www.freedidi.com Open in urlscan Pro
2606:4700:20::ac43:4be2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.ahwei.link/
Effective URL:
https://www.freedidi.com/9982.html
Submission: On October 30 via api (October 30th 2023, 4:40:37 am UTC) from US — Scanned from US

Summary HTTP 155 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 28 IPs in 4 countries across 28 domains to perform 155 HTTP transactions. The main IP is 2606:4700:20::ac43:4be2, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.freedidi.com.
TLS certificate: Issued by GTS CA 1P5 on September 27th 2023. Valid for: 3 months.

This is the only time www.freedidi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.8.134.32 52.8.134.32	16509 (AMAZON-02) (AMAZON-02)
1 41	2606:4700:20:... 2606:4700:20::ac43:4be2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2607:f8b0:400... 2607:f8b0:4006:824::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 13	2607:f8b0:400... 2607:f8b0:4006:81f::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81c::2002	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:46::40 2620:1ec:46::40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	151.101.193.108 151.101.193.108	54113 (FASTLY) (FASTLY)
17	2607:f8b0:400... 2607:f8b0:4006:81e::2001	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:809::2002	15169 (GOOGLE) (GOOGLE)
2 5	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
14	2607:f8b0:400... 2607:f8b0:4006:821::200e	15169 (GOOGLE) (GOOGLE)
4	68.67.160.137 68.67.160.137	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2607:f8b0:400... 2607:f8b0:4006:81f::200a	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:81f::2003	15169 (GOOGLE) (GOOGLE)
1 4	2607:f8b0:400... 2607:f8b0:4006:821::2004	15169 (GOOGLE) (GOOGLE)
1	2620:100:a001... 2620:100:a001::24	19750 (AS-CRITEO) (AS-CRITEO)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 14	142.250.80.98 142.250.80.98	15169 (GOOGLE) (GOOGLE)
2 2	35.211.178.172 35.211.178.172	19527 (GOOGLE-2) (GOOGLE-2)
2 2	185.167.164.49 185.167.164.49	198622 (ADFORM) (ADFORM)
2 2	51.222.239.232 51.222.239.232	16276 (OVH) (OVH)
2 2	35.207.24.140 35.207.24.140	15169 (GOOGLE) (GOOGLE)
2 3	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2620:100:a001::3 2620:100:a001::3	19750 (AS-CRITEO) (AS-CRITEO)
7	2620:100:a001::4 2620:100:a001::4	19750 (AS-CRITEO) (AS-CRITEO)
1	74.119.119.147 74.119.119.147	19750 (AS-CRITEO) (AS-CRITEO)
1	2620:100:a001::9 2620:100:a001::9	19750 (AS-CRITEO) (AS-CRITEO)
1	2620:100:a001... 2620:100:a001::16	19750 (AS-CRITEO) (AS-CRITEO)
1	2620:116:800b... 2620:116:800b:21:1456:d0e1:7db4:a56b	14618 (AMAZON-AES) (AMAZON-AES)
1 1	38.98.69.175 38.98.69.175	174 (COGENT-174) (COGENT-174)
2 2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 1	20.253.86.149 20.253.86.149	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	54.209.223.112 54.209.223.112	14618 (AMAZON-AES) (AMAZON-AES)
1 2	69.192.109.215 69.192.109.215	16625 (AKAMAI-AS) (AKAMAI-AS)
2	142.251.40.130 142.251.40.130	15169 (GOOGLE) (GOOGLE)
155	28

1 52.8.134.32 (San Jose, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-8-134-32.us-west-1.compute.amazonaws.com

www.ahwei.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 2606:4700:20::ac43:4be2 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.freedidi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2607:f8b0:4006:824::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f8b0:4006:81f::2002 (United States) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81c::2002 (United States)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:46::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

adsdk.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.108 (United States)

ASN54113 (FASTLY, US)

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2607:f8b0:4006:81e::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:809::2002 (United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:c11::200 (United States) 2 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2607:f8b0:4006:821::200e (United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.67.160.137 (Fairfield, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

nym1-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81f::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:81f::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:821::2004 (United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::24 (United States)

ASN19750 (AS-CRITEO, US)

ads.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.80.98 (Plainview, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.178.172 (North Charleston, United States) 2 redirects

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.167.164.49 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.222.239.232 (Canada) 2 redirects

ASN16276 (OVH, FR)
PTR: ip232.ip-51-222-239.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.207.24.140 (North Charleston, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8::90 (Ulyanovsk, Russian Federation) 2 redirects

ASN208722 (GLOBAL_DC, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::3 (United States)

ASN19750 (AS-CRITEO, US)

rtb.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.147 (United States)

ASN19750 (AS-CRITEO, US)

cat.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::9 (United States)

ASN19750 (AS-CRITEO, US)

imageproxy.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::16 (United States)

ASN19750 (AS-CRITEO, US)

csm.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800b:21:1456:d0e1:7db4:a56b (United States)

ASN14618 (AMAZON-AES, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.98.69.175 (North Bergen, United States) 1 redirects

ASN174 (COGENT-174, US)

aep.mxptint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.253.86.149 (Tappahannock, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

mweb.ck.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.209.223.112 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-223-112.compute-1.amazonaws.com

beacon.lynx.cognitivlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.192.109.215 (New York, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-109-215.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.130 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	freedidi.com 1 redirects www.freedidi.com	661 KB
33	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	410 KB
27	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 245	145 KB
18	google.com 1 redirects fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1359 www.google.com — Cisco Umbrella Rank: 2	64 KB
9	criteo.net static.criteo.net — Cisco Umbrella Rank: 668 imageproxy.us.criteo.net — Cisco Umbrella Rank: 2999 csm.us.criteo.net — Cisco Umbrella Rank: 2920	21 KB
6	gstatic.com www.gstatic.com	40 KB
5	bing.com 2 redirects www.bing.com — Cisco Umbrella Rank: 66	13 KB
5	adnxs.com cdn.adnxs.com — Cisco Umbrella Rank: 1682 nym1-ib.adnxs.com — Cisco Umbrella Rank: 1143	30 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	238 KB
3	yandex.ru 2 redirects an.yandex.ru — Cisco Umbrella Rank: 5085	1 KB
3	criteo.com ads.us.criteo.com — Cisco Umbrella Rank: 2842 rtb.va.us.criteo.com — Cisco Umbrella Rank: 6312 cat.va.us.criteo.com — Cisco Umbrella Rank: 3136	40 KB
3	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1181 www.googleadservices.com — Cisco Umbrella Rank: 145	603 B
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1403	605 B
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 353	876 B
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com — Cisco Umbrella Rank: 1131	1 KB
2	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 746	1 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 599	1 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 351	2 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 860 s.tribalfusion.com — Cisco Umbrella Rank: 2311	1 KB
1	cognitivlabs.com 1 redirects beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1484	642 B
1	inmobi.com 1 redirects mweb.ck.inmobi.com — Cisco Umbrella Rank: 2875	463 B
1	mxptint.net 1 redirects aep.mxptint.net — Cisco Umbrella Rank: 5755	731 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 764	464 B
1	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 377	640 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	1 KB
1	microsoft.com adsdk.microsoft.com — Cisco Umbrella Rank: 4948	36 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 899	7 KB
1	ahwei.link 1 redirects www.ahwei.link	281 B
155	28

	Domain	Requested by
41	www.freedidi.com	1 redirects www.freedidi.com static.cloudflareinsights.com
17	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
16	pagead2.googlesyndication.com	www.freedidi.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
14	cm.g.doubleclick.net	2 redirects googleads.g.doubleclick.net www.freedidi.com
14	fundingchoicesmessages.google.com	pagead2.googlesyndication.com www.freedidi.com
13	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
7	static.criteo.net	ads.us.criteo.com
6	www.gstatic.com	googleads.g.doubleclick.net
5	www.bing.com	2 redirects googleads.g.doubleclick.net www.freedidi.com
4	www.google.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
4	nym1-ib.adnxs.com	googleads.g.doubleclick.net cdn.adnxs.com
4	www.googletagservices.com	googleads.g.doubleclick.net
3	an.yandex.ru	2 redirects
2	www.googleadservices.com	www.freedidi.com
2	sync.teads.tv	1 redirects
2	match.adsrvr.org	2 redirects
2	rtb.mfadsrvr.com	2 redirects
2	onetag-sys.com	2 redirects
2	c1.adform.net	2 redirects
2	x.bidswitch.net	2 redirects
1	beacon.lynx.cognitivlabs.com	1 redirects
1	mweb.ck.inmobi.com	1 redirects
1	aep.mxptint.net	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	csm.us.criteo.net	ads.us.criteo.com
1	imageproxy.us.criteo.net	ads.us.criteo.com
1	cat.va.us.criteo.com	ads.us.criteo.com
1	rtb.va.us.criteo.com	googleads.g.doubleclick.net
1	px.ads.linkedin.com	1 redirects
1	s.tribalfusion.com	googleads.g.doubleclick.net
1	a.tribalfusion.com	1 redirects
1	ads.us.criteo.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	cdn.adnxs.com	googleads.g.doubleclick.net
1	adsdk.microsoft.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	static.cloudflareinsights.com	www.freedidi.com
1	www.ahwei.link	1 redirects
155	38

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
space.bilibili.com
www.dynadot.com
vercel.com
www.vultr.com
twitter.com
www.facebook.com
pinterest.com
www.linkedin.com
bittly.cc
go.expressvpn.com

Subject Issuer	Validity	Valid
freedidi.com GTS CA 1P5	`2023-09-27` - `2023-12-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
adsdk.microsoft.com Microsoft Azure TLS Issuing CA 02	`2023-10-11` - `2024-04-08`	6 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.us.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-01` - `2023-12-02`	3 months	crt.sh
*.va.us.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-21` - `2023-12-17`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.us.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-16` - `2024-01-18`	3 months	crt.sh
quantserve.com R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh

This page contains 20 frames:

Primary Page: https://www.freedidi.com/9982.html
Frame ID: AEC982BD808656B085509946C11B5DE6
Requests: 65 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20190131/zrt_lookup.html
Frame ID: 38C6D6864FF53BC93C656A10C8B06ADE
Requests: 1 HTTP requests in this frame

Frame: https://www.freedidi.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/c359bc3d/main.js
Frame ID: 171B44E443E5305871C7AB431B67C1AB
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3907260628152818&output=html&adk=1812271804&adf=3025194257&lmt=1698676241&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.freedidi.com%2F9982.html&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698640829127&bpp=7&bdt=520&idt=539&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1881258287801&frm=20&pv=2&ga_vid=1487215949.1698640830&ga_sid=1698640830&ga_hid=5260425&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079083%2C44805931%2C44806738%2C31078301&oid=2&pvsid=811607028370533&tmod=2078831252&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=563
Frame ID: 88AB7EC931435F53E0B865D71DB4676B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3907260628152818&output=html&h=590&slotname=8860042738&adk=3730733119&adf=140651668&pi=t.ma~as.8860042738&w=1180&cr_col=4&cr_row=2&fwrn=2&lmt=1698676241&rafmt=9&format=1180x590&url=https%3A%2F%2Fwww.freedidi.com%2F9982.html&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698640829134&bpp=2&bdt=527&idt=562&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1881258287801&frm=20&pv=1&ga_vid=1487215949.1698640830&ga_sid=1698640830&ga_hid=5260425&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=100&ady=3012&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079083%2C44805931%2C44806738%2C31078301&oid=2&pvsid=811607028370533&tmod=2078831252&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=IyenKkdmDh&p=https%3A//www.freedidi.com&dtd=571
Frame ID: 02737C647054C428D30B01463BEF4414
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3907260628152818&output=html&h=600&slotname=8121676132&adk=1871830121&adf=2363148817&pi=t.ma~as.8121676132&w=220&fwrn=4&fwrnh=100&lmt=1698676241&rafmt=1&format=220x600&url=https%3A%2F%2Fwww.freedidi.com%2F9982.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698640829136&bpp=3&bdt=530&idt=575&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1180x590&nras=1&correlator=1881258287801&frm=20&pv=1&ga_vid=1487215949.1698640830&ga_sid=1698640830&ga_hid=5260425&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1340&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079083%2C44805931%2C44806738%2C31078301&oid=2&pvsid=811607028370533&tmod=2078831252&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=CcuaZm2u3A&p=https%3A//www.freedidi.com&dtd=581
Frame ID: 360BF9CF359E0D28EF86FFE6E9B121D2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3907260628152818&output=html&h=280&slotname=8121676132&adk=2110978461&adf=1795251393&pi=t.ma~as.8121676132&w=1200&fwrn=4&fwrnh=100&lmt=1698676241&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.freedidi.com%2F9982.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698640829139&bpp=1&bdt=533&idt=623&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1180x590%2C220x600&nras=1&correlator=1881258287801&frm=20&pv=1&ga_vid=1487215949.1698640830&ga_sid=1698640830&ga_hid=5260425&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=3848&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079083%2C44805931%2C44806738%2C31078301&oid=2&pvsid=811607028370533&tmod=2078831252&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=WuTmboHrri&p=https%3A//www.freedidi.com&dtd=627
Frame ID: 9A0A3D7F93987F07A7B711387F646339
Requests: 1 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: 5232C93B8C9A3AAC67D760461A42A224
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3907260628152818&output=html&h=240&adk=160681226&adf=626423659&pi=t.aa~a.601257254~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1698676241&rafmt=1&to=qs&pwprc=3889220726&format=300x240&url=https%3A%2F%2Fwww.freedidi.com%2F9982.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698640830539&bpp=2&bdt=1933&idt=-M&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd3fa451c4fe5cdaf%3AT%3D1698640829%3ART%3D1698640829%3AS%3DALNI_Ma_akyAxRRC9UvrsKGpW1OGmF6A9Q&gpic=UID%3D00000d9d9821ad12%3AT%3D1698640829%3ART%3D1698640829%3AS%3DALNI_MaPTj_E25uDkk2ACeGpVkCgNw4YWg&prev_fmts=0x0%2C1180x590%2C220x600%2C1200x280&nras=2&correlator=1881258287801&frm=20&pv=1&ga_vid=1487215949.1698640830&ga_sid=1698640830&ga_hid=5260425&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1300&ady=1241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079083%2C44805931%2C44806738%2C31078301&oid=2&pvsid=811607028370533&tmod=2078831252&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=8fCMXJKRJe&p=https%3A//www.freedidi.com&dtd=104
Frame ID: 50471A658AE04A3DB991C3E7735F6B79
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3907260628152818&output=html&h=90&adk=3921313794&adf=1937372392&pi=t.aa~a.2849377179~rp.4&w=1180&fwrn=1&fwrnh=100&lmt=1698676241&rafmt=1&to=qs&pwprc=3889220726&format=1180x90&url=https%3A%2F%2Fwww.freedidi.com%2F9982.html&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698640830539&bpp=1&bdt=1933&idt=-M&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd3fa451c4fe5cdaf%3AT%3D1698640829%3ART%3D1698640829%3AS%3DALNI_Ma_akyAxRRC9UvrsKGpW1OGmF6A9Q&gpic=UID%3D00000d9d9821ad12%3AT%3D1698640829%3ART%3D1698640829%3AS%3DALNI_MaPTj_E25uDkk2ACeGpVkCgNw4YWg&prev_fmts=0x0%2C1180x590%2C220x600%2C1200x280%2C300x240&nras=3&correlator=1881258287801&frm=20&pv=1&ga_vid=1487215949.1698640830&ga_sid=1698640830&ga_hid=5260425&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=100&ady=2254&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079083%2C44805931%2C44806738%2C31078301&oid=2&pvsid=811607028370533&tmod=2078831252&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=UDfxRXMur8&p=https%3A//www.freedidi.com&dtd=115
Frame ID: DD84A5258CEB612EE79ACB8BDD86E257
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1
Frame ID: 5F4BE5144D0018064551423A08DCA7D1
Requests: 6 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=ZT8zvgAKkCgE0aPxAAQRw8Gxy7Dydq7DZRd69Q&u=%7CbSeKvK0WIlefMXJd73DV0dQGo%2Bxzauu3NNNjPRU%2Fgds%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR6JaQbtbG989qYxMuTT2xEjM0SlPNkBp1w7xRV07GhHiGkG9JeimBj_2CTcNVvPV3crBPwcj_1YryGry7UPVV6bo4pcAtVK6BVzTRjfBml0tb1iVm3q5_zecUJgG5OZ7PkWGLCpkL_OlR0dTUpDHlFfMh8pUcg52mUxQDEPO_Lop_IOUWPi5pHnXKa3vImaouK_yNPjlhPQxZII0xdbkbXzOx4YORSiy8K33JtSGWIL5H073IsWYEar26vYkx0Xj-F8cgKJYiBFMg5LEVPHx7o3Bh2f8Wij6PYCvsA0QkSC9SN7wxKg3WVPnn3W9xLjhL-lY2LEsRXBbvYXMBcsuHAzk8rb2xBFWkSodx5tfmROrcWMLXMr6ERNtbrdxWfnCZW6xMqUqSLRbrqsyXf5nomphvlIMqL--09EPtr1l4G47GXAIyeYs9A9tDgTd_yHV9Q7pL45NgFjmX0bnN1vX0aBrXP7Ud7nrU4pKUWEeNYclWt0mlB3keNknHeVerCocHkHyQ8p0_EZJVHxns3OKSc-e7c-wks1pz0sSo65pIMoJYXPYVdlDYUxcTRN9G1Wpmg8TIeK3_RtKw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR4RrvjM_ZaigKvHHxtYPw6OQ4AOcge-wXKqbqap0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItMzkwNzI2MDYyODE1MjgxOMgBCagDAcgDAqoE5gFP0IjvRzZ9n8BRsuy-N3uB352EimhjdnFfiTYMSs782Qm0aSv_Rve095Y7wyAZFY3auBm2lh4iekE1c-W9L2OxQD-QcoyFymgsnaVJ52lF67zLPq6-78mZKKGtxxzHVtuQlS0yGxQE_dH6hQv-uS-mVxiBPcQNCy9gvDzT9qmjqI1jdU6n-o6D4rDpwWYn8tEi_Rmn28pZCf-diA-qcIax8gq6kHi_zdVsYCHXXeB_cd_xviiigLTG1EepbzORosPZg-XnS4FQa1eZcHXwQfy-376o-XdTskhrLMAC7jDi8eP-t1rQUoAGpaLYz_-s-ujtAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0OjPc-Wau7SAfpYVHEHKWN-LKONw%26client%3Dca-pub-3907260628152818%26adurl%3D
Frame ID: 84D60A710443172B0821F85B77002EDD
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 85DCB7F1910CF8C16904139BA9CE5F5D
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/load_preloaded_resource_fy2021.js
Frame ID: 58928BFDE246D659CBB78FF439778343
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EHo6i7O_0JOvtrr8dxlkDoYuw_rm2628d10tqmkoAl4.js
Frame ID: BDE1A52E1EA58BA70B2188CB6DCA07AE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 02C232458545DB2C782B918623F9649D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 23696FF76006BE0C490F79D98632E459
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EHo6i7O_0JOvtrr8dxlkDoYuw_rm2628d10tqmkoAl4.js
Frame ID: A48E3636A57064F8289BBE8762049ECF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6D776EABC2298412EBB5742CE6C8432D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A105418990338B4F393CA9D321209EA9
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

