.biz/tr.php?syncnet=28&cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D311971%26mode%3Dinverse%26c%3D%24UID

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://jsc.mgid.com/f/r/freeethereum.com.969823.js(Line 9) Message: [object HTMLImageElement]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
ad.a-ads.com
ad.bitmedia.io
ams.creativecdn.com
c.mgid.com
cdn.mgid.com
cdn.taboola.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
creativecdn.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
freeethereum.com
i.imgur.com
jsc.mgid.com
match.adsrvr.org
pkhhyool.com
px.adhigh.net
rtb-usw.mfadsrvr.com
s-img.mgid.com
secure-assets.rubiconproject.com
servicer.mgid.com
udata.mixmarket.biz
www.cryptoimgs.com
www.google.com
www.gstatic.com
www.recaptcha.net
x.bidswitch.net
udata.mixmarket.biz
www.cryptoimgs.com
104.111.230.142
104.16.199.73
104.19.135.78
109.206.162.83
136.243.56.16
148.251.13.139
151.101.113.44
151.101.12.193
18.194.69.213
18.195.171.24
185.184.8.30
216.58.210.2
23.105.245.4
2606:4700:20::ac43:4a9e
2606:4700:3032::ac43:d3e1
2a00:1450:4001:800::200a
2a00:1450:4001:80b::2003
2a00:1450:4001:817::2003
2a00:1450:4001:817::2004
2a00:1450:4001:818::2003
35.212.212.222
99.80.249.40
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
210e8c57220cc2bdc452bbae6cf87d8eb9b6a539b7b6799c812cba32a63803bb
2721375e510d9968223949e107f53b2d8a230e70303cbe939d25315d6751e192
2d0187880dfc6f9a491684bf8f988e8d7e3904dc6ee6272c1e10836dceeb5441
422dd65bdb9fec3f67bcf9274bd99e6bcddea0d84ec870402a49bac4091c690d
4ddb8e1ae52bfc17a11c345ab2b1c51fcb7ab9fcb28a9fd7f8eab9dad9a2a42f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
68aee398105a3468e636a73de710bd722672f47b37b3d1e660e3a99120974882
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
73cf9bd74a1fc7f95aeb49dc1544633b823d91f018f5fa182fbf7cc0a3499d51
7e83fc3dc542e7be4f58dea74a3d729956bf590acec4c8521de9dc8a74b276c6
88edeb0da79da2ee0a1c7a42eaa5ea314965319d967c439b3e9c4eda2b1c010b
8ab45cbbae433c652f495d697ea596e94e5972e500f2d757a25b570c825a591c
8afcbbb162052120275d230259ff330a75fc8c0bbe09070ed2ed021b433ec0ce
8efa9f5f991ea185c87e822128ce5fe7177c8c14137c27d63f5b99a3188c5884
9ab6cb4eb776f9efe7313cc580c802a49ebf65a4e689867f25d6c3250298435b
9f299bfd239174988432232c1b6882d366ad26e3b59eee064c2a42af56b1d8c6
a1bef92308d8597f102168fbec9d8cae0376ec897663270f14b49d71842917e0
a20070fc475f7befb15e531f7212f19fa7502ee9a53fcabf36d42a09ac9260b2
a8252492db56de6a43a1e52010746aa4b09c216f522dfaa82a62169a811e3405
a90895053ae32ff570a35aba7b59d73ba91fa9349fdc2481c49029b1749a49c7
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad
ae52ae228197923eb20efed582cbd3383d6df4a6767187f757cac2dd18aecd1c
b31062abec9d4536524232f02801803517829af29b44c85b59696d52bc7107cc
b49b397871dff384aab300554a8f1745d86e020edd55dea9f1ad58209a1b7563
b58d5490059a38ce2030dda0ee7328a793fcb05a163ceeea5b38ae4b8504b15b
b75e93bbbc583b1f6852d60391bc69d82c2637940af8adc47a519fd8897d1584
c0c07d5e1cc6e9994f621fb965165bc0106d1a26a04e70bd13c0778af0b93e37
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

freeethereum.com Open in urlscan Pro 2606:4700:3032::ac43:d3e1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

62 Requests

73 %HTTPS

32 %IPv6

23 Domains

31 Subdomains

17 IPs

6 Countries

549 kBTransfer

1277 kBSize

0 Cookies

18 Outgoing links

Page URL History

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

freeethereum.com Open in urlscan Pro
2606:4700:3032::ac43:d3e1 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

73 %
HTTPS

32 %
IPv6

23
Domains

31
Subdomains

17
IPs

6
Countries

549 kB
Transfer

1277 kB
Size

0
Cookies

62 HTTP transactions
1 data transactions