urlscan.io logo urlscan.io
SecurityTrails logo

sid.freemodsapp.xyz Open in urlscan Pro
2606:4700:3031::ac43:c478  Public Scan

Go To Rescan Add Verdict Report
URL: https://sid.freemodsapp.xyz/
Submission: On September 07 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 1 countries across 11 domains to perform 42 HTTP transactions. The main IP is 2606:4700:3031::ac43:c478, located in United States and belongs to CLOUDFLARENET, US. The main domain is sid.freemodsapp.xyz.
TLS certificate: Issued by E1 on August 28th 2023. Valid for: 3 months.
This is the only time sid.freemodsapp.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 9 2606:4700:303... 13335 (CLOUDFLAR...)
6 2607:f8b0:400... 15169 (GOOGLE)
1 34.102.146.192 396982 (GOOGLE-CL...)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
4 2607:f8b0:400... 15169 (GOOGLE)
3 35.244.159.8 15169 (GOOGLE)
3 52.116.53.150 36351 (SOFTLAYER)
4 2607:f8b0:400... 15169 (GOOGLE)
1 2600:1f18:4e9... 14618 (AMAZON-AES)
1 2 52.46.130.91 16509 (AMAZON-02)
2 2 15.197.193.217 16509 (AMAZON-02)
1 2 172.253.63.154 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
42 15
9    2606:4700:3031::ac43:c478 (United States)

ASN13335 (CLOUDFLARENET, US)
sid.freemodsapp.xyz
6    2607:f8b0:4004:c17::9d (Washington, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
3    2607:f8b0:4004:c07::84 (Washington, United States)

ASN15169 (GOOGLE, US)
e272c998be08bbea52de3f883f438e19.safeframe.googlesyndication.com
2    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
4    2607:f8b0:4004:c1d::9b (Washington, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
google-bidout-d.openx.net
us-u.openx.net
3    52.116.53.150 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 96.35.7434.ip4.static.sl-reverse.com
8proof.com
4    2607:f8b0:4004:c17::84 (Washington, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2600:1f18:4e9:5a05:2218:9c0:7c54:ea30 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
2    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    172.253.63.154 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f154.1e100.net
cm.g.doubleclick.net
1    2607:f8b0:4004:c06::6a (Washington, United States)

ASN15169 (GOOGLE, US)
www.google.com
1    2607:f8b0:4004:c09::5f (Ashburn, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
Apex Domain
Subdomains		 Transfer
11 googlesyndication.com
e272c998be08bbea52de3f883f438e19.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 115
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
55 KB
9 freemodsapp.xyz
sid.freemodsapp.xyz
62 KB
8 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215
cm.g.doubleclick.net — Cisco Umbrella Rank: 259
201 KB
5 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1391
google-bidout-d.openx.net — Cisco Umbrella Rank: 1399
us-u.openx.net — Cisco Umbrella Rank: 518
2 KB
3 8proof.com
8proof.com — Cisco Umbrella Rank: 37608
cdn.8proof.com Failed
5 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 379
721 B
2 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 335
2 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 58
1 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 490
603 B
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1537
8 KB
42 11
Domain Requested by
9 sid.freemodsapp.xyz 1 redirects sid.freemodsapp.xyz
6 securepubads.g.doubleclick.net sid.freemodsapp.xyz
securepubads.g.doubleclick.net
e272c998be08bbea52de3f883f438e19.safeframe.googlesyndication.com
4 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
e272c998be08bbea52de3f883f438e19.safeframe.googlesyndication.com
4 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 8proof.com e272c998be08bbea52de3f883f438e19.safeframe.googlesyndication.com
sid.freemodsapp.xyz
3 e272c998be08bbea52de3f883f438e19.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 cm.g.doubleclick.net 1 redirects google-bidout-d.openx.net
2 us-u.openx.net google-bidout-d.openx.net
2 match.adsrvr.org 2 redirects
2 s.amazon-adsystem.com 1 redirects google-bidout-d.openx.net
2 oajs.openx.net 1 redirects
1 fonts.googleapis.com e272c998be08bbea52de3f883f438e19.safeframe.googlesyndication.com
1 www.google.com tpc.googlesyndication.com
1 pr-bh.ybp.yahoo.com google-bidout-d.openx.net
1 google-bidout-d.openx.net oa.openxcdn.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
0 cdn.8proof.com Failed 8proof.com
42 17

This site contains links to these domains. Also see Links.