最新可用的【免费域名】注册教程！无需实名验证，不需要信用卡 – 零度解说

Page URL History Show full URLs

https://www.ahwei.link/ HTTP 301
https://www.freedidi.com/9982.html Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

155
Requests

88 %
HTTPS

59 %
IPv6

28
Domains

38
Subdomains

28
IPs

4
Countries

1706 kB
Transfer

4057 kB
Size

33
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.youtube.com/channel/UCvijahEyGtvMpmMHBu4FS2w
Title: 油管

Search URL Search Domain Scan URL

URL: https://space.bilibili.com/625267185
Title: B站

Search URL Search Domain Scan URL

URL: https://www.dynadot.com/register-your-free-link-domain
Title: 链接直达

Search URL Search Domain Scan URL

URL: https://vercel.com/new/clone?repository-url=https://github.com/EvanNotFound/vercel-hexo-template/tree/main&template=hexo
Title: 点击打开

Search URL Search Domain Scan URL

URL: https://www.vultr.com/?ref=7045490
Title: 链接直达

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.freedidi.com/9982.html&text=%E6%9C%80%E6%96%B0%E5%8F%AF%E7%94%A8%E7%9A%84%E3%80%90%E5%85%8D%E8%B4%B9%E5%9F%9F%E5%90%8D%E3%80%91%E6%B3%A8%E5%86%8C%E6%95%99%E7%A8%8B%EF%BC%81%E6%97%A0%E9%9C%80%E5%AE%9E%E5%90%8D%E9%AA%8C%E8%AF%81%EF%BC%8C%E4%B8%8D%E9%9C%80%E8%A6%81%E4%BF%A1%E7%94%A8%E5%8D%A1

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.freedidi.com/9982.html

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https://www.freedidi.com/9982.html&media=&description=%E6%9C%80%E6%96%B0%E5%8F%AF%E7%94%A8%E7%9A%84%E3%80%90%E5%85%8D%E8%B4%B9%E5%9F%9F%E5%90%8D%E3%80%91%E6%B3%A8%E5%86%8C%E6%95%99%E7%A8%8B%EF%BC%81%E6%97%A0%E9%9C%80%E5%AE%9E%E5%90%8D%E9%AA%8C%E8%AF%81%EF%BC%8C%E4%B8%8D%E9%9C%80%E8%A6%81%E4%BF%A1%E7%94%A8%E5%8D%A1

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.freedidi.com/9982.html

Search URL Search Domain Scan URL

URL: https://bittly.cc/Surfshark

Search URL Search Domain Scan URL

URL: https://go.expressvpn.com/c/2612933/1645830/16063

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.ahwei.link/ HTTP 301
https://www.freedidi.com/9982.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://www.freedidi.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.freedidi.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/c359bc3d/main.js

Request Chain 55

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=77393372-8b51-4770-81ca-21369c66b783&bidId=15000&bidderId=4&cmExpId=V7&oAdUnit=391466&publisherId=162645330&rId=364d434c-9f90-4119-9264-cd0c00e805ad&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D95a8b4effae249a99889246c8873595a%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=knaqe_3c_pyvpxpbasvezngvba&aid=6110469530564332039 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=95a8b4effae249a99889246c8873595a&SNR=1&GV=2&med=10

Request Chain 87

https://a.tribalfusion.com/i.match?p=b6&u=CAESEBzNwC1spegN1gymD0PMjeQ&google_cver=1&google_push=AXcoOmRGHJnPSRqnqhgYppoFwHRY0qSZIQOD60MsCVodwLO-EP2qEt1Kg--CYiRU6duPKqFMCvsrrSjLMn057dYUUNa6IuGcrArC7Ug&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRGHJnPSRqnqhgYppoFwHRY0qSZIQOD60MsCVodwLO-EP2qEt1Kg--CYiRU6duPKqFMCvsrrSjLMn057dYUUNa6IuGcrArC7Ug%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBzNwC1spegN1gymD0PMjeQ&google_cver=1&google_push=AXcoOmRGHJnPSRqnqhgYppoFwHRY0qSZIQOD60MsCVodwLO-EP2qEt1Kg--CYiRU6duPKqFMCvsrrSjLMn057dYUUNa6IuGcrArC7Ug&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRGHJnPSRqnqhgYppoFwHRY0qSZIQOD60MsCVodwLO-EP2qEt1Kg--CYiRU6duPKqFMCvsrrSjLMn057dYUUNa6IuGcrArC7Ug%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 88

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEDq4h-ktnwRlSlsvZB_rvVw&google_cver=1&google_push=AXcoOmRLm_eRHYl-8YU6-RN4vDy0_YviWiDYqdNKuGX4BGzM3NBwLqNtcpvbP7dseJjdsDWamAGt68ibKDCpS1dxW2WwXEj-n34HwA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmRLm_eRHYl-8YU6-RN4vDy0_YviWiDYqdNKuGX4BGzM3NBwLqNtcpvbP7dseJjdsDWamAGt68ibKDCpS1dxW2WwXEj-n34HwA

Request Chain 89

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJ9EHF6BEjmyBY0LNm4MBI8&google_cver=1&google_push=AXcoOmRtmRaRAidqf-XWVFYNiiDUcF-UIf-UseGfLfIiCq38G88g6mCx4jGeD0hAJeA0R4-Xg6vpzxffWdeNmBZLEgFUNQGICU11_Zs HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEJ9EHF6BEjmyBY0LNm4MBI8&google_cver=1&google_push=AXcoOmRtmRaRAidqf-XWVFYNiiDUcF-UIf-UseGfLfIiCq38G88g6mCx4jGeD0hAJeA0R4-Xg6vpzxffWdeNmBZLEgFUNQGICU11_Zs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRtmRaRAidqf-XWVFYNiiDUcF-UIf-UseGfLfIiCq38G88g6mCx4jGeD0hAJeA0R4-Xg6vpzxffWdeNmBZLEgFUNQGICU11_Zs&google_hm=ciLQnGYBQMOkQubqS7xceg==

Request Chain 90

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEM6QXs6rzBhRz9dAO8A6Pe4&google_cver=1&google_push=AXcoOmRN9huT6BKSh-kig8oz7H98O1Yswbu1M87c_7d_hAwcih7kzH1W-GLYWt1fxUcmVJuQVLrqbl-NYI-3j16AEkkaAB77gfOYhjE HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEM6QXs6rzBhRz9dAO8A6Pe4&google_cver=1&google_push=AXcoOmRN9huT6BKSh-kig8oz7H98O1Yswbu1M87c_7d_hAwcih7kzH1W-GLYWt1fxUcmVJuQVLrqbl-NYI-3j16AEkkaAB77gfOYhjE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTE1ODY4NTMzNTIxMDE1Mjc1NQ&google_push=AXcoOmRN9huT6BKSh-kig8oz7H98O1Yswbu1M87c_7d_hAwcih7kzH1W-GLYWt1fxUcmVJuQVLrqbl-NYI-3j16AEkkaAB77gfOYhjE

Request Chain 91

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEHFZhiqozIzWWs--tIPQBFA&google_cver=1&google_push=AXcoOmQ1cEACcf6cFHYY3xgbOajrilOeJnM4TPjR7oKa_NTmHdJI5BOdzfpzFA1Q67Qijlo-fwzlwd0zLoyclS0gvNJJlFOLWvCQPpk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi37iI-hsH7U_FRjo8B80uG5MW3gf5OxhIg&google_push=AXcoOmQ1cEACcf6cFHYY3xgbOajrilOeJnM4TPjR7oKa_NTmHdJI5BOdzfpzFA1Q67Qijlo-fwzlwd0zLoyclS0gvNJJlFOLWvCQPpk

Request Chain 92

https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEL5x5CIdDfu23EuoXlVK2pw&google_cver=1&google_push=AXcoOmR6G91hKrikJDbsR_gFlJr7sJsOPT3BebUv_X2vbQ3iJjO6XToSM8Oe-W46pkxLrntFd8jWf6n8Il8lZczsVAlJYvnaIPXsK7qc HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=google&ssp_init=step1&google_gid=CAESEL5x5CIdDfu23EuoXlVK2pw&google_cver=1&google_push=AXcoOmR6G91hKrikJDbsR_gFlJr7sJsOPT3BebUv_X2vbQ3iJjO6XToSM8Oe-W46pkxLrntFd8jWf6n8Il8lZczsVAlJYvnaIPXsK7qc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=yCAyL0OcQCK920sMO6NIUA==&no_redirect=1&google_push=AXcoOmR6G91hKrikJDbsR_gFlJr7sJsOPT3BebUv_X2vbQ3iJjO6XToSM8Oe-W46pkxLrntFd8jWf6n8Il8lZczsVAlJYvnaIPXsK7qc

Request Chain 93

https://an.yandex.ru/mapuid/google/CAESEPl2kZukwqV58fisN2Cd8IQ?ext-param=AXcoOmQg8fF0LNxHSUkyWuHvBT0QJ0DVHQ7xLwhEaXHsU3YDXNGWoFHb9pbZYIb0OXBBuuPHGTvy7Ojhz_NchbnU7-kh-d5gcT4IHx8d&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://an.yandex.ru/mapuid/google/CAESEPl2kZukwqV58fisN2Cd8IQ?redir-setuniq=1&ext-param=AXcoOmQg8fF0LNxHSUkyWuHvBT0QJ0DVHQ7xLwhEaXHsU3YDXNGWoFHb9pbZYIb0OXBBuuPHGTvy7Ojhz_NchbnU7-kh-d5gcT4IHx8d&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEPl2kZukwqV58fisN2Cd8IQ&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 119

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=77393372-8b51-4770-81ca-21369c66b783&bidId=15000&bidderId=4&cmExpId=V7&oAdUnit=391466&publisherId=162645330&rId=364d434c-9f90-4119-9264-cd0c00e805ad&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3D95a8b4effae249a99889246c8873595a%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=knaqe_3c_pyvpxpbasvezngvba&aid=6110469530564332039 HTTP 303
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=95a8b4effae249a99889246c8873595a&tids=15000&med=10

Request Chain 124

https://aep.mxptint.net/sn.ashx?google_gid=CAESEEjKOv6C2oRRtGVw8EuUEV0&google_cver=1&google_push=AXcoOmQPJx3RhPctl-2JjUuFgDP7T9I5YD4KlM9MlK_z52nR0ubpwoMVqUUT9-I04j-4DQw3NMmn1swioDbZXsbRaiopERKGbGsHBw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmQPJx3RhPctl-2JjUuFgDP7T9I5YD4KlM9MlK_z52nR0ubpwoMVqUUT9-I04j-4DQw3NMmn1swioDbZXsbRaiopERKGbGsHBw&google_hm=UjMzNjQ1XzEwQjU4NEFEOV9DNzUxNTQ1OA%3D%3D

Request Chain 125

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEGSjfDhvX-r3L7Tp8Axbxe4&google_cver=1&google_push=AXcoOmRJpbCreZedE2yl3ecJahwArRSHjblLZdc0rVDsJvxVD_I78MJsJeKYiAOd3q-3b8TM9t7B-2bbUgPQnEJHLiJ2tO6M8Bd2YqE HTTP 302
https://match.adsrvr.org/track/cmb/google?google_gid=CAESEGSjfDhvX-r3L7Tp8Axbxe4&google_cver=1&google_push=AXcoOmRJpbCreZedE2yl3ecJahwArRSHjblLZdc0rVDsJvxVD_I78MJsJeKYiAOd3q-3b8TM9t7B-2bbUgPQnEJHLiJ2tO6M8Bd2YqE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZDgwMTg0OGQtNjcxYS00M2UzLTk1MWEtYjEzNDdlMjBkZGIy&google_push&gdpr=0&gdpr_consent=&ttd_tdid=d801848d-671a-43e3-951a-b1347e20ddb2

Request Chain 126

https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESENW8qnT0ma2V0ckMfbrH_ZU&google_cver=1&google_push=AXcoOmRaUbM5LLRK9789FQbk8aLkSadTb6bf347FRg38Iv1sP4b34avveLr8YgatkHLDmnA_UNzaXCKxkIma8Q_7Qd9quc2XZaY6bDA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YjVkZmFiMzgtMDgxMS00NTQ4LWI0ZGItNDk1OTIwNGI0ZWQ4&google_gid=CAESENW8qnT0ma2V0ckMfbrH_ZU&google_cver=1&google_push=AXcoOmRaUbM5LLRK9789FQbk8aLkSadTb6bf347FRg38Iv1sP4b34avveLr8YgatkHLDmnA_UNzaXCKxkIma8Q_7Qd9quc2XZaY6bDA