Domain
creativethemes.com
Subject Issuer Validity Valid
freemodsapp.xyz
E1		 2023-08-28 -
2023-11-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-07-27 -
2023-10-25		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.8proof.com
Sectigo RSA Domain Validation Secure Server CA		 2023-01-29 -
2024-02-07		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
www.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh

This page contains 10 frames:

Primary Page: https://sid.freemodsapp.xyz/
Frame ID: 4ACF92C78FEA3C8ED7ECBE762FD07E09
Requests: 16 HTTP requests in this frame

Frame: https://sid.freemodsapp.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/3e377faf/main.js
Frame ID: 378134CBA3DE283D9CE4D9F96D6A11D7
Requests: 2 HTTP requests in this frame

Frame: https://e272c998be08bbea52de3f883f438e19.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2AFC4E8B59B84DADDFA767353599EB7A
Requests: 1 HTTP requests in this frame

Frame: https://e272c998be08bbea52de3f883f438e19.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2D7BE462A0A2E00332123874FD8E9120
Requests: 3 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 849823344D27C048C99F36128D06AF78
Requests: 6 HTTP requests in this frame

Frame: https://8proof.com/app/rtbmarkup/5111?id=602121727573&ctd=110055&crid=1195&ap=ZPoKNgAJzlUIaBZDAA5_hyWjTE_5FYxaRAdoDA
Frame ID: 8531351FBA105FE011707C2D19BCED09
Requests: 3 HTTP requests in this frame

Frame: https://e272c998be08bbea52de3f883f438e19.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 97034C267A30C8082D8342286A4AC23E
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A97140C9D5B2220013BC625B9FECCE90
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9DFCA4884DCC3B4F06DE1F231D21B39C
Requests: 2 HTTP requests in this frame

Frame: https://8proof.com/app/rtbmarkup/5111?id=602121728739&ctd=110048&crid=1180&ap=ZPoKNgAMa-AIaBSwAA8lthSpbDYJdjJ6UrQ-kw
Frame ID: 2DA67FD9E09F988DC11535A7D2BE1F96
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

My Blog – My WordPress Blog

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Page Statistics

42
Requests

79 %
HTTPS

53 %
IPv6

11
Domains

17
Subdomains

15
IPs

1
Countries

335 kB
Transfer

1101 kB
Size

13
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://sid.freemodsapp.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://sid.freemodsapp.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/3e377faf/main.js
Request Chain 14
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fsid.freemodsapp.xyz%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fsid.freemodsapp.xyz%2F&rid=esp&cc=1
Request Chain 23
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=c5294268-9b3a-c58c-03b4-75fa0895cd5a HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=c5294268-9b3a-c58c-03b4-75fa0895cd5a&dcc=t
Request Chain 24
  • https://match.adsrvr.org/track/cmf/openx?oxid=9dff3e15-8790-7e76-c3ba-f76d60a606ba&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=9dff3e15-8790-7e76-c3ba-f76d60a606ba&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=f7fa9e1c-830a-48bc-8256-d953898d5293&ttd_puid=9dff3e15-8790-7e76-c3ba-f76d60a606ba&gdpr=0&gdpr_consent=
Request Chain 26
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOW_qBJFxxSKSltdkcxi2-8&google_cver=1

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
sid.freemodsapp.xyz/ 		52 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sid.freemodsapp.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c478 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
e2e92123f47bd9b070df8ce58db22eb6ca89aa66b8e8c1d4225d085d7427402b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8030b766aed06dbb-MIA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 07 Sep 2023 17:36:53 GMT
link
<https://sid.freemodsapp.xyz/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mxrd5QHKEYgyBbmPLeRp6SxNB35%2BYsFPkUt5IB%2FymDPLBO9cBPZBsANDnfbLAXtCbt%2BodNq8no1KcgYozs2TKlYoC4uhoRzaFR9aAivPKO%2FAuOvdFxZMw%2BpSeboVUZn5RjB%2BbjQx%2B6o7MOlwBzi7ytvI"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
x-turbo-charged-by
LiteSpeed
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		99 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: sid.freemodsapp.xyz
URL: https://sid.freemodsapp.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
25ca405ac4c391a1e993b37b9342c08dbe36d2a9af8d6f7c433c0b9aebbf159d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sid.freemodsapp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:36:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29103
x-xss-protection
0
server
cafe
etag
601 / 19607 / m202308310101 / config-hash: 6414607385770146083
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 07 Sep 2023 17:36:53 GMT
global.css
sid.freemodsapp.xyz/wp-content/uploads/blocksy/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sid.freemodsapp.xyz/wp-content/uploads/blocksy/css/global.css?ver=06157
Requested by
Host: sid.freemodsapp.xyz
URL: https://sid.freemodsapp.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c478 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d71c669d67470ba24ccfa7523655975ff4609ac0100044e2f51fc1fe8d14495

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sid.freemodsapp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:36:53 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 07 Sep 2023 17:02:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8UxRgf8pCwWrN5vwf3DWwDiepnCdIGI0yrS%2B1s5jE8ImkCRWx5Nl0iEcb%2FsGTb83jETC4kEO%2BimV0rN%2F4K0f68J4Md5UoK0o5k4JuEGavOm%2BKLjVB6l%2BvCOutEWsn3sZ9a15Mp5xr%2FsOHZ6TVPNzoF7S"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
8030b76e480c6dbb-MIA
alt-svc
h3=":443"; ma=86400
expires
Thu, 14 Sep 2023 17:36:53 GMT
style.min.css
sid.freemodsapp.xyz/wp-includes/css/dist/block-library/ 		102 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sid.freemodsapp.xyz/wp-includes/css/dist/block-library/style.min.css?ver=6.3.1
Requested by
Host: sid.freemodsapp.xyz
URL: https://sid.freemodsapp.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c478 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sid.freemodsapp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:36:53 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 19 Jul 2023 14:43:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MADJ2SwvbSI1BEmkCRYGn%2F1yKZxrXZ5gXb0p8OivlpnRYb6K%2F3Av702OwfqXQ4BBOBS3AEnJH6OM91DMw0W80Uh%2B3I3tYG5rd2SmYkC%2BcHJnBNPI%2BHE0W2neB4M7qfW%2Bsdaxl1fk6xbLNRnvwb9WdKy3"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
8030b76e480f6dbb-MIA
alt-svc
h3=":443"; ma=86400
expires
Thu, 14 Sep 2023 17:36:53 GMT
main.min.css
sid.freemodsapp.xyz/wp-content/themes/blocksy/static/bundle/ 		94 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sid.freemodsapp.xyz/wp-content/themes/blocksy/static/bundle/main.min.css?ver=1.9.4
Requested by
Host: sid.freemodsapp.xyz
URL: https://sid.freemodsapp.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c478 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43d9cb6826f527090cb8ed3aed8dd3ffcf8d1c46bc34839128e916015dd4bc60

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sid.freemodsapp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:36:54 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 07 Sep 2023 16:56:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v3q8a6x4BJg0X4PGgFXWmgE4T0S6mt1lDbJ%2BnK9FZUbHGZvEgmB4%2FsNImq1QuyMN%2FCm8KF3TgVRjSm9Y5lpcU6fwDcIIDbGnGAyrvgvpAggG32qM1mQyA9FrxeJzplgPrlqpq42vykOPXBF09%2Fi%2FO4OA"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
8030b76e48116dbb-MIA
alt-svc
h3=":443"; ma=86400
expires
Thu, 14 Sep 2023 17:36:53 GMT
main.js
sid.freemodsapp.xyz/wp-content/themes/blocksy/static/bundle/ 		32 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sid.freemodsapp.xyz/wp-content/themes/blocksy/static/bundle/main.js?ver=1.9.4
Requested by
Host: sid.freemodsapp.xyz
URL: https://sid.freemodsapp.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c478 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfcadd94b2806f8c5a32a575b48031260a1cce466354d866aa3088362c40cd97

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sid.freemodsapp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:36:53 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 07 Sep 2023 16:56:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yjgxyk98i6mZjapqB7luHvu9AY7F9%2F74MLEHS9tG%2BF9qOYjLetFEuwEz%2FD5ZH3KIS6AN9MDIxt37qFCNpPSaROtrfpVKycO5QC%2BeXreWBsaob5HnW4oSAXffqCyVdiS1mJI1oYGzpqDVJclTomK1f4fo"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
8030b76e48126dbb-MIA
alt-svc
h3=":443"; ma=86400
expires
Thu, 14 Sep 2023 17:36:53 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/ 		403 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7c858b03cd6f32628792b68fa1f0f913c4d3cfcdb5f9ab57b8be110972d251be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sid.freemodsapp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 11:49:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
20871
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129723
x-xss-protection
0
server
cafe
etag
14901160554504536944
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 06 Sep 2024 11:49:02 GMT
142.e0c0e2296e5a94af9d7f.js
sid.freemodsapp.xyz/wp-content/themes/blocksy/static/bundle/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sid.freemodsapp.xyz/wp-content/themes/blocksy/static/bundle/142.e0c0e2296e5a94af9d7f.js
Requested by
Host: sid.freemodsapp.xyz
URL: https://sid.freemodsapp.xyz/wp-content/themes/blocksy/static/bundle/main.js?ver=1.9.4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c478 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6e0046b99ea390cf12c7a6075ed26b99bcdf483dec6d6b11b94a3cce1394b15