Request Chain 127

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESELE_wM2S6DPSJI38KWv7VFQ&google_cver=1&google_push=AXcoOmR1dENnm0tGy1XmLM_6h4rQeHPRu_jtfOgl1qW07d3zadCKHR3AQs7XAjHKRgNeJ2tyolWf8UZEHYsIAYwcpC4Av8vwRrfXE-A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi37iJf4TwgInJj5f5B52RH_GVGJ4HQJdag&google_push=AXcoOmR1dENnm0tGy1XmLM_6h4rQeHPRu_jtfOgl1qW07d3zadCKHR3AQs7XAjHKRgNeJ2tyolWf8UZEHYsIAYwcpC4Av8vwRrfXE-A

Request Chain 128

https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESEM53L-zbYSEYFv-fS8dR5OA&google_cver=1&google_push=AXcoOmTYJ6wnY0tju26r9SyDo1c4Xw6CdDEKaOiQAolMTl3_LBTrgaOUWxYNFMad0-1mz8c3sjAVE3yt25aqTmk8vJqaHP9jO3TnfmKb HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=MBLjUHie_Ue0H6K4BdzWsg&google_push=AXcoOmTYJ6wnY0tju26r9SyDo1c4Xw6CdDEKaOiQAolMTl3_LBTrgaOUWxYNFMad0-1mz8c3sjAVE3yt25aqTmk8vJqaHP9jO3TnfmKb

Request Chain 129

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEEES68UaCg_y-4668T2-M6Q&google_cver=1&google_push=AXcoOmSDY9DWOptCKwVmPL6CT28TP3I5j7vqSAa8y_5Y2MmWhOjXC-4lMURi8I_vl5YAcaRJrwyRLPXvouasW88dEG332mG4zOahd0w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=YTQ3ODFjMmMtZDA1ZC00MjJkLTk1YjEtYTk5ZmExMDkyMzFh&google_push=AXcoOmSDY9DWOptCKwVmPL6CT28TP3I5j7vqSAa8y_5Y2MmWhOjXC-4lMURi8I_vl5YAcaRJrwyRLPXvouasW88dEG332mG4zOahd0w HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 131

https://googleads.g.doubleclick.net/pagead/adview?ai=CWJ6dvjM_ZeTYKt6BvPIPiJmUwAfP35zmc67J94viEdjxy_-kFBABIOHv_nhgye6Oi8CkjBCgAd3d_qAqyAEBqAMByAPDBKoE6gFP0E5agrBYccy50A6BKHbXQzQrtEt39hyjQ2gFfO8K0P_pvu2BjHjehjyhGiDqEydS6dPY6GT9FAx0D5VwGN1ZQGxoZnSwLiCr9n-RcbH3MuN6YWCooabxG90sGxm9zf5nNurzf8enYho7WeI-dD80i-MinJxfQPmxpcasA6ACxnYgm0JgESfrxjhDmMWElS3hS8zyBesfoKI_mEu6D1NNq1wsRoD1lZn0rjEKs1fBuhaZA3p9my5G-T9WuNpBlguDzq1tJLGVaK0qRL9RyOqPG8hOttU4vvr5suYHUw4vlVT_pjyIX47CgqPABLOY0LPUBIgFuti670ySBQQIBBgBkgUECAUYBKAGZoAH3ZXPgAWoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHAxCQNdIIFAiAYRABGB8yAooCOgKAQEi9_cE6mgkTaHR0cHM6Ly94dnh2c2FuLmNvbYAKAcgLAaIMDCoKCgjktLEC7rWxAtoMEAoKEMCnttOfg8L_KBICAQPYEwrQFQGYFgGAFwGyFxwKGggAEhRwdWItMzkwNzI2MDYyODE1MjgxOBgA&sigh=QS9YPwkTE3o&uach_m=[UACH]&ase=2&nis=4&cid=CAQSPADICaaNTr5PT7MExwSAFpNBaSN5Yft5hbpN9HTfTs87j7I7b7iMXzBYoSRQa9jkyzlcRhK7Xzo5qVbBsxgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9444ce7b8b8ea4cf0000000000000000%22,%222%22:%220x101a0ca59ea9e0f90000000000000000%22,%223%22:%220xd305ce15dfaff7d20000000000000000%22,%224%22:%220x6fefab11c17100a90000000000000000%22,%225%22:%220x4bc2c014231acfdc0000000000000000%22},%22debug_key%22:%227824100457745787964%22,%22debug_reporting%22:true,%22destination%22:%22https://xvxvsan.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211343474397%22],%224%22:[%2210-30%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210337435186575109553%22}&andc=true

Request Chain 132

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

155 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 9982.html Show response
www.freedidi.com/
Redirect Chain

https://www.ahwei.link/
https://www.freedidi.com/9982.html

132 KB
40 KB

466ms
156ms

Document
text/html

2606:4700:20::ac43:4be2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freedidi.com/9982.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4be2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8d220e05d808490f633f7e817447e688d92f0b26ed225e0ef4531c19c24281c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=2678400, must-revalidate
cf-apo-via: origin,miss
cf-cache-status: EXPIRED
cf-ray: 81e0faf9db634bcf-BUF
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 30 Oct 2023 04:40:28 GMT
last-modified: Mon, 30 Oct 2023 04:30:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jeppAGqzI6bqN9n3uvyBtL9oUwWJVV7hmq%2BmFkSDtlhURYO1ULBM4MVR3aTI6JE57w43vikLPp9MOULCbH7Xm8oxyMuQj5OMd9r8SO0lYgtE6HQBcQRmW9Hk3WkqiuzwaQN5kWWiwACYXpma2dE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding, Cookie

Redirect headers

Cache-Control: private, no-cache, no-store, max-age=0
Connection: Keep-Alive
Content-Length: 0
Date: Mon, 30 Oct 2023 4:40:23 GMT
Expires: Mon, 01 Jan 1990 0:00:00 GMT
Location: https://www.freedidi.com/9982.html
X-Frame-Options: SAMEORIGIN

GET
H2 200 style.min.css
www.freedidi.com/wp-includes/css/dist/block-library/ 102 KB
14 KB 39ms
36ms Stylesheet
text/css 2606:4700:20::ac43:4be2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freedidi.com/wp-includes/css/dist/block-library/style.min.css?ver=6.3.2
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4be2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/9982.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 09 Oct 2023 03:22:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 298060
etag: W/"652371fc-19824"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uY6hfJJaMwKIuJE1OxXRVmEpl4H7H1AdwvPLJ8qkhNyF3nxqFMV84%2FFXAZanibPXPIQBL2o7Kfzawzcw1huRX98jKaE2%2FcTrj%2Fy8n%2Ft1WwyBvqjI63Zb2sbZ9qGKbTucVrsRghF9%2F86FGI9XlGM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 81e0fafaeb794bcf-BUF
alt-svc: h3=":443"; ma=86400
expires: Fri, 20 Oct 2023 10:41:11 GMT

GET
H2 200 style.css
www.freedidi.com/wp-content/themes/gridzone/ 78 KB
16 KB 41ms
39ms Stylesheet
text/css 2606:4700:20::ac43:4be2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freedidi.com/wp-content/themes/gridzone/style.css?ver=6.3.2
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4be2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e6f3e8694e0c9576d8dd310a8368024a26b92824f7cc4cd95119c8da7e2debf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/9982.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 26 Apr 2023 07:02:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 298060
etag: W/"6448cc9a-1368d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9CYPpdIQhwCfPLc58r70ViyQxYFq5Q9SOhl%2B8PTbc0IhWO4ukiJQAKQ7FbFFzLkSl%2F%2ByB9IVWKn%2BRPflnkF5WcnBfEaBVItE7jxk6yonqS32d%2BnBJvHvv39lQKAmuQcKLAQCgLII4Rth4SU6vpE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 81e0fafaeb7b4bcf-BUF
alt-svc: h3=":443"; ma=86400
expires: Fri, 20 Oct 2023 10:39:39 GMT

GET
H2 200 responsive.css
www.freedidi.com/wp-content/themes/gridzone/ 7 KB
2 KB 39ms
37ms Stylesheet
text/css 2606:4700:20::ac43:4be2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freedidi.com/wp-content/themes/gridzone/responsive.css?ver=6.3.2
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4be2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8464af55c871646e4c6cf848f49995b1f087acc696a63a67960fc2f7d419c4e1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/9982.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 22 Apr 2023 14:19:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 7705
etag: W/"6443ecfb-1c6a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rpwZriMeoCYacpSLQQkVgpo3GLEteW9OCcXonqJgyS7QFL4VG3IYKCFM4%2BUPmquvzk205RRY0jvnV7%2Fsq53TB6amqM91AsVXHgyj4GgMswY6jD8CEL8Vr8mXfJA24QV5gvKZrXNw1ZhUuL4oeHM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 81e0fafaeb7c4bcf-BUF
alt-svc: h3=":443"; ma=86400
expires: Fri, 27 Oct 2023 10:42:43 GMT

GET
H2 200 all.min.css
www.freedidi.com/wp-content/themes/gridzone/fonts/ 58 KB
13 KB 39ms
38ms Stylesheet
text/css 2606:4700:20::ac43:4be2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freedidi.com/wp-content/themes/gridzone/fonts/all.min.css?ver=6.3.2
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4be2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c76780f98809f611842235926f44c647630c533ddd2c18ed18a8bac22bc8cc63

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/9982.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 22 Apr 2023 14:19:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 7705
etag: W/"6443ecfb-e6fc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=43YZpD%2FsZ1P%2F6fBMm%2F3dEBwOxl5YGzr6HXqMcNThTMoPciDrtpPGyPNzCK0tMuZCHT%2BULkjW%2F6B66wOje4xd7g6WmrOUMzSpttG0LeU97RvHyspEnqvLlf4V%2FoNzcyfzx64jiigr30kc6kDwtVg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 81e0fafaeb7d4bcf-BUF
alt-svc: h3=":443"; ma=86400
expires: Fri, 27 Oct 2023 10:42:43 GMT

GET
BLOB 200
OK b4ac2085-e25c-4c0f-95fc-52c060a04ae1
https://www.freedidi.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.freedidi.com/b4ac2085-e25c-4c0f-95fc-52c060a04ae1
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H3 200 jquery.min.js Show response
www.freedidi.com/wp-includes/js/jquery/ 85 KB
31 KB 40ms
39ms Script
application/javascript 2606:4700:20::ac43:4be2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freedidi.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4be2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/9982.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 09 Oct 2023 03:22:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 298060
etag: W/"652371fc-155ba"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nwSggtgVUdNTHlD0ur9TFoaGPdmp%2FqhIC29uMPEjsq%2FL8M0VmoOEDTQoH0rmt0uATVuNSbUUSXxaWHYmLAHZAmKny8txbDuuH2HleCdgsG5Gk1wOyDlBpwHE5Ea6E%2BUZpt0D5ODHX6IRs4JZelo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 81e0fafb9c034bcd-BUF
alt-svc: h3=":443"; ma=86400
expires: Mon, 23 Oct 2023 15:24:56 GMT

GET
H3 200 jquery-migrate.min.js Show response
www.freedidi.com/wp-includes/js/jquery/ 13 KB
5 KB 67ms
62ms Script
application/javascript 2606:4700:20::ac43:4be2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freedidi.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4be2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/9982.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 09 Oct 2023 03:22:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 7705
etag: W/"652371fc-3509"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P7aQDK6sp%2FJVvhtH4QmURlCAGi6fhvzPvsfs4MCdqBv4IQq8pIShW8Y76JbS5j%2BtvD1QIdnd6lq8lVHlylkIgHLZ2EG1u8Eza%2Bx0jhp8rV3BYrLeI%2B%2Fm7GCE97CM%2Bgjy%2BafzmUNz3O3S3%2BWF1HE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 81e0fafbac044bcd-BUF
alt-svc: h3=":443"; ma=86400
expires: Mon, 23 Oct 2023 15:24:56 GMT

GET
H3 200 slick.min.js Show response
www.freedidi.com/wp-content/themes/gridzone/js/ 43 KB
12 KB 92ms
87ms Script
application/javascript 2606:4700:20::ac43:4be2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freedidi.com/wp-content/themes/gridzone/js/slick.min.js?ver=6.3.2
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4be2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 254d80a49d0c9fced2fd0c272e7b868ca726df8189dc9c5735c56a33e7853dfc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/9982.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 22 Apr 2023 14:19:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 298060
etag: W/"6443ecfb-ab7a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pfZdyPYrhBEyJmlunM%2FlNZsomkdo%2BlcJgPGzN5ziRV21Cfi2Zh5AoiXgypsKDc0YXJSERZ5NXlEalZ%2BNJuog%2FyryY6%2BBalBK%2FX%2BOoAab1683Zsg%2B7ujcSvzLbSHslg2pEyCMQdoIkJYm6rXCNas%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 81e0fafbac054bcd-BUF
alt-svc: h3=":443"; ma=86400
expires: Fri, 20 Oct 2023 10:41:11 GMT

GET
H3 200 Screenshot-2023-07-27-124448-940x534.jpg
www.freedidi.com/wp-content/uploads/2023/07/ 29 KB
29 KB 173ms
169ms Image
image/jpeg 2606:4700:20::ac43:4be2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.freedidi.com/wp-content/uploads/2023/07/Screenshot-2023-07-27-124448-940x534.jpg
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4be2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c666d170725ab7ab4aaf07a11fe1e6e929024dd097eac49ee5a9f1ca05855c7a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/9982.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:28 GMT
cf-cache-status: MISS
last-modified: Thu, 27 Jul 2023 12:45:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "64c266fa-7369"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uWNhsAtcZh9Bx4%2BCVa0xMzBsYix5YHIphcjThBXOeok9BSYre1DLm0Zu62ZHp9SKyVzyklaubh81NvymeaBCuXMtsPuucIxuO4GvXZXscntAt3JIBuphGYKmrpIv7b6qeH4EHY%2BDET1neQCeS4k%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 81e0fafbac064bcd-BUF
alt-svc: h3=":443"; ma=86400
content-length: 29545

GET
H3 200 d345761c83c78f39219f7c91fe09393a-520x347.png
www.freedidi.com/wp-content/uploads/2021/08/ 42 KB
42 KB 180ms
176ms Image
image/png 2606:4700:20::ac43:4be2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.freedidi.com/wp-content/uploads/2021/08/d345761c83c78f39219f7c91fe09393a-520x347.png
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4be2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00c335013f551c680c2d5739500723763112e00726e4a47549340bf4c4a1029c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/9982.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:28 GMT
cf-cache-status: MISS
last-modified: Thu, 05 Aug 2021 01:27:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "610b3e82-a730"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BBejSlV079%2B04laP34YNowlqvcUuqTQ7glCqa59gKzkXbLva0Tvvdn2yCwVlrO2a3zktFCGjapResT8Ej2AF3jFl%2BLyeFHOU1lFFGYNUZbBcoCG%2BesD0Uo7BZ87EPIeg6SZmzqVz%2BGhhm9n4GTY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 81e0fafbac074bcd-BUF
alt-svc: h3=":443"; ma=86400
content-length: 42800

GET
H3 200 freedidi.com_2on_page-1-520x347.jpg
www.freedidi.com/wp-content/uploads/2023/01/ 26 KB
27 KB 349ms
345ms Image
image/jpeg 2606:4700:20::ac43:4be2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.freedidi.com/wp-content/uploads/2023/01/freedidi.com_2on_page-1-520x347.jpg
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4be2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25d6bee48ef82593fff3bc5bc6cf36e846d360cfb03b42e719fafd162b1964c0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/9982.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:29 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Wed, 23 Aug 2023 23:27:16 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "64e695d4-6994"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AEJ6HzssxVpC3Cj0EOdjazWm1y2OXfIBTMkCbtQc3jwEUmhcd4CxRm7%2BVoVc%2BAVvGpd3RzlvjNSbxWyWBKIKzipBq82%2FMV4OkyGwN78b4SxK%2F4RVUjA5q2%2F43fbCU3R7DkJ8cpko7JCXb3srXWo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 81e0fafbac084bcd-BUF
alt-svc: h3=":443"; ma=86400
content-length: 27028

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 173ms
91ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3907260628152818

Requested by

Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d282f61d014f01b59f41f2a22f1f8d3ca0f8322de908fc12a0f34c712e3f20b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.freedidi.com/
Origin: https://www.freedidi.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51480
x-xss-protection: 0
server: cafe
etag: 5568131465059814512
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 30 Oct 2023 04:40:28 GMT