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sid.freemodsapp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:36:54 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 07 Sep 2023 16:56:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=woY3osrQQRh4ntVCUMDwaSxhoMRBM0mQkxsD3KhWfoTlioK8WmXi5EsyGeqd4Xvmj15VThtPbHHsIPxVyD8fA83pZQqDVh7BcgNVMUqxxxBlHmdZ52fgLy0xWx55sYzfIbk%2Fng7OzBqI890L%2FvYw1xTe"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
8030b771f92867b1-MIA
alt-svc
h3=":443"; ma=86400
expires
Thu, 14 Sep 2023 17:36:54 GMT
main.js
sid.freemodsapp.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/3e377faf/ Frame 3781
Redirect Chain
  • https://sid.freemodsapp.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://sid.freemodsapp.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/3e377faf/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sid.freemodsapp.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/3e377faf/main.js
Requested by
Host: sid.freemodsapp.xyz
URL: https://sid.freemodsapp.xyz/
Protocol
H3
Server
2606:4700:3031::ac43:c478 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbf2e93dc7f757895a1da9f8dec0e3592ce8a2e929f814341ec2e3bc1d4bff8c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:36:54 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l63q3i23SqzOyRmvlrIDHvOW6t1%2BbhvYqbn8bwVlxXpmuFWF0aPhgsnFnPdUAqSJnX06CeZuWcVvkbDN5NYKTU8gkUX1iwyLr9w1O%2BQWWGTC0J9kGZfU1KklAP4OCE3baX1xriNcyyIE2J4rM%2BsmlUG8"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
8030b774cf9f67b1-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 07 Sep 2023 17:36:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fRGSQQVKETv0oNf9Wkje5wMjXgp8kW8szSa1TkCUJBkqdLljO4bgtKKdx5XA49rqFG7fMfxrXF907Z9MNCXrOtiy22ym4XSCgbyTigN1Yr56E67o9%2FasUYmhcROUW8AuF4AcAm0D778fxRcOiiMnnq5L"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/3e377faf/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
8030b772195f67b1-MIA
alt-svc
h3=":443"; ma=86400
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sid.freemodsapp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 17:29:23 GMT
content-encoding
gzip
age
950851
x-guploader-uploadid
ADPycduf1DuvHobmt_YKn15GtH_bYBdHBlHLKhrGrSIdvV8mEEo6uKuhedHmgT-e_92MF1UIE2i83GPKilSAx82PWOaayuN0nfxQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Mon, 26 Aug 2024 17:29:23 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		62 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2921469600202215&correlator=2253426983779988&eid=31077618%2C31077648%2C31077650&output=ldjh&gdfp_req=1&vrg=202308310101&ptt=17&impl=fif&iu_parts=22868965574%2CFreeMod%2CIntersialAd&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=8&sc=1&cookie_enabled=1&abxe=1&dt=1694108214570&lmt=1694144214&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fsid.freemodsapp.xyz%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=317083994.1694108215&ga_sid=1694108215&ga_hid=917835114&ga_fc=false&a3p=EhQKBW9wZW54GKfK34WnMUgAUgIIZA..&dlt=1694108213469&idt=1063&adks=1179202603&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f24fe87fdefa0262c8c4a085fd060be49f77ba0a54c438fbae0df44ad6a77bdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sid.freemodsapp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:36:55 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18317
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://sid.freemodsapp.xyz
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		33 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2921469600202215&correlator=2253426983779988&eid=31077618%2C31077648%2C31077650&output=ldjh&gdfp_req=1&vrg=202308310101&ptt=17&impl=fif&iu_parts=22868965574%2CFreeMod%2CSticky&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x50&ifi=2&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1694108214579&lmt=1694144214&adxs=650&adys=1150&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fsid.freemodsapp.xyz%2F&vis=1&psz=1600x-1&msz=1600x-1&fws=516&ohw=1600&ga_vid=317083994.1694108215&ga_sid=1694108215&ga_hid=917835114&ga_fc=false&a3p=EhQKBW9wZW54GKfK34WnMUgAUgIIZA..&dlt=1694108213469&idt=1063&adks=1198275091&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a618efcbe15869a55c778793fc350c448e4e5c5c24878b6e059252e05c038e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sid.freemodsapp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:36:54 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13410
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://sid.freemodsapp.xyz
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
e272c998be08bbea52de3f883f438e19.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2AFC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e272c998be08bbea52de3f883f438e19.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sid.freemodsapp.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 17:36:54 GMT
expires
Fri, 06 Sep 2024 17:36:54 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/ 		38 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b19226cc2de5fc76b98a1e3b1c72f90f202f999b7bb6233d179d0425b41af37d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sid.freemodsapp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 12:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
20084
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13570
x-xss-protection
0
server
cafe
etag
8322348364393239614
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 06 Sep 2024 12:02:10 GMT
8030b766aed06dbb
sid.freemodsapp.xyz/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 3781 		0
567 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sid.freemodsapp.xyz/cdn-cgi/challenge-platform/h/g/jsd/r/8030b766aed06dbb
Requested by
Host: sid.freemodsapp.xyz
URL: https://sid.freemodsapp.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c478 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 07 Sep 2023 17:36:55 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BKk4WgVMZ%2F2thonTbaorsmna2%2BccDX3Y7kLHKg0bMesANvaPgWa2poo9zWbzS43n44qFw9qiI%2BeKuTISJX0mxNnhEqt7X%2B4DwbvhuZFtH6tKycx5u00v0n%2Bf8%2FBQlocQ1KbhqWpvGJ%2Fx85L5MfbD%2BfN4"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
8030b775e9f067b1-MIA
alt-svc
h3=":443"; ma=86400
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fsid.freemodsapp.xyz%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fsid.freemodsapp.xyz%2F&rid=esp&cc=1
85 B
204 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fsid.freemodsapp.xyz%2F&rid=esp&cc=1
Protocol
H2
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
8b9572da0a42c36e3cb9b0c19062018a471ca0979bb803fb515435f3dfb8be10

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sid.freemodsapp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:36:54 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-wOEqA+URJCEYsh7of/rPTG/WD74"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sid.freemodsapp.xyz
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Thu, 07 Sep 2023 17:36:54 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://sid.freemodsapp.xyz
location
/esp?url=https%3A%2F%2Fsid.freemodsapp.xyz%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308310101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c4737cef2b32f3af50ae140dae0ed08c7cae552292afbddafc44009222c0fcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sid.freemodsapp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:36:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11800
x-xss-protection
0
container.html
e272c998be08bbea52de3f883f438e19.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2D7B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e272c998be08bbea52de3f883f438e19.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sid.freemodsapp.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 17:36:54 GMT
expires
Fri, 06 Sep 2024 17:36:54 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pd
google-bidout-d.openx.net/w/1.0/ Frame 8498 		594 B
813 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4589cc816983922c641ce3f4884bdc5c734eab07d079042eec0ecbc525f2f40c

Request headers

Referer
https://sid.freemodsapp.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
386
content-type
text/html
date
Thu, 07 Sep 2023 17:36:55 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
5111
8proof.com/app/rtbmarkup/ Frame 8531 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8proof.com/app/rtbmarkup/5111?id=602121727573&ctd=110055&crid=1195&ap=ZPoKNgAJzlUIaBZDAA5_hyWjTE_5FYxaRAdoDA
Requested by
Host: e272c998be08bbea52de3f883f438e19.safeframe.googlesyndication.com
URL: https://e272c998be08bbea52de3f883f438e19.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.116.53.150 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
96.35.7434.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
c6eab62309ea77d43b45ed3ac8e547ab8febe24c63119c0dbecc6639172b2aac

Request headers

Referer
https://e272c998be08bbea52de3f883f438e19.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=utf-8
date
Thu, 07 Sep 2023 17:36:55 GMT
server
nginx
vary
Accept-Encoding
adview
securepubads.g.doubleclick.net/pagead/ Frame 2D7B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Ct3lINgr6ZNWcJ8OsoPMPh_-5kAT6j4XmbaCDqMWtDcCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTg4MzQ2NDQyNTM1MjIwNjDIAQngAgCoAwHIAwKqBIsCT9DHlzgYKOrVwein63NUVd6gboXbzWDfMM3iGEhyLQdpLPvD73aYjouVyMBq4gsH0g36A-O6mtrZY5uR0qojO_RnmM0Aa1SiBJwaTCMZBhZ0XMGtEzDN-J7QjcOA-CKWcT7sHLPwq-8pptBjemDaqr7lbX2yITmYhlFHAXoFtluVbqMHSHTp-y489-IcJWzlrd-JMW1ePeikR9jsbm8F-P6DgrrTwPXe30qE4PxadG5QmisciZaNkEGEjJ9pmq4BlnlG_BxeO_f7eEQFKDtKPB_dZi-zRtWnh0-0Ie2hSqqUWZtncsOMK4OmEPf1AXoDzgpNq2q64hB8AzoV5Gw1WtngB0Ze1f2ktEY54AQBgAaD6e2Q-97--N4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKA_oLAggBgAwB0BUBgBcBshcdChsSFHB1Yi04ODM0NjQ0MjUzNTIyMDYwGLPOjgE&sigh=dqhBRLnc26Y&uach_m=[UACH]&cid=CAQSSwBpAlJWEy8KGyrbU6weU1YZ6SvAS14kgBEkUcLUlCOhak_QVxyo6-do5kbwTaDz-5PsMX5IuTKPyQeCXbgfOg9gC1R8A2gfNYdpcxgB&cbvp=2&vis=1
Requested by
Host: e272c998be08bbea52de3f883f438e19.safeframe.googlesyndication.com
URL: https://e272c998be08bbea52de3f883f438e19.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://e272c998be08bbea52de3f883f438e19.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers
win
8proof.com/app/ Frame 2D7B 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://8proof.com/app/win?id=602121727573&ap=ZPoKNgAJzlUIaBZDAA5_hyWjTE_5FYxaRAdoDA&t=b&cbvp=2
Requested by
Host: e272c998be08bbea52de3f883f438e19.safeframe.googlesyndication.com
URL: https://e272c998be08bbea52de3f883f438e19.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.116.53.150 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
96.35.7434.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://e272c998be08bbea52de3f883f438e19.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:36:55 GMT
content-length
0
server
nginx
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sid.freemodsapp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:36:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 07 Sep 2023 17:36:55 GMT
09385851-173c-ec3f-f26d-e1989ff1cbf3
pr-bh.ybp.yahoo.com/sync/openx/ Frame 8498 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/09385851-173c-ec3f-f26d-e1989ff1cbf3?gdpr=0
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a05:2218:9c0:7c54:ea30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:36:55 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame 8498