GET
H3 200 vip.jpg
www.freedidi.com/wp-content/uploads/ads/ 26 KB
27 KB 46ms
38ms Image
image/jpeg 2606:4700:20::ac43:4be2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.freedidi.com/wp-content/uploads/ads/vip.jpg
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4be2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e03df6d4818248cbb73588f67a3befd93d21a0f8e77be72b487e8a8823bd978

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/9982.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7705
alt-svc: h3=":443"; ma=86400
content-length: 26953
cf-bgj: h2pri
last-modified: Fri, 03 Mar 2023 10:27:08 GMT
server: cloudflare
etag: "6401cb7c-6949"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LY%2Br3dAGeYsWEgXLGdixHTCVx9H4Nqvdm4gyKta0umq9Jq0OiPCSSkYHzyMmMgU4qwekeRTI7aFdQd%2FOF005ptSVWRv1V%2FUDVemTsZJZT%2BWSz8LITj%2FG6iAEp%2FltnkQWwXlyYASwWcP98exm5uE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 81e0fafc4c0c4bcd-BUF
expires: Wed, 22 Nov 2023 03:15:36 GMT

GET
H3 200 js.cookie.min.js Show response
www.freedidi.com/wp-content/plugins/ad-invalid-click-protector/assets/js/ 1 KB
1 KB 108ms
100ms Script
application/javascript 2606:4700:20::ac43:4be2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freedidi.com/wp-content/plugins/ad-invalid-click-protector/assets/js/js.cookie.min.js?ver=3.0.0
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4be2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85e74cf367fdd70c3bdbb603df85574f4f7e9a99b6f77c3e0b4cee1c9fe5105c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/9982.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 23 Apr 2023 01:01:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 298059
etag: W/"64448374-5dc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nb6oCfnzMJiV2C%2FvuYPTvQBH76MFFPXVBARgAdiorN49QDxWCRJOZFdO5k%2B0LJfi%2F2H8HptsJ%2B3VMvejRDPdvkyjT8Fkk%2BFBszok50h%2BM3MXB7FGdiY%2FNrZ6Vdh5o0g7BRCWb%2Bs6a4m4XEnmuh8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 81e0fafc4c0d4bcd-BUF
alt-svc: h3=":443"; ma=86400
expires: Mon, 23 Oct 2023 15:15:36 GMT

GET
H3 200 jquery.iframetracker.min.js Show response
www.freedidi.com/wp-content/plugins/ad-invalid-click-protector/assets/js/ 3 KB
2 KB 109ms
100ms Script
application/javascript 2606:4700:20::ac43:4be2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freedidi.com/wp-content/plugins/ad-invalid-click-protector/assets/js/jquery.iframetracker.min.js?ver=2.1.0
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4be2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 169129c84912473c3eea8cb0783089f986648c26f879f25caf12b9933feedebe

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/9982.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 23 Apr 2023 01:01:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 298059
etag: W/"64448374-c72"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FvZ7JDMACPdX3IBsFeiI9lXJj5WJbkuanZW7w%2Fy8lHvqrGMM9aMAmCTs6ZVfkjTkgXfsnsTmuLVk3tYXGpdfcAcWZcavplN9GA0R1kVHqY%2FykutNHy99p2W%2FK%2BA2UBW0JiKVqt1aGxUG5F4sF78%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 81e0fafc4c0e4bcd-BUF
alt-svc: h3=":443"; ma=86400
expires: Mon, 23 Oct 2023 15:15:36 GMT

GET
H3 200 aicp.min.js Show response
www.freedidi.com/wp-content/plugins/ad-invalid-click-protector/assets/js/ 777 B
914 B 109ms
101ms Script
application/javascript 2606:4700:20::ac43:4be2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freedidi.com/wp-content/plugins/ad-invalid-click-protector/assets/js/aicp.min.js?ver=1.0
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4be2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e0a52e09f6a82103811fb05011f1487605df55d406ecaad89c68999d67f8ae0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/9982.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 23 Apr 2023 01:01:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 298059
etag: W/"64448374-309"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kHvrdP2kSSaTDN7MRyurIBuneLYD%2Bhni7i8KeN5rDB75KIstbjZ9Mh6lHsRCXZpEndP3%2FbaNQnNl95MUBFz4eT9Wkw9zfLSF761hUaHQx0uDiIJ0wUCKiliI5UkLDhGqacyGMAFGhoXsetqb5Sg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 81e0fafc4c0f4bcd-BUF
alt-svc: h3=":443"; ma=86400
expires: Mon, 23 Oct 2023 15:15:35 GMT

GET
H3 200 jquery.fitvids.js Show response
www.freedidi.com/wp-content/themes/gridzone/js/ 3 KB
2 KB 47ms
38ms Script
application/javascript 2606:4700:20::ac43:4be2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freedidi.com/wp-content/themes/gridzone/js/jquery.fitvids.js?ver=6.3.2
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4be2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c29ff6cb8ebb7a83af704c02a235b37fd77ce8cc48d87aaef2bfd9727fbd166

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/9982.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 22 Apr 2023 14:19:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 298059
etag: W/"6443ecfb-ce7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SkVWyLZPN4iwTDtkoJ22Y5M1NMLs%2FGwQQpnOkYETipxzsN4yD8DoAw95gS%2BV7H%2FkFp0ZyWyMuJ2Rg54UInuBgKgmNOTz%2F2aZSulKT6MS2kdtACh%2BpDJuA5%2Fz2u%2FfTwp2QvMa2Uilhqra332Oi7M%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 81e0fafc4c104bcd-BUF
alt-svc: h3=":443"; ma=86400
expires: Fri, 20 Oct 2023 10:41:11 GMT

GET
H3 200 jq-sticky-anything.min.js Show response
www.freedidi.com/wp-content/themes/gridzone/js/ 5 KB
2 KB 110ms
99ms Script
application/javascript 2606:4700:20::ac43:4be2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freedidi.com/wp-content/themes/gridzone/js/jq-sticky-anything.min.js?ver=6.3.2
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4be2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f134232a9a19dd6ab40fd09f335cb368f4441e2573462dea23b6201274d0b70b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/9982.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 22 Apr 2023 14:19:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 298059
etag: W/"6443ecfb-12ce"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fCJTF%2Fx3%2BN%2FT3I18DZWSyWGCDB%2BlZcwynlPs7yWOZOuWvE7U77kHwhWfD6cHtLCpLy3pKkoScitgV0hN2X9B07EG7DI90iwEIILm2kudzcTLJV%2BJj6exN7dkRd36XHMOaYPeUI%2B8e0aUJf8EIOQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 81e0fafc5c114bcd-BUF
alt-svc: h3=":443"; ma=86400
expires: Fri, 20 Oct 2023 10:39:40 GMT

GET
H3 200 imagesloaded.pkgd.min.js Show response
www.freedidi.com/wp-content/themes/gridzone/js/ 5 KB
2 KB 110ms
100ms Script
application/javascript 2606:4700:20::ac43:4be2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freedidi.com/wp-content/themes/gridzone/js/imagesloaded.pkgd.min.js?ver=6.3.2
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4be2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a65b0ca177f1c0433c0ead611692521c23e6668846a2861fedc09ae11416ffc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/9982.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 22 Apr 2023 14:19:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 298059
etag: W/"6443ecfb-15e0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CivBMnyB5D4Hr0fjdg6XwE7aXKqJIMBP84pLe57GyuTEHM0s41I2vMN9MdcAni%2FyRkSO5xFfUCRb23SdV6yLTbvV1qsgSKv4BebyzITHzocOXZmYxrR2DlK83hVtMaBm%2Bu1y3A6dgNbhvIh7I48%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 81e0fafc5c124bcd-BUF
alt-svc: h3=":443"; ma=86400
expires: Fri, 20 Oct 2023 10:39:40 GMT

GET
H3 200 masonry.pkgd.min.js Show response
www.freedidi.com/wp-content/themes/gridzone/js/ 24 KB
8 KB 110ms
100ms Script
application/javascript 2606:4700:20::ac43:4be2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freedidi.com/wp-content/themes/gridzone/js/masonry.pkgd.min.js?ver=6.3.2
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4be2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c7b3ed32991df7fecd94925de903446f7c1257bfeb042cb0b798749e242c559

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/9982.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 22 Apr 2023 14:19:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 7705
etag: W/"6443ecfb-5e2f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L8yDFchGG1f8Ye%2Btjwd2XV%2FL0Fybe8nRCPJjNI8FCPqYUwAMN5cwjI9sDWZEDckxSdli%2FejmK5foJkadCWCIg1UMi57WKFMQhksxXYx9zZ3iZcHSxCFFT7TshrL27pw2Cao8D7qKL2SA3EeVYx8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 81e0fafc5c134bcd-BUF
alt-svc: h3=":443"; ma=86400
expires: Fri, 27 Oct 2023 10:42:43 GMT

GET
H3 200 scripts.js Show response
www.freedidi.com/wp-content/themes/gridzone/js/ 6 KB
2 KB 111ms
101ms Script
application/javascript 2606:4700:20::ac43:4be2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freedidi.com/wp-content/themes/gridzone/js/scripts.js?ver=6.3.2
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4be2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf0d8bce42dd39f77a9c4cabc9272361c1677f608552392c6971202f2b73740c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/9982.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 22 Apr 2023 14:19:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 7705
etag: W/"6443ecfb-16e6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ER5lO6jkx7XpXB7aKPLWkH3eHsgpRdvvksOWtA7k%2FCNm2GJ1gZSpWauZ9Mfapc7JpI1FFm%2BQY5F5F1YGbfRLzssOBlfxFUni2kAvUrjbAci1OkSP%2FAEy8MrHurGL5PQ7bGfHDU6OK%2F%2FcGTtwNbs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 81e0fafc5c144bcd-BUF
alt-svc: h3=":443"; ma=86400
expires: Fri, 27 Oct 2023 10:42:43 GMT

GET
H3 200 nav.js Show response
www.freedidi.com/wp-content/themes/gridzone/js/ 9 KB
3 KB 354ms
343ms Script
application/javascript 2606:4700:20::ac43:4be2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freedidi.com/wp-content/themes/gridzone/js/nav.js?ver=1698632371
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4be2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcd1fc77d1d8787ac24a9383e483152dc4c59dbe2367e6081029b5158e44a065

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/9982.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 30 Oct 2023 02:19:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"653f12b3-2393"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y3626vgeQubShJpc5pkrXJD0XOjFHhQMe59XQTeRy%2Bdh77ksmh0LCFqWxa29pZvSCZNx1i2PawXXbXcU%2FqW9lH097cpknn9SXu7OX8jLhNZ1%2FxDtS1Sep6sRxlGxOxXwFWsfkZ0pJCcyM6FSxi4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 81e0fafc5c154bcd-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 161ms
79ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://www.freedidi.com/
Origin: https://www.freedidi.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:28 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 81e0fafccc174bd8-BUF

GET
H3 200 pre.png
www.freedidi.com/wp-content/themes/gridzone/img/ 72 B
532 B 151ms
143ms Image
image/png 2606:4700:20::ac43:4be2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.freedidi.com/wp-content/themes/gridzone/img/pre.png
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/wp-content/themes/gridzone/style.css?ver=6.3.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4be2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de54d20ec67beddd1b5050d80ea032494652596617c6d31f297028a7efdab7bc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/wp-content/themes/gridzone/style.css?ver=6.3.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:28 GMT
cf-cache-status: HIT
last-modified: Mon, 30 Oct 2023 02:19:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "653f12b3-48"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HppUe6rnw1u6IJvaS0eukQchnyp4IUEwFAQrHBpQxSoM9tRq7xicq0pu5jF86iy8Hf82dh2Eree5ep9M30gT%2Bj%2FQ%2FsHyRRdiHdC3u6WsJjtMw9UCkR0P%2FDkIbqJ1FXuidV%2BQuDFyd2XT%2BCcEHbA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 81e0fafc5c164bcd-BUF
alt-svc: h3=":443"; ma=86400
content-length: 72

GET
H3 200 image-gradient.png
www.freedidi.com/wp-content/themes/gridzone/img/ 2 KB
2 KB 107ms
100ms Image
image/png 2606:4700:20::ac43:4be2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.freedidi.com/wp-content/themes/gridzone/img/image-gradient.png
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/wp-content/themes/gridzone/style.css?ver=6.3.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4be2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d6f9711e0b89931512ec47583e3b7014826651e1b9bb706634a712a1106439f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/wp-content/themes/gridzone/style.css?ver=6.3.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7705
alt-svc: h3=":443"; ma=86400
content-length: 1690
last-modified: Sat, 22 Apr 2023 14:19:39 GMT
server: cloudflare
etag: "6443ecfb-69a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HSJ6Z2fZjZlYduDoGVdCqRKzOfezXmiBqbhSEvd8FQOJ7BuT%2Bvph6s4xG5GpvJT09L%2B1juoYytdSu%2Fq3qcXxSD%2Fbf2TjqneHEuOgJB9SkFZcovyx9fNjsQe8KkzT3EBBXXBJRQuW%2Bd%2FsNpKzr54%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 81e0fafc5c174bcd-BUF
expires: Wed, 22 Nov 2023 14:36:07 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
www.freedidi.com/fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 105ms
100ms Font
font/woff2 2606:4700:20::ac43:4be2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freedidi.com/fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4be2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Request headers

Referer: https://www.freedidi.com/9982.html
Origin: https://www.freedidi.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:28 GMT
cf-cache-status: HIT
last-modified: Wed, 11 May 2022 19:24:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 7705
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6xy78rT2MR5pH%2FhaMrCBdeKogoasFJz8AuoNZgfz2eazw5ex4iKhIPrVCNnuVsSE9%2F6n81mEZFC2yqlmszImAVteZ2QlCQmze7bTj8xeQZU4H38wbcMd8T39E3iF2tyb8w7dt1%2BJ3VUROoFCgQo%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
cf-apo-via: proxy
accept-ranges: bytes
cf-ray: 81e0fafc5c184bcd-BUF
alt-svc: h3=":443"; ma=86400
content-length: 15740

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
www.freedidi.com/fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 114ms
109ms Font
font/woff2 2606:4700:20::ac43:4be2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freedidi.com/fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4be2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Request headers

Referer: https://www.freedidi.com/9982.html
Origin: https://www.freedidi.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:28 GMT
cf-cache-status: HIT
last-modified: Wed, 11 May 2022 19:24:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 7705
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sSl6VaPo5NMT9mZVpP8tFsxglgxqPphHSGMgay1G6br761HcAe2xu6rjNyRABJmxQ8HxxoBwFAEIrAUoxOCzRFoqNjpbg4I872FtXMw18xwZKOU4W6dcGogt9RN9eVmJWnx8M8JbYrgkGjYFy%2BY%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
cf-apo-via: proxy
accept-ranges: bytes
cf-ray: 81e0fafc5c194bcd-BUF
alt-svc: h3=":443"; ma=86400
content-length: 15744

GET
H3 200 fa-regular-400.woff2
www.freedidi.com/wp-content/themes/gridzone/fonts/ 13 KB
14 KB 166ms
161ms Font
font/woff2 2606:4700:20::ac43:4be2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freedidi.com/wp-content/themes/gridzone/fonts/fa-regular-400.woff2
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/wp-content/themes/gridzone/fonts/all.min.css?ver=6.3.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4be2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3b8c21edfe6c5e402fdc607366fd8d15949a65914f58134733dc68922bc8d61

Request headers

Referer: https://www.freedidi.com/wp-content/themes/gridzone/fonts/all.min.css?ver=6.3.2
Origin: https://www.freedidi.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:28 GMT
cf-cache-status: HIT
last-modified: Sat, 22 Apr 2023 14:19:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 298059
etag: "6443ecfb-3514"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hZi8gXf4ZxuVFdbkNmHIfDZoKiNDr6RS%2Fykmq7GZ8HlHULH3%2FsllWLMBtrh%2BVkqT4YknUZ6i8DSwU81qexF4KsBG4B9f7lvoereen23MUVtWKzeHh5R%2FPN7%2Bwl4aCjznyc5%2B2%2BtbKzbGFpdAU6w%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 81e0fafc5c1a4bcd-BUF
alt-svc: h3=":443"; ma=86400
content-length: 13588