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=c5294268-9b3a-c58c-03b4-75fa0895cd5a
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=c5294268-9b3a-c58c-03b4-75fa0895cd5a&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=c5294268-9b3a-c58c-03b4-75fa0895cd5a&dcc=t
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 07 Sep 2023 17:36:55 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
2XEZMXYP1FTVEJSP2ZQJ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 07 Sep 2023 17:36:55 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
9WPDEP0VVT054ZWK5QRE
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=c5294268-9b3a-c58c-03b4-75fa0895cd5a&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 8498
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=9dff3e15-8790-7e76-c3ba-f76d60a606ba&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=9dff3e15-8790-7e76-c3ba-f76d60a606ba&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=f7fa9e1c-830a-48bc-8256-d953898d5293&ttd_puid=9dff3e15-8790-7e76-c3ba-f76d60a606ba&gdpr=0&gdpr_consent=
43 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=f7fa9e1c-830a-48bc-8256-d953898d5293&ttd_puid=9dff3e15-8790-7e76-c3ba-f76d60a606ba&gdpr=0&gdpr_consent=
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:36:55 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=f7fa9e1c-830a-48bc-8256-d953898d5293&ttd_puid=9dff3e15-8790-7e76-c3ba-f76d60a606ba&gdpr=0&gdpr_consent=
date
Thu, 07 Sep 2023 17:36:55 GMT
server
Kestrel
content-length
335
pixel
cm.g.doubleclick.net/ Frame 8498 		170 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjE5MGVkZGYtNGVlNy0yMGQyLWQ2NWEtYWRkNGFhNDRjOGRh
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:36:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 8498
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOW_qBJFxxSKSltdkcxi2-8&google_cver=1
43 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOW_qBJFxxSKSltdkcxi2-8&google_cver=1
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:36:55 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:36:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOW_qBJFxxSKSltdkcxi2-8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
e272c998be08bbea52de3f883f438e19.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9703 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e272c998be08bbea52de3f883f438e19.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sid.freemodsapp.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 17:36:54 GMT
expires
Fri, 06 Sep 2024 17:36:54 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A971 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sid.freemodsapp.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
20569
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 11:54:06 GMT
expires
Fri, 06 Sep 2024 11:54:06 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9DFC 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::6a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01a21cae02c3b1d991c4b49ee7c694f90bc03ad48498685170f1081df47d2c93
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Kp-ZL_GKhXIQy23keXhA7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sid.freemodsapp.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
538
content-security-policy
script-src 'report-sample' 'nonce-Kp-ZL_GKhXIQy23keXhA7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 17:36:55 GMT
expires
Thu, 07 Sep 2023 17:36:55 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
montserrat-v25-latin-800.woff2
cdn.8proof.com/ads/assets/fonts/ Frame 8531 		0
0
montserrat-v25-latin-600.woff2
cdn.8proof.com/ads/assets/fonts/ Frame 8531 		0
0
css2
fonts.googleapis.com/ Frame 9703 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: e272c998be08bbea52de3f883f438e19.safeframe.googlesyndication.com
URL: https://e272c998be08bbea52de3f883f438e19.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://e272c998be08bbea52de3f883f438e19.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 07 Sep 2023 17:36:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 16:08:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 07 Sep 2023 17:36:55 GMT
5111
8proof.com/app/rtbmarkup/ Frame 2DA6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8proof.com/app/rtbmarkup/5111?id=602121728739&ctd=110048&crid=1180&ap=ZPoKNgAMa-AIaBSwAA8lthSpbDYJdjJ6UrQ-kw
Requested by
Host: sid.freemodsapp.xyz
URL: https://sid.freemodsapp.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.116.53.150 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
96.35.7434.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
7cbc50a5c21eb419b55acb296c4ca00e2831e41f9ee26c140c0b4a016653cefa

Request headers

Referer
https://e272c998be08bbea52de3f883f438e19.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=utf-8
date
Thu, 07 Sep 2023 17:36:55 GMT
server
nginx
vary
Accept-Encoding
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/ Frame 9703 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: e272c998be08bbea52de3f883f438e19.safeframe.googlesyndication.com
URL: https://e272c998be08bbea52de3f883f438e19.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://e272c998be08bbea52de3f883f438e19.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 11:59:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
20248
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8566
x-xss-protection
0
server
cafe
etag
5625731030761120726
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Sep 2023 11:59:27 GMT
YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js
pagead2.googlesyndication.com/bg/ Frame A971 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6018a7484ad37a4bf1ba98dbeaf8a740d68f07387c284888a31e908a76eac97e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:36:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
7
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14735
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 06 Sep 2024 17:36:48 GMT
montserrat-v25-latin-800.woff2
cdn.8proof.com/ads/assets/fonts/ Frame 2DA6 		0
0
montserrat-v25-latin-600.woff2
cdn.8proof.com/ads/assets/fonts/ Frame 2DA6 		0
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 9DFC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308310101&jk=2921469600202215&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame A971 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?g2QmpQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:36:55 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308310101&jk=2921469600202215&bg=!b2ylbCPNAAa6D61Rmg87ADQBe5WfOCHpLt01sSIv3K20kp5cNAfdVsjfJDHi44sL2yd7akbjRviWrVM3CBGl0JHuUJAVAgAAAF9SAAAACWgBBwoAHqiRgC7PAN4mH3D-LDy2iFr6Ctn2C7m8GtVN690225kC3BTlwE9D0jaCoZ_jDL9TKI-7biraG1RiwE-jogO0TRq_AsYof6yp3iWhCDDCrs7F8M1LW2MVUQqio0-W1mCf3AwXOehb6ARdJaMPOg_rTC8TmnNv92rByZt0EKIRJBqO9Gyu1H2ey01w6LkOeneFNvAVnjGVQCUfkyO8ZX2rLFcebJ3YZ--EdtofDRfsrJUXqVyMXQ11J86nIylVG7ZRkHikpoSxU9wjzwLp0RjvF-TSKuIuQds-bbHKuSf_vlf9Tbb1xre30gZ3o1P4WyuRb1pFTnYFOZtU2Yz-X_MfERIBVKpdIIlzUJjxSsc58wpLR-Ybggybt1DCDCTVk61FT1wxksP3cpHVTGVEh09cOEqlW8Q2sYq9Ok21ow0yjCEpFqUl_MjkxcSujI9lGrz55uW5em5nE4nvh-9skZfad2FVANhjmcmHXFs9f1U8QLPs7bZfoIkFgakoYFE9QaQbsHAObtvYUtWtOBUd4OYQ8kKLmO67joECeMSyV-4LNiY7KizhpWikjUUD-ziU_BGUXwrWvQOj6cBiibUgHhk5pnAAhyyqgcFLMIaVyMJVBGYo556NmMDevBmTtnLDsPYNVXbJHia_lGM1mFYSgt7FePpgYf4ZZb18p0cd7GSFv5aP2yLhYrMp6xMqWpyxiUAW-_cEUB2Pgqg6LSXvoj1AoglrDU0MSroTlY5rnDKuoMO95o9dZB47wJxvdwdrplNxOk0jYcbOYY9KEoa6SE5l6LgOK6Fuf8zX-Ac40LPydPHfI245ZJNuLf0zICRQT2tklEh5fk6WuzEm2z6RK4z6V-6fcjaGDBv2f8P8suW2X-R6qtVqnQCvYq91OZddS2tErxtGEZltkjidEWkw7re5AZFE61i0elLAXTX8B44VU3gmFN6v4xzCcAtunhEpWi87TjmI_5aqMyIEVCNl0f4bu88f-EPPjxPLE2ONrIMQfgAOGC38o2MzGZFXAdQPFQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sid.freemodsapp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.8proof.com
URL
https://cdn.8proof.com/ads/assets/fonts/montserrat-v25-latin-800.woff2
Domain
cdn.8proof.com
URL
https://cdn.8proof.com/ads/assets/fonts/montserrat-v25-latin-600.woff2
Domain
cdn.8proof.com
URL
https://cdn.8proof.com/ads/assets/fonts/montserrat-v25-latin-800.woff2
Domain
cdn.8proof.com
URL
https://cdn.8proof.com/ads/assets/fonts/montserrat-v25-latin-600.woff2

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| documentPictureInPicture object| interstitialSlot object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue object| ct_localizations object| blocksyJsonP object| ctEvents object| ctFrontend object| blocksyResponsiveMenuCache undefined| google_measure_js_timing object| google_reactive_ads_global_state number| google_unique_id object| gaGlobal object| regeneratorRuntime object| ox_esp object| GoogleGcLKhOms object| google_image_requests

13 Cookies

Domain/Path Name / Value
.openx.net/ Name: i
Value: 4e53014c-2e17-4181-996c-3f8504813547|1694108214
.doubleclick.net/ Name: IDE
Value: AHWqTUn_SVYnpu7DtjTVSOiADOBtZsTfMU31kmcpKuTLlHVy_X5aOlgWogPUNFV9UqY
.freemodsapp.xyz/ Name: cf_clearance
Value: mjnSCk4sNWQub9cem_8DNgwtDVaBLNw8y3YklsDYDHU-1694108214-0-1-f5110ce4.bc9cf866.9dabf16c-0.2.1694108214
.openx.net/ Name: pd
Value: v2|1694108214|vMgavPkWgy
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.freemodsapp.xyz/ Name: __gads
Value: ID=be06425a774d35ff:T=1694108214:RT=1694108214:S=ALNI_Mbm7XNlT9CZsr_8rHOsuOFqgf_55w
.freemodsapp.xyz/ Name: __gpi
Value: UID=00000d90c17fc9b8:T=1694108214:RT=1694108214:S=ALNI_Maxu60k6SltURx9sbV-OzflNpyBvA
.adsrvr.org/ Name: TDID
Value: f7fa9e1c-830a-48bc-8256-d953898d5293
.yahoo.com/ Name: A3
Value: d=AQABBDcK-mQCELe0BOc-N7wAdm5M_Dn_z-MFEgEBAQFb-2QDZQAAAAAA_eMAAA&S=AQAAAokVY5fGOZ5Le2RGD4h-s9E
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwjU07ap-PSXPBAFOAE.
.openx.net/ Name: univ_id
Value: 537072971|f7fa9e1c-830a-48bc-8256-d953898d5293|1694108215299056
.amazon-adsystem.com/ Name: ad-id
Value: A-wBYvMofEmRjfaUXHZ21eU
.amazon-adsystem.com/ Name: ad-privacy
Value: 0