GET
H3 200 fa-solid-900.woff2
www.freedidi.com/wp-content/themes/gridzone/fonts/ 78 KB
79 KB 168ms
163ms Font
font/woff2 2606:4700:20::ac43:4be2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freedidi.com/wp-content/themes/gridzone/fonts/fa-solid-900.woff2
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/wp-content/themes/gridzone/fonts/all.min.css?ver=6.3.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4be2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c916669cf923b4f1b2db5c5107c83b6ca205e7ad0dcd840b251e63f0c8d28a2

Request headers

Referer: https://www.freedidi.com/wp-content/themes/gridzone/fonts/all.min.css?ver=6.3.2
Origin: https://www.freedidi.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:28 GMT
cf-cache-status: HIT
last-modified: Sat, 22 Apr 2023 14:19:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 7705
etag: "6443ecfb-1397c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OUCzzsd3YvdnsMJtCPnbvaQ8F%2F%2BJRbk1CWHM5Tukpi%2BIb31hPnX8dRhD0r8lvDAYQqIavyApBPTBTtrPq8zTLTnB6Vt6pkPo4QYQ5MUfklCqY5Xe2wzxDYx5WgHLpoBnh3P9UxBuRvHWMJ6sj1U%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 81e0fafc5c1b4bcd-BUF
alt-svc: h3=":443"; ma=86400
content-length: 80252

GET
H3 200 fa-brands-400.woff2
www.freedidi.com/wp-content/themes/gridzone/fonts/ 77 KB
77 KB 172ms
167ms Font
font/woff2 2606:4700:20::ac43:4be2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freedidi.com/wp-content/themes/gridzone/fonts/fa-brands-400.woff2
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/wp-content/themes/gridzone/fonts/all.min.css?ver=6.3.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4be2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 529d0a7b3944929222155bca3272ba1a87acc2faa09b2ed26a713872b7ff8794

Request headers

Referer: https://www.freedidi.com/wp-content/themes/gridzone/fonts/all.min.css?ver=6.3.2
Origin: https://www.freedidi.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:28 GMT
cf-cache-status: HIT
last-modified: Sat, 22 Apr 2023 14:19:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 7705
etag: "6443ecfb-13288"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UP9NmDlInw5bsqLRm4NZ9hIAg%2Br36bgiZJkGUrbG5CgT4lPhMiFFewbUxqVe4OFPnXZdBWEaRD2La3O%2Fk39Vj1Xw8Lt5XAnnzPKksIyvimm6TFK0Q70VGasBBpOc5eSnaLsGp75KalwxOpPVYAg%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 81e0fafc5c1c4bcd-BUF
alt-svc: h3=":443"; ma=86400
content-length: 78472

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
www.freedidi.com/fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 243ms
238ms Font
font/woff2 2606:4700:20::ac43:4be2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freedidi.com/fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4be2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Request headers

Referer: https://www.freedidi.com/9982.html
Origin: https://www.freedidi.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:28 GMT
cf-cache-status: HIT
last-modified: Wed, 11 May 2022 19:24:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 7705
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DwZqeeVqGkjEnrv9WRLRb76zAFntghgt1Sxs9MMVyTzduj2MHViv6FzIBP7LJkuzuAePKArB4rNRpvwICTbQ%2FsSTrrB1gnEFuiWgS%2BajZ%2BygYvDNibciRH15NW662Z2kfYimrvPE2MbU8ELWRIQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
cf-apo-via: proxy
accept-ranges: bytes
cf-ray: 81e0fafc5c1d4bcd-BUF
alt-svc: h3=":443"; ma=86400
content-length: 15860

GET
H3 200 KFOlCnqEu92Fr1MmSU5fChc4EsA.woff2
www.freedidi.com/fonts.gstatic.com/s/roboto/v30/ 12 KB
12 KB 150ms
149ms Font
font/woff2 2606:4700:20::ac43:4be2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freedidi.com/fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fChc4EsA.woff2
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4be2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b076e86301cbee8c5c9aef51863a9c0a88e6f6d2aabdffca93e031113c6caa74

Request headers

Referer: https://www.freedidi.com/9982.html
Origin: https://www.freedidi.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:28 GMT
cf-cache-status: MISS
last-modified: Wed, 11 May 2022 19:24:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GUFI1FcFxSOVrvlVCoYoNrF2KUJPlTc6n66PkUOLdUM819Js0EYJ26p9D31N1Zn3Y%2FmkGWTh6Ygzjqp6AaDBeELalynuZDyqhCjTlBbIM2PMrJBVXQvJ1s0qjuyDE3OlmX7h9U58EMlhfgNf4Xo%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=31536000
cf-apo-via: proxy
accept-ranges: bytes
cf-ray: 81e0fafcec284bcd-BUF
alt-svc: h3=":443"; ma=86400
content-length: 11796
expires: Sun, 27 Oct 2024 14:40:38 GMT

GET
H3 200 freedidi.comrtx-4060-announcement-800x450-1-520x347.webp
www.freedidi.com/wp-content/uploads/2023/05/ 14 KB
15 KB 345ms
343ms Image
image/webp 2606:4700:20::ac43:4be2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.freedidi.com/wp-content/uploads/2023/05/freedidi.comrtx-4060-announcement-800x450-1-520x347.webp
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4be2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e6a2ea5a63ace75063df05001301b608015fbcea91d66f1277b3f592b9a1f7b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/9982.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:29 GMT
cf-cache-status: HIT
last-modified: Fri, 19 May 2023 01:00:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6466ca22-38d4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e15gg%2BdLHqe6i65M8GEAw7HLDkMe4h3v2o3Oxo1kSjzTuy4twv%2FZeWMbh%2FL8Vjyj8EOzhMr0fI0xZzHlRRR2S4Zs1mdFap8fKAh1juiH65kW%2B31fdAvrtMQO6lnzdSFOCfodyCdgCnZQO4dZrfk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 81e0fafd1c2b4bcd-BUF
alt-svc: h3=":443"; ma=86400
content-length: 14548

GET
H3 200 212-520x347.jpg
www.freedidi.com/wp-content/uploads/2023/10/ 27 KB
28 KB 128ms
127ms Image
image/jpeg 2606:4700:20::ac43:4be2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.freedidi.com/wp-content/uploads/2023/10/212-520x347.jpg
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4be2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3fce66a162c7fd66dee98d207d21e8dfe8ebba44c5ca8bdf8f46dbe90ef5305

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/9982.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:29 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Fri, 20 Oct 2023 00:16:06 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "6531c6c6-6da2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FcLstzaKsTtqXfetkozrm0smKHsIb0vYutJd8N0pu4PkLnjCaxAgsbK1au8BVyi4%2BJqWMJkQ9cOqeXzg1%2FppArKhEG2co8%2BZF1qMZyzjvPoX4POXMcXbLJvSOGj%2BnU6O8ECnHzruWlrlEIu%2BFVk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 81e0fafd1c2c4bcd-BUF
alt-svc: h3=":443"; ma=86400
content-length: 28066

GET
H3 200 vultr.png
www.freedidi.com/wp-content/uploads/2017/ 30 KB
30 KB 130ms
128ms Image
image/png 2606:4700:20::ac43:4be2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.freedidi.com/wp-content/uploads/2017/vultr.png
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4be2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c239d3332d7cc92d8e6de702fb8a0c8fbe17e3523aeacca4dccd4f173e524ee

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/9982.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7704
alt-svc: h3=":443"; ma=86400
content-length: 30219
last-modified: Sun, 18 Oct 2020 03:40:52 GMT
server: cloudflare
etag: "5f8bb944-760b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U3NNYaTxKJuHPdYE%2FIk54uCKMT5iaw8TR9AjXobm8bp9rjxABo4VxF01eiESFD%2Bo0OnJQ05kbHKQqoYw3hgItF7Slusq7RCBwOVLw%2FSl4ouw0m9902unmnDNSOf7qLGxNvyJNMfW2LY3MHJUvmA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 81e0fafd1c2d4bcd-BUF
expires: Wed, 22 Nov 2023 03:15:43 GMT

GET
H3 200 logo.png
www.freedidi.com/wp-content/uploads/ 24 KB
25 KB 131ms
129ms Image
image/png 2606:4700:20::ac43:4be2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.freedidi.com/wp-content/uploads/logo.png
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4be2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a78457d2528c37d136e8f3cc97ba68c415f15988003f44f90e96d6e8ca324ba5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/9982.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7704
alt-svc: h3=":443"; ma=86400
content-length: 24956
last-modified: Tue, 26 Jul 2022 06:53:55 GMT
server: cloudflare
etag: "62df8f83-617c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CT5gJsNxRJFMZ6FeHB0E9xEoxviu7Uep5ThcF%2F0Ra4MFu1CMsGYYruzvfhIKkD8%2BLubPnG%2Fw1NH%2FbLpRCFNSUcBad6QrFWBkwNVEHa%2F6nRTNnjc8SxM9%2FYs6bNzZxWjriZumGB6SHLVW2bmzMSw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 81e0fafd1c2e4bcd-BUF
expires: Wed, 22 Nov 2023 03:15:43 GMT

GET
H3 200 logo-2.png
www.freedidi.com/wp-content/uploads/ 25 KB
26 KB 133ms
131ms Image
image/png 2606:4700:20::ac43:4be2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.freedidi.com/wp-content/uploads/logo-2.png
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4be2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6ae08d2d6850a6d65f89489bae1d78db1fbea66dc0556b3173ef425863c6c15

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/9982.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7705
alt-svc: h3=":443"; ma=86400
content-length: 25899
last-modified: Tue, 26 Jul 2022 06:28:58 GMT
server: cloudflare
etag: "62df89aa-652b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QOnogvwtME8%2BmRmNTzhqcD3EZzMIktxVhq2h%2BwFdKgqGKOvjuZ1POjOih3nKlPz9aQDPAyfDcdH3w6GRndg2E%2Bx5A4W6gyirI2l9QCr7s5kkBpXsZZK2y4lmZQQ%2B6YnMxb%2B623yPjstMUsrptDA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 81e0fafd1c2f4bcd-BUF
expires: Wed, 22 Nov 2023 03:15:43 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/ 395 KB
134 KB 168ms
116ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3907260628152818

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d23ca298db3f95b782d680f920e614f362fc682481f455f1c3bba726391de65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137188
x-xss-protection: 0
server: cafe
etag: 16443151649608058828
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Oct 2023 04:40:29 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231025/r20190131/ Frame 38C6 10 KB
5 KB 82ms
24ms Document
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231025/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3907260628152818

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.freedidi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 21118
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4480
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 Oct 2023 22:48:31 GMT
etag: 4569948109300706969
expires: Sun, 12 Nov 2023 22:48:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 wp-emoji-release.min.js Show response
www.freedidi.com/wp-includes/js/ 18 KB
5 KB 36ms
36ms Script
application/javascript 2606:4700:20::ac43:4be2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freedidi.com/wp-includes/js/wp-emoji-release.min.js?ver=6.3.2
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4be2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/9982.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 01 Apr 2023 00:51:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 7705
etag: W/"6427801e-4904"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o5q20qzWM3RAlAfbIKwxPOWF4kKlBX%2FglbRGImBNcV3JwpScPCunx6DWNlTkk8LhNNHUO2HtSb94jawy5gvL%2F5rLX2vJg6WfatqgktmLWdtOGqMU0%2BoWHV9fYWfsxjnAlh%2FqrKrY%2B68YWJeqGaI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 81e0fafe9c3b4bcd-BUF
alt-svc: h3=":443"; ma=86400
expires: Fri, 27 Oct 2023 10:42:44 GMT

GET
H3

200

main.js Show response
www.freedidi.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/c359bc3d/ Frame 171B
Redirect Chain

https://www.freedidi.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.freedidi.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/c359bc3d/main.js

7 KB
4 KB

33ms
32ms

Script
application/javascript

2606:4700:20::ac43:4be2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.freedidi.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/c359bc3d/main.js

Requested by

Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html

Protocol

Server

2606:4700:20::ac43:4be2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a8718ec4fc1ef339030d872627f42a45383396f2c8fc59c73b0a3e14f0efc9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:29 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YMP8jchriBWJCG9UhCV2rsn1qWJiePrQahJaADiYpzSvOHal8qDz6WvLcQIdAfC%2BPiagf4MUpQhFWNGrhEnCQqEnKsg9WINdNnAanmTdFz9mH626gxTnGFOox%2BZKrNT4Xt6%2BlooFzuzxA9rhM2o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 81e0faff0c444bcd-BUF
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Mon, 30 Oct 2023 04:40:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SZxL8I7OgZN1fbpROdgHDyITCasPLw2jUcDL9JFQOSPnHdRaZl%2F8gX%2FrqrQRWgMoF5mPa5HySqbCLAw9E3ginXzrlSKj7NwNUTkCgAirnadnDwrSDj1OgsQxpbpN05n7x5O09l5%2B02ulkxzllOA%3D"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/c359bc3d/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 81e0fafebc3f4bcd-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 freedidi.comrtx-4060-announcement-800x450-1-520x347.webp
www.freedidi.com/wp-content/uploads/2023/05/ 14 KB
15 KB 97ms
96ms Image
image/webp 2606:4700:20::ac43:4be2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.freedidi.com/wp-content/uploads/2023/05/freedidi.comrtx-4060-announcement-800x450-1-520x347.webp
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4be2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e6a2ea5a63ace75063df05001301b608015fbcea91d66f1277b3f592b9a1f7b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/9982.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:29 GMT
cf-cache-status: HIT
last-modified: Fri, 19 May 2023 01:00:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: "6466ca22-38d4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0P3D%2F6DKLPCJv7WZHuN0nNoX8b9r7A6J2WmeBHzvtkv9n5jdubDdlKxRznenR5LIn55q0fblrqK6E0aAlNtckd%2FX8hABKJ3jw4VyJTT7%2BwppdZeeZ07K0MP%2Bby%2Blxg8GbUALw1P7y2fFsnb2W%2FM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 81e0fafecc414bcd-BUF
alt-svc: h3=":443"; ma=86400
content-length: 14548

POST
H3 200 81e0faf9db634bcf Show response
www.freedidi.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 171B 0
551 B 46ms
45ms XHR
text/plain 2606:4700:20::ac43:4be2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freedidi.com/cdn-cgi/challenge-platform/h/g/jsd/r/81e0faf9db634bcf
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4be2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 30 Oct 2023 04:40:29 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CYxb5KcMmXjtclQIt7vFgDMGpYo5zmNGofzeRH2uGvPWQ6W8j1ZxqMiA5zZa4HOgqtMKQqLhpP0329uYxx4DznedZkbU2NEVJ3RMKhcbfUaPg20VieeO6XwBnEXRh7qb2PIXCNSuPEoIOxe6KAI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 81e0fb014c574bcd-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
603 B 99ms
40ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.freedidi.com&callback=_gfp_s_&client=ca-pub-3907260628152818

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

367f7cd2ed1bcf9c7b834fbcb927beb7797b8df2a3af0ac292f5a79ca70ced95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 252
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 88AB 238 KB
55 KB 501ms
498ms Document
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3907260628152818&output=html&adk=1812271804&adf=3025194257&lmt=1698676241&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.freedidi.com%2F9982.html&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698640829127&bpp=7&bdt=520&idt=539&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1881258287801&frm=20&pv=2&ga_vid=1487215949.1698640830&ga_sid=1698640830&ga_hid=5260425&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079083%2C44805931%2C44806738%2C31078301&oid=2&pvsid=811607028370533&tmod=2078831252&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=563

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a53f3b9cb83b33a91e55e9dc5da305067c2b74a451fd3868a2d60130f3cd98d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.freedidi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 56201
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 30 Oct 2023 04:40:30 GMT
expires: Mon, 30 Oct 2023 04:40:30 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 49ms
46ms Image
image/gif 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=sidebar%20s2%20group&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 04:40:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 48ms
45ms Image
image/gif 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=sidebar%20s2%20group&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 04:40:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0273 720 B
578 B 284ms
283ms Document
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3907260628152818&output=html&h=590&slotname=8860042738&adk=3730733119&adf=140651668&pi=t.ma~as.8860042738&w=1180&cr_col=4&cr_row=2&fwrn=2&lmt=1698676241&rafmt=9&format=1180x590&url=https%3A%2F%2Fwww.freedidi.com%2F9982.html&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698640829134&bpp=2&bdt=527&idt=562&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1881258287801&frm=20&pv=1&ga_vid=1487215949.1698640830&ga_sid=1698640830&ga_hid=5260425&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=100&ady=3012&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079083%2C44805931%2C44806738%2C31078301&oid=2&pvsid=811607028370533&tmod=2078831252&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=IyenKkdmDh&p=https%3A//www.freedidi.com&dtd=571

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b370cb5b3a98725db5d3a47c42e88c347085afb826f2953c980a28ac9b036de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.freedidi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 357
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 30 Oct 2023 04:40:29 GMT
expires: Mon, 30 Oct 2023 04:40:29 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 360B 56 KB
19 KB 415ms
414ms Document
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3907260628152818&output=html&h=600&slotname=8121676132&adk=1871830121&adf=2363148817&pi=t.ma~as.8121676132&w=220&fwrn=4&fwrnh=100&lmt=1698676241&rafmt=1&format=220x600&url=https%3A%2F%2Fwww.freedidi.com%2F9982.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698640829136&bpp=3&bdt=530&idt=575&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1180x590&nras=1&correlator=1881258287801&frm=20&pv=1&ga_vid=1487215949.1698640830&ga_sid=1698640830&ga_hid=5260425&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1340&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079083%2C44805931%2C44806738%2C31078301&oid=2&pvsid=811607028370533&tmod=2078831252&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=CcuaZm2u3A&p=https%3A//www.freedidi.com&dtd=581

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb750dcabacf05ae0a5f5c7b646d0eb42780c7ca37b8e9e35aa3ee06dde4873c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.freedidi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 19450
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 30 Oct 2023 04:40:30 GMT
expires: Mon, 30 Oct 2023 04:40:30 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9A0A 720 B
384 B 320ms
319ms Document
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3907260628152818&output=html&h=280&slotname=8121676132&adk=2110978461&adf=1795251393&pi=t.ma~as.8121676132&w=1200&fwrn=4&fwrnh=100&lmt=1698676241&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.freedidi.com%2F9982.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698640829139&bpp=1&bdt=533&idt=623&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1180x590%2C220x600&nras=1&correlator=1881258287801&frm=20&pv=1&ga_vid=1487215949.1698640830&ga_sid=1698640830&ga_hid=5260425&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=3848&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079083%2C44805931%2C44806738%2C31078301&oid=2&pvsid=811607028370533&tmod=2078831252&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=WuTmboHrri&p=https%3A//www.freedidi.com&dtd=627

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83dc6ef4f31b6c14bc5b45de192a2e2e4e970082f505670064761ac8335487a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.freedidi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 360
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 30 Oct 2023 04:40:30 GMT
expires: Mon, 30 Oct 2023 04:40:30 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame 5232 90 KB
36 KB 295ms
68ms Script
application/javascript 2620:1ec:46::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3907260628152818&output=html&h=600&slotname=8121676132&adk=1871830121&adf=2363148817&pi=t.ma~as.8121676132&w=220&fwrn=4&fwrnh=100&lmt=1698676241&rafmt=1&format=220x600&url=https%3A%2F%2Fwww.freedidi.com%2F9982.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698640829136&bpp=3&bdt=530&idt=575&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1180x590&nras=1&correlator=1881258287801&frm=20&pv=1&ga_vid=1487215949.1698640830&ga_sid=1698640830&ga_hid=5260425&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1340&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079083%2C44805931%2C44806738%2C31078301&oid=2&pvsid=811607028370533&tmod=2078831252&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=CcuaZm2u3A&p=https%3A//www.freedidi.com&dtd=581
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 56c403d2eb0951999e5a3b90338a97c71eee19956ea41892c167dd354247fd84

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 30 Oct 2023 04:40:30 GMT
content-encoding: br
last-modified: Thu, 26 Oct 2023 16:57:38 GMT
vary: Accept-Encoding
x-azure-ref: 20231030T044030Z-u9sp7b7s891g73m3t0wpxz7ne400000000ug0000000036vh
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 8b67a8c2-301e-00e8-0c9b-0927d8000000
cache-control: private, max-age=3600
x-cache: TCP_HIT
x-ms-version: 2009-09-19

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/239/ Frame 5232 80 KB
28 KB 106ms
18ms Script
application/x-javascript 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/239/trk.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3907260628152818&output=html&h=600&slotname=8121676132&adk=1871830121&adf=2363148817&pi=t.ma~as.8121676132&w=220&fwrn=4&fwrnh=100&lmt=1698676241&rafmt=1&format=220x600&url=https%3A%2F%2Fwww.freedidi.com%2F9982.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698640829136&bpp=3&bdt=530&idt=575&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1180x590&nras=1&correlator=1881258287801&frm=20&pv=1&ga_vid=1487215949.1698640830&ga_sid=1698640830&ga_hid=5260425&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1340&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079083%2C44805931%2C44806738%2C31078301&oid=2&pvsid=811607028370533&tmod=2078831252&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=CcuaZm2u3A&p=https%3A//www.freedidi.com&dtd=581
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Expires: Wed, 10 Jul 2024 11:56:20 GMT
Date: Mon, 30 Oct 2023 04:40:30 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 9564250
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 27646
X-Served-By: cache-lga21944-LGA, cache-yyz4576-YYZ
Last-Modified: Tue, 11 Jul 2023 11:56:12 GMT
Server: AkamaiNetStorage
X-Timer: S1698640830.492458,VS0,VE0
ETag: "615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 26, 246246

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame 5232 3 KB
1 KB 96ms
28ms Script
text/javascript 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3907260628152818&output=html&h=600&slotname=8121676132&adk=1871830121&adf=2363148817&pi=t.ma~as.8121676132&w=220&fwrn=4&fwrnh=100&lmt=1698676241&rafmt=1&format=220x600&url=https%3A%2F%2Fwww.freedidi.com%2F9982.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698640829136&bpp=3&bdt=530&idt=575&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1180x590&nras=1&correlator=1881258287801&frm=20&pv=1&ga_vid=1487215949.1698640830&ga_sid=1698640830&ga_hid=5260425&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1340&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079083%2C44805931%2C44806738%2C31078301&oid=2&pvsid=811607028370533&tmod=2078831252&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=CcuaZm2u3A&p=https%3A//www.freedidi.com&dtd=581

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:11:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1733
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Nov 2023 04:11:37 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame 5232 20 KB
9 KB 91ms
24ms Script
text/javascript 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:11:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1734
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8426
x-xss-protection: 0
server: cafe
etag: 17696348727749479825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Nov 2023 04:11:36 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5232 195 KB
62 KB 108ms
40ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b101340991fbebde5f9270261516148091e118c9d5e61dc617c27718b74dee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62779
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698233972131352"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 30 Oct 2023 04:40:30 GMT

GET
H2

200

c.gif
www.bing.com/aes/ Frame 5232
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=77393372-8b51-4770-81ca-21369c66b783&bidId=15000&bidderId=4&cmExpId=V7&oAdUnit=391466&publisherId=162645330&rId=364d434c-9f90-4119-...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=95a8b4effae249a99889246c8873595a&SNR=1&GV=2&med=10

0
245 B

47ms
46ms

Image
text/plain

2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=95a8b4effae249a99889246c8873595a&SNR=1&GV=2&med=10
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3907260628152818&output=html&h=600&slotname=8121676132&adk=1871830121&adf=2363148817&pi=t.ma~as.8121676132&w=220&fwrn=4&fwrnh=100&lmt=1698676241&rafmt=1&format=220x600&url=https%3A%2F%2Fwww.freedidi.com%2F9982.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698640829136&bpp=3&bdt=530&idt=575&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1180x590&nras=1&correlator=1881258287801&frm=20&pv=1&ga_vid=1487215949.1698640830&ga_sid=1698640830&ga_hid=5260425&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1340&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079083%2C44805931%2C44806738%2C31078301&oid=2&pvsid=811607028370533&tmod=2078831252&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=CcuaZm2u3A&p=https%3A//www.freedidi.com&dtd=581
Protocol: H2
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 04:40:30 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FA5DB2AC08C84EE5AEDC286DF488F99C Ref B: EWR311000101025 Ref C: 2023-10-30T04:40:30Z
vary: Origin
x-cache: CONFIG_NOCACHE
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Mon, 30 Oct 2023 04:40:30 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 72C0970D60D64BA5900BCB0B4F522570 Ref B: EWR311000101025 Ref C: 2023-10-30T04:40:30Z
vary: Origin
x-cache: CONFIG_NOCACHE
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=95a8b4effae249a99889246c8873595a&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
content-length: 154
expires: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/ 159 KB
54 KB 64ms
63ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2f00a9792f87f27371d2bf31a78f39ed4d55299bbe648d970513a5af008020e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55365
x-xss-protection: 0
server: cafe
etag: 2750436090497020131
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Oct 2023 04:40:30 GMT

GET
H2 200 ca-pub-3907260628152818 Show response
fundingchoicesmessages.google.com/i/ 160 KB
53 KB 139ms
71ms Script
application/javascript 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-3907260628152818?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2efbed0afcb9d97798cf316d96d42d7c84317de960c169d16dd1cc1caaa36841

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-fcUY42VKm1J2sFATnBl8Cg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:30 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-fcUY42VKm1J2sFATnBl8Cg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 46ms
45ms Image
image/gif 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pflna&evt=place&vh=1200&eid=44759875%2C44759926%2C31079083%2C44805931%2C44806738%2C31078301&hl=zh-CN&pvc=811607028370533

Requested by

Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 04:40:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5047 38 KB
16 KB 294ms
292ms Document
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3907260628152818&output=html&h=240&adk=160681226&adf=626423659&pi=t.aa~a.601257254~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1698676241&rafmt=1&to=qs&pwprc=3889220726&format=300x240&url=https%3A%2F%2Fwww.freedidi.com%2F9982.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698640830539&bpp=2&bdt=1933&idt=-M&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd3fa451c4fe5cdaf%3AT%3D1698640829%3ART%3D1698640829%3AS%3DALNI_Ma_akyAxRRC9UvrsKGpW1OGmF6A9Q&gpic=UID%3D00000d9d9821ad12%3AT%3D1698640829%3ART%3D1698640829%3AS%3DALNI_MaPTj_E25uDkk2ACeGpVkCgNw4YWg&prev_fmts=0x0%2C1180x590%2C220x600%2C1200x280&nras=2&correlator=1881258287801&frm=20&pv=1&ga_vid=1487215949.1698640830&ga_sid=1698640830&ga_hid=5260425&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1300&ady=1241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079083%2C44805931%2C44806738%2C31078301&oid=2&pvsid=811607028370533&tmod=2078831252&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=8fCMXJKRJe&p=https%3A//www.freedidi.com&dtd=104

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

422e61275666552abcc42eaf72fc17f53c803e7c43bdf3e176d8b8a7f2e4d8b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.freedidi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 16247
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 30 Oct 2023 04:40:30 GMT
expires: Mon, 30 Oct 2023 04:40:30 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DD84 123 KB
42 KB 511ms
510ms Document
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3907260628152818&output=html&h=90&adk=3921313794&adf=1937372392&pi=t.aa~a.2849377179~rp.4&w=1180&fwrn=1&fwrnh=100&lmt=1698676241&rafmt=1&to=qs&pwprc=3889220726&format=1180x90&url=https%3A%2F%2Fwww.freedidi.com%2F9982.html&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698640830539&bpp=1&bdt=1933&idt=-M&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd3fa451c4fe5cdaf%3AT%3D1698640829%3ART%3D1698640829%3AS%3DALNI_Ma_akyAxRRC9UvrsKGpW1OGmF6A9Q&gpic=UID%3D00000d9d9821ad12%3AT%3D1698640829%3ART%3D1698640829%3AS%3DALNI_MaPTj_E25uDkk2ACeGpVkCgNw4YWg&prev_fmts=0x0%2C1180x590%2C220x600%2C1200x280%2C300x240&nras=3&correlator=1881258287801&frm=20&pv=1&ga_vid=1487215949.1698640830&ga_sid=1698640830&ga_hid=5260425&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=100&ady=2254&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079083%2C44805931%2C44806738%2C31078301&oid=2&pvsid=811607028370533&tmod=2078831252&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=UDfxRXMur8&p=https%3A//www.freedidi.com&dtd=115

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

24d4f8c30eaea3c91a5d3dc3c7e11f250fcfe10c3a6032a7cafdb5bc5eb8648d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.freedidi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43334
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 30 Oct 2023 04:40:31 GMT
expires: Mon, 30 Oct 2023 04:40:31 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/ Frame 5F4B 10 KB
4 KB 27ms
26ms Document
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.freedidi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 7175
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4480
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 30 Oct 2023 02:40:55 GMT
etag: 4569948109300706969
expires: Mon, 13 Nov 2023 02:40:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxWJgb49EeKY_6htYQUoQIn7pYob-V00l8zoNLXlxCRnbMMCGLSCdcShVhspchpkDTqf1eDyEv5uHXQLDjHYv-r9jHPQDbh1Pc0giGreGs6_sI6XvITyYN1-j8fGhWXwjr3Bxrl1RQ== Show response
fundingchoicesmessages.google.com/f/ 13 KB
7 KB 88ms
87ms Script
application/javascript 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWJgb49EeKY_6htYQUoQIn7pYob-V00l8zoNLXlxCRnbMMCGLSCdcShVhspchpkDTqf1eDyEv5uHXQLDjHYv-r9jHPQDbh1Pc0giGreGs6_sI6XvITyYN1-j8fGhWXwjr3Bxrl1RQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk4NjQwODMwLDcyMDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cuZnJlZWRpZGkuY29tLzk5ODIuaHRtbCIsbnVsbCxbWzgsImx4SllXYThUSklvIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.lxJYWa8TJIo.es5.O/am=CAM/d=1/rs=AJlcJMw_ealo3TULN_RkQN3s1y0X38wCBw/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e131a3038aeb6f724a2a491a22abcaf0baf8103c218591d58cc046601245cd92

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-s5UhvRv1oykGVrhUgmArWQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:30 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-s5UhvRv1oykGVrhUgmArWQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 th
www.bing.com/ Frame 5232 11 KB
11 KB 117ms
117ms Image
image/jpeg 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.8452575278960_19H1RITEUWK310F2FA&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=180&h=180&qlt=90
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3907260628152818&output=html&h=600&slotname=8121676132&adk=1871830121&adf=2363148817&pi=t.ma~as.8121676132&w=220&fwrn=4&fwrnh=100&lmt=1698676241&rafmt=1&format=220x600&url=https%3A%2F%2Fwww.freedidi.com%2F9982.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698640829136&bpp=3&bdt=530&idt=575&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1180x590&nras=1&correlator=1881258287801&frm=20&pv=1&ga_vid=1487215949.1698640830&ga_sid=1698640830&ga_hid=5260425&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1340&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079083%2C44805931%2C44806738%2C31078301&oid=2&pvsid=811607028370533&tmod=2078831252&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=CcuaZm2u3A&p=https%3A//www.freedidi.com&dtd=581
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f073a70b7047ab128b5263ff6a45ae1d1c2c04b85704fbfd5458c27a5068947d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:30 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F3912FB8095E4916AE644160C9610B15 Ref B: EWR311000101025 Ref C: 2023-10-30T04:40:30Z
access-control-allow-methods: GET, POST, OPTIONS
x-cache: TCP_MISS
access-control-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 10903