8 Console Messages

Source Level URL
Text
javascript error URL: https://8proof.com/app/rtbmarkup/5111?id=602121727573&ctd=110055&crid=1195&ap=ZPoKNgAJzlUIaBZDAA5_hyWjTE_5FYxaRAdoDA
Message:
Access to font at 'https://cdn.8proof.com/ads/assets/fonts/montserrat-v25-latin-800.woff2' from origin 'https://8proof.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cdn.8proof.com/ads/assets/fonts/montserrat-v25-latin-800.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://8proof.com/app/rtbmarkup/5111?id=602121727573&ctd=110055&crid=1195&ap=ZPoKNgAJzlUIaBZDAA5_hyWjTE_5FYxaRAdoDA
Message:
Access to font at 'https://cdn.8proof.com/ads/assets/fonts/montserrat-v25-latin-600.woff2' from origin 'https://8proof.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cdn.8proof.com/ads/assets/fonts/montserrat-v25-latin-600.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://8proof.com/app/rtbmarkup/5111?id=602121728739&ctd=110048&crid=1180&ap=ZPoKNgAMa-AIaBSwAA8lthSpbDYJdjJ6UrQ-kw
Message:
Access to font at 'https://cdn.8proof.com/ads/assets/fonts/montserrat-v25-latin-600.woff2' from origin 'https://8proof.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cdn.8proof.com/ads/assets/fonts/montserrat-v25-latin-600.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://8proof.com/app/rtbmarkup/5111?id=602121728739&ctd=110048&crid=1180&ap=ZPoKNgAMa-AIaBSwAA8lthSpbDYJdjJ6UrQ-kw
Message:
Access to font at 'https://cdn.8proof.com/ads/assets/fonts/montserrat-v25-latin-800.woff2' from origin 'https://8proof.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cdn.8proof.com/ads/assets/fonts/montserrat-v25-latin-800.woff2
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8proof.com
cdn.8proof.com
cm.g.doubleclick.net
e272c998be08bbea52de3f883f438e19.safeframe.googlesyndication.com
fonts.googleapis.com
google-bidout-d.openx.net
match.adsrvr.org
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
pr-bh.ybp.yahoo.com
s.amazon-adsystem.com
securepubads.g.doubleclick.net
sid.freemodsapp.xyz
tpc.googlesyndication.com
us-u.openx.net
www.google.com
cdn.8proof.com
15.197.193.217
172.253.63.154
2600:1f18:4e9:5a05:2218:9c0:7c54:ea30
2606:4700:3031::ac43:c478
2607:f8b0:4004:c06::6a
2607:f8b0:4004:c07::84
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c17::84
2607:f8b0:4004:c17::9d
2607:f8b0:4004:c1d::9b
34.102.146.192
34.120.135.53
35.244.159.8
52.116.53.150
52.46.130.91
01a21cae02c3b1d991c4b49ee7c694f90bc03ad48498685170f1081df47d2c93
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
25ca405ac4c391a1e993b37b9342c08dbe36d2a9af8d6f7c433c0b9aebbf159d
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
43d9cb6826f527090cb8ed3aed8dd3ffcf8d1c46bc34839128e916015dd4bc60
4589cc816983922c641ce3f4884bdc5c734eab07d079042eec0ecbc525f2f40c
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4d71c669d67470ba24ccfa7523655975ff4609ac0100044e2f51fc1fe8d14495
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
6018a7484ad37a4bf1ba98dbeaf8a740d68f07387c284888a31e908a76eac97e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
6c4737cef2b32f3af50ae140dae0ed08c7cae552292afbddafc44009222c0fcf
7c858b03cd6f32628792b68fa1f0f913c4d3cfcdb5f9ab57b8be110972d251be
7cbc50a5c21eb419b55acb296c4ca00e2831e41f9ee26c140c0b4a016653cefa
8b9572da0a42c36e3cb9b0c19062018a471ca0979bb803fb515435f3dfb8be10
9a618efcbe15869a55c778793fc350c448e4e5c5c24878b6e059252e05c038e3
b19226cc2de5fc76b98a1e3b1c72f90f202f999b7bb6233d179d0425b41af37d
bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b
bfcadd94b2806f8c5a32a575b48031260a1cce466354d866aa3088362c40cd97
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c6eab62309ea77d43b45ed3ac8e547ab8febe24c63119c0dbecc6639172b2aac
e2e92123f47bd9b070df8ce58db22eb6ca89aa66b8e8c1d4225d085d7427402b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f24fe87fdefa0262c8c4a085fd060be49f77ba0a54c438fbae0df44ad6a77bdf
f6e0046b99ea390cf12c7a6075ed26b99bcdf483dec6d6b11b94a3cce1394b15
fbf2e93dc7f757895a1da9f8dec0e3592ce8a2e929f814341ec2e3bc1d4bff8c