GET
H2 200 rd_log Show response
nym1-ib.adnxs.com/ Frame 5232 0
531 B 164ms
51ms Script
text/html 68.67.160.137
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://nym1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.freedidi.com%2F9982.html&e=wqT_3QL3A_A89wEAAAMA1gAFAQi95_ypBhCHlIqhnfWv5lQYACo2CdBDcBPG86A_Eb1qGJ2UcaA_GQAAAIDrUfA_Ib1qGAUSACkRJNAxAAAAIIXrsT8w2_imAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR4ysoFgAEBigEDVVNEkgUG8NCYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCImh0dHBzOi8vd3d3LmZyZWVkaWRpLmNvbS85OTgyLmh0bWyAAwCIAwGQAwCYAwmgAwGqAwDAA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFsYGxrJfui4VewAUAyQUAAAAAAADwP9IFCQkAAAkOcNgFAeAFAfAFvuMB-gUECAAQAJAGAJgGALgGAMEGCSMs8D_QBsKNBNoGFgoQCRIZAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB8rKBdIHDQkRKAEmCNoHBgFeqBgA4AcA6gcCCADwB42FhwOKCAIQAJUIAACAP5gIAcAI8AbSCAYIABAAGAA.&s=c875d228e0f34e7fd756e568e05a390b3bb1b2de&bdref=https%3A%2F%2Fwww.freedidi.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.freedidi.com%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-3907260628152818%26output%3Dhtml%26h%3D600%26slotname%3D8121676132%26adk%3D1871830121%26adf%3D2363148817%26pi%3Dt.ma~as.8121676132%26w%3D220%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1698676241%26rafmt%3D1%26format%3D220x600%26url%3Dhttps%253A%252F%252Fwww.freedidi.com%252F9982.html%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1698640829136%26bpp%3D3%26bdt%3D530%26idt%3D575%26shv%3Dr20231025%26mjsv%3Dm202310240101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C1180x590%26nras%3D1%26correlator%3D1881258287801%26frm%3D20%26pv%3D1%26ga_vid%3D1487215949.1698640830%26ga_sid%3D1698640830%26ga_hid%3D5260425%26ga_fc%3D0%26u_tz%3D-600%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1340%26ady%3D170%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C31079083%252C44805931%252C44806738%252C31078301%26oid%3D2%26pvsid%3D811607028370533%26tmod%3D2078831252%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CopeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D3%26uci%3Da!3%26fsb%3D1%26xpc%3DCcuaZm2u3A%26p%3Dhttps%253A%2F%2Fwww.freedidi.com%26dtd%3D581,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-3907260628152818%26output%3Dhtml%26h%3D600%26slotname%3D8121676132%26adk%3D1871830121%26adf%3D2363148817%26pi%3Dt.ma~as.8121676132%26w%3D220%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1698676241%26rafmt%3D1%26format%3D220x600%26url%3Dhttps%253A%252F%252Fwww.freedidi.com%252F9982.html%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1698640829136%26bpp%3D3%26bdt%3D530%26idt%3D575%26shv%3Dr20231025%26mjsv%3Dm202310240101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C1180x590%26nras%3D1%26correlator%3D1881258287801%26frm%3D20%26pv%3D1%26ga_vid%3D1487215949.1698640830%26ga_sid%3D1698640830%26ga_hid%3D5260425%26ga_fc%3D0%26u_tz%3D-600%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1340%26ady%3D170%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C31079083%252C44805931%252C44806738%252C31078301%26oid%3D2%26pvsid%3D811607028370533%26tmod%3D2078831252%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CopeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D3%26uci%3Da!3%26fsb%3D1%26xpc%3DCcuaZm2u3A%26p%3Dhttps%253A%2F%2Fwww.freedidi.com%26dtd%3D581&

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.137 Fairfield, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 04:40:30 GMT
an-x-request-uuid: 692e64fa-cd3d-4aaf-a636-046ae63717dc
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 96.9.246.195; 96.9.246.195; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 5F4B 4 KB
1 KB 187ms
66ms Stylesheet
text/css 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 30 Oct 2023 04:40:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 02:57:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 30 Oct 2023 04:40:30 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5F4B 205 B
296 B 165ms
49ms Image
image/png 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 13:14:21 GMT
x-content-type-options: nosniff
age: 487569
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 23 Oct 2024 13:14:21 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5F4B 604 B
1 KB 163ms
48ms Image
image/png 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 22:20:36 GMT
x-content-type-options: nosniff
age: 454794
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 23 Oct 2024 22:20:36 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/elements/html/ Frame 5F4B 15 KB
7 KB 45ms
43ms Script
text/javascript 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25bb559beb57a681fbcd6b749ea0c17ecf3939efc5127ac756520f819f0c8f9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 22:51:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20939
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6638
x-xss-protection: 0
server: cafe
etag: 5714928435844906340
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Nov 2023 22:51:31 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/elements/html/ Frame 5F4B 20 KB
8 KB 48ms
46ms Script
text/javascript 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f5676a86af87439536dd10d678b3d458eee7d107a4a9bb0bac62752cc738fb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 22:51:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20939
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8598
x-xss-protection: 0
server: cafe
etag: 10300645532664441910
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Nov 2023 22:51:31 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame 5047 3 KB
1 KB 56ms
54ms Script
text/javascript 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3907260628152818&output=html&h=240&adk=160681226&adf=626423659&pi=t.aa~a.601257254~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1698676241&rafmt=1&to=qs&pwprc=3889220726&format=300x240&url=https%3A%2F%2Fwww.freedidi.com%2F9982.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698640830539&bpp=2&bdt=1933&idt=-M&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd3fa451c4fe5cdaf%3AT%3D1698640829%3ART%3D1698640829%3AS%3DALNI_Ma_akyAxRRC9UvrsKGpW1OGmF6A9Q&gpic=UID%3D00000d9d9821ad12%3AT%3D1698640829%3ART%3D1698640829%3AS%3DALNI_MaPTj_E25uDkk2ACeGpVkCgNw4YWg&prev_fmts=0x0%2C1180x590%2C220x600%2C1200x280&nras=2&correlator=1881258287801&frm=20&pv=1&ga_vid=1487215949.1698640830&ga_sid=1698640830&ga_hid=5260425&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1300&ady=1241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079083%2C44805931%2C44806738%2C31078301&oid=2&pvsid=811607028370533&tmod=2078831252&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=8fCMXJKRJe&p=https%3A//www.freedidi.com&dtd=104

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:11:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1733
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Nov 2023 04:11:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame 5047 20 KB
8 KB 57ms
55ms Script
text/javascript 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:11:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1734
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8426
x-xss-protection: 0
server: cafe
etag: 17696348727749479825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Nov 2023 04:11:36 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 5047 0
0 179ms
58ms Image
text/html 2607:f8b0:4006:821::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQpuU9G0oXE3xgl9x4VdDqonxZsX1AcHJSRWhDwfWR600pzUTSn6ew1vTVlM7nsktExXiEM76QIx-KXqWd2xR5Mu7pbZw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3907260628152818&output=html&h=240&adk=160681226&adf=626423659&pi=t.aa~a.601257254~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1698676241&rafmt=1&to=qs&pwprc=3889220726&format=300x240&url=https%3A%2F%2Fwww.freedidi.com%2F9982.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698640830539&bpp=2&bdt=1933&idt=-M&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd3fa451c4fe5cdaf%3AT%3D1698640829%3ART%3D1698640829%3AS%3DALNI_Ma_akyAxRRC9UvrsKGpW1OGmF6A9Q&gpic=UID%3D00000d9d9821ad12%3AT%3D1698640829%3ART%3D1698640829%3AS%3DALNI_MaPTj_E25uDkk2ACeGpVkCgNw4YWg&prev_fmts=0x0%2C1180x590%2C220x600%2C1200x280&nras=2&correlator=1881258287801&frm=20&pv=1&ga_vid=1487215949.1698640830&ga_sid=1698640830&ga_hid=5260425&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1300&ady=1241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079083%2C44805931%2C44806738%2C31078301&oid=2&pvsid=811607028370533&tmod=2078831252&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=8fCMXJKRJe&p=https%3A//www.freedidi.com&dtd=104
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:821::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5047 187 KB
59 KB 90ms
88ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698233972131352"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 30 Oct 2023 04:40:31 GMT

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame 84D6 106 KB
40 KB 514ms
66ms Document
text/html 2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=ZT8zvgAKkCgE0aPxAAQRw8Gxy7Dydq7DZRd69Q&u=%7CbSeKvK0WIlefMXJd73DV0dQGo%2Bxzauu3NNNjPRU%2Fgds%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR6JaQbtbG989qYxMuTT2xEjM0SlPNkBp1w7xRV07GhHiGkG9JeimBj_2CTcNVvPV3crBPwcj_1YryGry7UPVV6bo4pcAtVK6BVzTRjfBml0tb1iVm3q5_zecUJgG5OZ7PkWGLCpkL_OlR0dTUpDHlFfMh8pUcg52mUxQDEPO_Lop_IOUWPi5pHnXKa3vImaouK_yNPjlhPQxZII0xdbkbXzOx4YORSiy8K33JtSGWIL5H073IsWYEar26vYkx0Xj-F8cgKJYiBFMg5LEVPHx7o3Bh2f8Wij6PYCvsA0QkSC9SN7wxKg3WVPnn3W9xLjhL-lY2LEsRXBbvYXMBcsuHAzk8rb2xBFWkSodx5tfmROrcWMLXMr6ERNtbrdxWfnCZW6xMqUqSLRbrqsyXf5nomphvlIMqL--09EPtr1l4G47GXAIyeYs9A9tDgTd_yHV9Q7pL45NgFjmX0bnN1vX0aBrXP7Ud7nrU4pKUWEeNYclWt0mlB3keNknHeVerCocHkHyQ8p0_EZJVHxns3OKSc-e7c-wks1pz0sSo65pIMoJYXPYVdlDYUxcTRN9G1Wpmg8TIeK3_RtKw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR4RrvjM_ZaigKvHHxtYPw6OQ4AOcge-wXKqbqap0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItMzkwNzI2MDYyODE1MjgxOMgBCagDAcgDAqoE5gFP0IjvRzZ9n8BRsuy-N3uB352EimhjdnFfiTYMSs782Qm0aSv_Rve095Y7wyAZFY3auBm2lh4iekE1c-W9L2OxQD-QcoyFymgsnaVJ52lF67zLPq6-78mZKKGtxxzHVtuQlS0yGxQE_dH6hQv-uS-mVxiBPcQNCy9gvDzT9qmjqI1jdU6n-o6D4rDpwWYn8tEi_Rmn28pZCf-diA-qcIax8gq6kHi_zdVsYCHXXeB_cd_xviiigLTG1EepbzORosPZg-XnS4FQa1eZcHXwQfy-376o-XdTskhrLMAC7jDi8eP-t1rQUoAGpaLYz_-s-ujtAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0OjPc-Wau7SAfpYVHEHKWN-LKONw%26client%3Dca-pub-3907260628152818%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

3d781e0160c61f9ce44d07d180ba766435fe73dd55a147fa61c83468fff0720e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 30 Oct 2023 04:40:31 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=miEPp9rpaAmst3o-X0ivC72TyeeLMJRpTI_Qh_J6efeOzcps0V5a8jey3ZaUUyy2ToZzWUttwKYsZQRwITh7_6aHtcgsPqXt1Q3gOelu2niwg27Ux3q7D1itMNWcYJFsvrGV3Zw2_ae_24lCOw6zi0diZOxQYi8vj4BhxDH724BxGulfR0BcOkaCum9lVNHaMf0rYCP8BLdSTibUOBwY7Px9vOPdMbl16e9RbFohqMZEfna6Ikd0svJW8sNJBuR2F7Ad1A"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 17766003
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 85DC 1 KB
643 B 63ms
60ms Document
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 15232
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 30 Oct 2023 00:26:39 GMT
etag: 48472445140208031
expires: Tue, 31 Oct 2023 00:26:39 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5232 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa17c3cd738256e90153ff7fd5ecdcb4548d72456bfe9da8f3391adbf5cc3ed8

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5232 0
19 B 67ms
66ms Image
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CWlydvTM_ZfWdLuz2xtYP1oKwmATS4Nfgbo-ktpOTCsCNtwEQASAAYMnujovApIwQggEXY2EtcHViLTM5MDcyNjA2MjgxNTI4MTjIAQmoAwHIAwKqBNoBT9B_618LwvMuRKc_ECb1aQI6EZcYvs8gVJxy9ezyhpDahVPVcSHetl9gRFfa8ycHkLkOspKOLyCLd3E-AaxIxQsYMIIAVbmGUQNi09l3cAE-O8XxDEWnQ2UlZnI5s2wy4GJxwPMGLo46hCIH5hZz6Y07uPQ8fuGJREIAhxe7ZGHbPvQOg876EMQVeR30ZrGJv0EFMZfxARloDIfBgB4r6q9e07jwa3zUTyFYKBW8SJJvINiJhqVhRfaf4jUm09byWNLVF9douktNMpG_OWTlrF-Q0zIp0vuTsr6ABsDSn4bIuLH48QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTM5MDcyNjA2MjgxNTI4MTgYAA&sigh=QSe_x4RjYvo&uach_m=[UACH]&cid=CAQSTADICaaNNE0t7IGe7tYa_fJNCd86BVxbrVt06wdHLmI5mDh84msK2X0luL_SYcCI382-8Kp19xWYk2kw55IKEpz02QFLu0AFs8Y0vKMYAQ&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3907260628152818&output=html&h=600&slotname=8121676132&adk=1871830121&adf=2363148817&pi=t.ma~as.8121676132&w=220&fwrn=4&fwrnh=100&lmt=1698676241&rafmt=1&format=220x600&url=https%3A%2F%2Fwww.freedidi.com%2F9982.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698640829136&bpp=3&bdt=530&idt=575&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1180x590&nras=1&correlator=1881258287801&frm=20&pv=1&ga_vid=1487215949.1698640830&ga_sid=1698640830&ga_hid=5260425&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1340&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079083%2C44805931%2C44806738%2C31078301&oid=2&pvsid=811607028370533&tmod=2078831252&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=CcuaZm2u3A&p=https%3A//www.freedidi.com&dtd=581
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 30 Oct 2023 04:40:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 it
nym1-ib.adnxs.com/ Frame 5232 0
530 B 44ms
42ms Image
text/html 68.67.160.137
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nym1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwww.freedidi.com%2F9982.html&e=wqT_3QKnB-inAwAAAwDWAAUBCL3n_KkGEIeUiqGd9a_mVBgAKjYJ0ENwE8bzoD8RvWoYnZRxoD8ZAAAAgOtR8D8hvQ0SACkRJNAxAAAAIIXrsT8w2_imAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR4ysoFgAEBigEDVVNEkgUG8PWYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCImh0dHBzOi8vd3d3LmZyZWVkaWRpLmNvbS85OTgyLmh0bWyAAwCIAwGQAwCYAwmgAwGqA6wDCsICaHR0cHM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9MzY0ZDQzNGMtOWY5MC00MTE5LTkyNjQtY2QwYzAwZTgwNWFkJmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1WNyZvQWRVbmkVWxxwdWJsaXNoZQEoJDE2MjY0NTMzMCYBDgQzNopwALhydHlwZT1udXJsJnRhZ0lkPTY5Mjk0OTkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YjYZAPDQX3B5dnB4cGJhc3Zlem5ndmJhJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTNjExMDQ2OTUzMDU2NDMzMjAzOSIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpOemcwTURreE1qYzVOVGcwTnpnak1qTXpNREl3T0Rjek5qa3hPRGczTkE9PcAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLpBd1iIBQGYBQCgBbGBsayX7ouFXsAFAMkFAAUBFPA_0gUJCQULQAAAANgFAeAFAfAFvuMB-gUEAVwokAYAmAYAuAYAwQYBITQAAPA_0AbCjQTaBhYKEAkSGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAfKygXSBw0VZQEmCNoHBgFetBgA4AcA6gcCCADwB42FhwOKCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=8e415fde3fbe16ac7f851f3631ed7cdab89e4f61&pp=ZT8zvQALjvUE0btsAAwBVomwxBpoVESJ_fsjPQ&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHdCdvTM_ZfWdLuz2xtYP1oKwmATS4Nfgbo-ktpOTCsCNtwEQASAAYMnujovApIwQggEXY2EtcHViLTM5MDcyNjA2MjgxNTI4MTjIAQmoAwHIAwKqBN0BT9B_618LwvMuRKc_ECb1aQI6EZcYvs8gVJxy9ezyhpDahVPVcSHetl9gRFfa8ycHkLkOspKOLyCLd3E-AaxIxQsYMIIAVbmGUQNi09l3cAE-O8XxDEWnQ2UlZnI5s2wy4GJxwPMGLo46hCIH5hZz6Y07uPQ8fuGJREIAhxe7ZGHbPvQOg876EMQVeR30ZrGJv0EFMZfxARloDIfBgB4r6q9e07jwa3zUTyFYKBW8SJJvINiJxKdA1zQ7GFiyKaJHxotRodNLsM9EHIlmm-K8KOMQ-R4xEnpx3yrF5emABsDSn4bIuLH48QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3EEkIMbAsd8JT6jcnirCKMPDpGlg%26client%3Dca-pub-3907260628152818%26adurl%3D&cbvp=2

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.137 Fairfield, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 04:40:31 GMT
an-x-request-uuid: a5e0afad-523d-47af-833b-b907bc92c4f9
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 96.9.246.195; 96.9.246.195; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
nym1-ib.adnxs.com/ Frame 5232 0
554 B 59ms
58ms Ping
text/html 68.67.160.137
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.freedidi.com%2F9982.html&e=wqT_3QKnB-inAwAAAwDWAAUBCL3n_KkGEIeUiqGd9a_mVBgAKjYJ0ENwE8bzoD8RvWoYnZRxoD8ZAAAAgOtR8D8hvQ0SACkRJNAxAAAAIIXrsT8w2_imAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR4ysoFgAEBigEDVVNEkgUG8PWYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCImh0dHBzOi8vd3d3LmZyZWVkaWRpLmNvbS85OTgyLmh0bWyAAwCIAwGQAwCYAwmgAwGqA6wDCsICaHR0cHM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9MzY0ZDQzNGMtOWY5MC00MTE5LTkyNjQtY2QwYzAwZTgwNWFkJmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1WNyZvQWRVbmkVWxxwdWJsaXNoZQEoJDE2MjY0NTMzMCYBDgQzNopwALhydHlwZT1udXJsJnRhZ0lkPTY5Mjk0OTkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YjYZAPDQX3B5dnB4cGJhc3Zlem5ndmJhJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTNjExMDQ2OTUzMDU2NDMzMjAzOSIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpOemcwTURreE1qYzVOVGcwTnpnak1qTXpNREl3T0Rjek5qa3hPRGczTkE9PcAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLpBd1iIBQGYBQCgBbGBsayX7ouFXsAFAMkFAAUBFPA_0gUJCQULQAAAANgFAeAFAfAFvuMB-gUEAVwokAYAmAYAuAYAwQYBITQAAPA_0AbCjQTaBhYKEAkSGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAfKygXSBw0VZQEmCNoHBgFetBgA4AcA6gcCCADwB42FhwOKCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=8e415fde3fbe16ac7f851f3631ed7cdab89e4f61&type=nv&nvt=5&jm=1003&px=30&py=0&bw=160&bh=160&sid=2455652621327295147&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&sw=1600&sh=1200&pw=220&ph=600&ww=220&wh=600&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.137 Fairfield, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 04:40:31 GMT
an-x-request-uuid: 8df99966-0be5-47cc-b44f-a25109772e4e
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 96.9.246.195; 96.9.246.195; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 5047 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 53f59017c9bc83993ef4607dd4861a5a1a646865b98134fb2a0f9a701814faef

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame 5892 2 KB
825 B 53ms
52ms Script
text/javascript 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:11:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1734
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 798
x-xss-protection: 0
server: cafe
etag: 15713038447858168282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Nov 2023 04:11:37 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/ Frame 5892 23 KB
9 KB 52ms
51ms Script
text/javascript 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:11:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1734
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9137
x-xss-protection: 0
server: cafe
etag: 5200559654007170660
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Nov 2023 04:11:37 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame 5892 3 KB
1 KB 61ms
58ms Script
text/javascript 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:11:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1734
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Nov 2023 04:11:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame 5892 20 KB
8 KB 61ms
59ms Script
text/javascript 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:11:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1735
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8426
x-xss-protection: 0
server: cafe
etag: 17696348727749479825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Nov 2023 04:11:36 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5892 187 KB
59 KB 96ms
95ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698233972131352"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 30 Oct 2023 04:40:31 GMT

GET
H2 200 ac1dbca482530a26bafc7a8c1241173a.js Show response
www.gstatic.com/mysidia/ Frame 5892 36 KB
15 KB 56ms
54ms Script
text/javascript 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ac1dbca482530a26bafc7a8c1241173a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 00:37:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 273794
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15099
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 16:29:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 25 Jan 2024 00:37:17 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 85DC
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEBzNwC1spegN1gymD0PMjeQ&google_cver=1&google_push=AXcoOmRGHJnPSRqnqhgYppoFwHRY0qSZIQOD60MsCVodwLO-EP2qEt1Kg--CYiRU6duPKqFMCvsrrSjLMn057dYUUNa6IuGcrArC7...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBzNwC1spegN1gymD0PMjeQ&google_cver=1&google_push=AXcoOmRGHJnPSRqnqhgYppoFwHRY0qSZIQOD60MsCVodwLO-EP2qEt1Kg--CYiRU6duPKqFMCvsrrSjLMn057dYUUNa6IuGcrAr...

43 B
427 B

134ms
125ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBzNwC1spegN1gymD0PMjeQ&google_cver=1&google_push=AXcoOmRGHJnPSRqnqhgYppoFwHRY0qSZIQOD60MsCVodwLO-EP2qEt1Kg--CYiRU6duPKqFMCvsrrSjLMn057dYUUNa6IuGcrArC7Ug&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRGHJnPSRqnqhgYppoFwHRY0qSZIQOD60MsCVodwLO-EP2qEt1Kg--CYiRU6duPKqFMCvsrrSjLMn057dYUUNa6IuGcrArC7Ug%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3907260628152818&output=html&h=240&adk=160681226&adf=626423659&pi=t.aa~a.601257254~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1698676241&rafmt=1&to=qs&pwprc=3889220726&format=300x240&url=https%3A%2F%2Fwww.freedidi.com%2F9982.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698640830539&bpp=2&bdt=1933&idt=-M&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd3fa451c4fe5cdaf%3AT%3D1698640829%3ART%3D1698640829%3AS%3DALNI_Ma_akyAxRRC9UvrsKGpW1OGmF6A9Q&gpic=UID%3D00000d9d9821ad12%3AT%3D1698640829%3ART%3D1698640829%3AS%3DALNI_MaPTj_E25uDkk2ACeGpVkCgNw4YWg&prev_fmts=0x0%2C1180x590%2C220x600%2C1200x280&nras=2&correlator=1881258287801&frm=20&pv=1&ga_vid=1487215949.1698640830&ga_sid=1698640830&ga_hid=5260425&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1300&ady=1241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079083%2C44805931%2C44806738%2C31078301&oid=2&pvsid=811607028370533&tmod=2078831252&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=8fCMXJKRJe&p=https%3A//www.freedidi.com&dtd=104
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 04:40:31 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 81e0fb0d9eb04bc1-BUF
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 30 Oct 2023 04:40:31 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 4901
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBzNwC1spegN1gymD0PMjeQ&google_cver=1&google_push=AXcoOmRGHJnPSRqnqhgYppoFwHRY0qSZIQOD60MsCVodwLO-EP2qEt1Kg--CYiRU6duPKqFMCvsrrSjLMn057dYUUNa6IuGcrArC7Ug&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRGHJnPSRqnqhgYppoFwHRY0qSZIQOD60MsCVodwLO-EP2qEt1Kg--CYiRU6duPKqFMCvsrrSjLMn057dYUUNa6IuGcrArC7Ug%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 81e0fb0c9e9f4bc1-BUF
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 85DC
Redirect Chain

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEDq4h-ktnwRlSlsvZB_rvVw&google_cver=1&google_push=AXcoOmRLm_eRHYl-8YU6-RN4vDy0_YviWiDYqdNKuGX4BGzM3NBwLqNtcpvbP7dseJjdsDWamAGt6...
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmRLm_eRHYl-8YU6-RN4vDy0_YviWiDYqdNKuGX4BGzM3NBwLqNtcpvbP7dseJjdsDWamAGt68ibKDCpS1dxW2WwXEj-n34HwA

170 B
232 B

96ms
94ms

Image
image/png

142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmRLm_eRHYl-8YU6-RN4vDy0_YviWiDYqdNKuGX4BGzM3NBwLqNtcpvbP7dseJjdsDWamAGt68ibKDCpS1dxW2WwXEj-n34HwA

Requested by

Protocol

Server

142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 04:40:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 30 Oct 2023 04:40:30 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: DC5D85222530487789B39C6A3311D345 Ref B: NYCEDGE1609 Ref C: 2023-10-30T04:40:31Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmRLm_eRHYl-8YU6-RN4vDy0_YviWiDYqdNKuGX4BGzM3NBwLqNtcpvbP7dseJjdsDWamAGt68ibKDCpS1dxW2WwXEj-n34HwA
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYI56Nc4EksnaMD4IXlmQ==

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 85DC
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJ9EHF6BEjmyBY0LNm4MBI8&google_cver=1&google_push=AXcoOmRtmRaRAidqf-XWVFYNiiDUcF-UIf-UseGfLfIiCq38G88g6mCx4jGeD0hAJeA0R4-Xg6vpzxffWdeNmBZLEgFU...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEJ9EHF6BEjmyBY0LNm4MBI8&google_cver=1&google_push=AXcoOmRtmRaRAidqf-XWVFYNiiDUcF-UIf-UseGfLfIiCq38G88g6mCx4jGeD0hAJeA0R4-Xg6vpzxffWdeNmB...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRtmRaRAidqf-XWVFYNiiDUcF-UIf-UseGfLfIiCq38G88g6mCx4jGeD0hAJeA0R4-Xg6vpzxffWdeNmBZLEgFUNQGICU11_Zs&google_hm=ciLQnGYBQMOkQubqS7xc...

170 B
232 B

93ms
92ms

Image
image/png

142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRtmRaRAidqf-XWVFYNiiDUcF-UIf-UseGfLfIiCq38G88g6mCx4jGeD0hAJeA0R4-Xg6vpzxffWdeNmBZLEgFUNQGICU11_Zs&google_hm=ciLQnGYBQMOkQubqS7xceg==

Requested by

Protocol

Server

142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 04:40:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRtmRaRAidqf-XWVFYNiiDUcF-UIf-UseGfLfIiCq38G88g6mCx4jGeD0hAJeA0R4-Xg6vpzxffWdeNmBZLEgFUNQGICU11_Zs&google_hm=ciLQnGYBQMOkQubqS7xceg==
Date: Mon, 30 Oct 2023 04:40:31 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 85DC
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEM6QXs6rzBhRz9dAO8A6Pe4&google_cver=1&google_push=AXcoOmRN9huT6BKSh-kig8oz7H98O1Yswbu1M87c_7d_hAwcih7kzH1W-GLYWt1fxUcmVJuQVLrqbl-N...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEM6QXs6rzBhRz9dAO8A6Pe4&google_cver=1&google_push=AXcoOmRN9huT6BKSh-kig8oz7H98O1Yswbu1M87c_7d_hAwcih7kzH1W-GLYWt1fxUcmVJuQVLr...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTE1ODY4NTMzNTIxMDE1Mjc1NQ&google_push=AXcoOmRN9huT6BKSh-kig8oz7H98O1Yswbu1M87c_7d_hAwcih7kzH1W-GLYWt1fxUcmVJuQVLrqbl...

170 B
232 B

96ms
93ms

Image
image/png

142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTE1ODY4NTMzNTIxMDE1Mjc1NQ&google_push=AXcoOmRN9huT6BKSh-kig8oz7H98O1Yswbu1M87c_7d_hAwcih7kzH1W-GLYWt1fxUcmVJuQVLrqbl-NYI-3j16AEkkaAB77gfOYhjE

Requested by

Protocol

Server

142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 04:40:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 30 Oct 2023 04:40:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTE1ODY4NTMzNTIxMDE1Mjc1NQ&google_push=AXcoOmRN9huT6BKSh-kig8oz7H98O1Yswbu1M87c_7d_hAwcih7kzH1W-GLYWt1fxUcmVJuQVLrqbl-NYI-3j16AEkkaAB77gfOYhjE
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 85DC
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEHFZhiqozIzWWs--tIPQBFA&google_cver=1&google_push=AXcoOmQ1cEACcf6cFHYY3xgbOajrilOeJnM4TPjR7oKa_NTmHdJI5BOdzfpzFA1Q67Qijlo-fwzlwd0zLoyc...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi37iI-hsH7U_FRjo8B80uG5MW3gf5OxhIg&google_push=AXcoOmQ1cEACcf6cFHYY3xgbOajrilOeJnM4TPjR7oKa_NTmHdJI5BOdzfpzFA1Q67Qijlo-fwzlwd0zLo...

170 B
329 B

69ms
68ms

Image
image/png

142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi37iI-hsH7U_FRjo8B80uG5MW3gf5OxhIg&google_push=AXcoOmQ1cEACcf6cFHYY3xgbOajrilOeJnM4TPjR7oKa_NTmHdJI5BOdzfpzFA1Q67Qijlo-fwzlwd0zLoyclS0gvNJJlFOLWvCQPpk

Requested by

Protocol

Server

142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 04:40:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi37iI-hsH7U_FRjo8B80uG5MW3gf5OxhIg&google_push=AXcoOmQ1cEACcf6cFHYY3xgbOajrilOeJnM4TPjR7oKa_NTmHdJI5BOdzfpzFA1Q67Qijlo-fwzlwd0zLoyclS0gvNJJlFOLWvCQPpk
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 85DC
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEL5x5CIdDfu23EuoXlVK2pw&google_cver=1&google_push=AXcoOmR6G91hKrikJDbsR_gFlJr7sJsOPT3BebUv_X2vbQ3iJjO6XToSM8Oe-W46pkxLrntFd8jW...
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=google&ssp_init=step1&google_gid=CAESEL5x5CIdDfu23EuoXlVK2pw&google_cver=1&google_push=AXcoOmR6G91hKrikJDbsR_gFlJr7sJsOPT3BebUv_X2vbQ3iJjO6XToSM8Oe-W46pkxLrn...
https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=yCAyL0OcQCK920sMO6NIUA==&no_redirect=1&google_push=AXcoOmR6G91hKrikJDbsR_gFlJr7sJsOPT3BebUv_X2vbQ3iJjO6XT...

170 B
232 B

58ms
56ms

Image
image/png

142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=yCAyL0OcQCK920sMO6NIUA==&no_redirect=1&google_push=AXcoOmR6G91hKrikJDbsR_gFlJr7sJsOPT3BebUv_X2vbQ3iJjO6XToSM8Oe-W46pkxLrntFd8jWf6n8Il8lZczsVAlJYvnaIPXsK7qc

Requested by

Protocol

Server

142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 04:40:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=yCAyL0OcQCK920sMO6NIUA==&no_redirect=1&google_push=AXcoOmR6G91hKrikJDbsR_gFlJr7sJsOPT3BebUv_X2vbQ3iJjO6XToSM8Oe-W46pkxLrntFd8jWf6n8Il8lZczsVAlJYvnaIPXsK7qc
date: Mon, 30 Oct 2023 04:40:31 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame 85DC
Redirect Chain

https://an.yandex.ru/mapuid/google/CAESEPl2kZukwqV58fisN2Cd8IQ?ext-param=AXcoOmQg8fF0LNxHSUkyWuHvBT0QJ0DVHQ7xLwhEaXHsU3YDXNGWoFHb9pbZYIb0OXBBuuPHGTvy7Ojhz_NchbnU7-kh-d5gcT4IHx8d&partner-tag=yandex_...
https://an.yandex.ru/mapuid/google/CAESEPl2kZukwqV58fisN2Cd8IQ?redir-setuniq=1&ext-param=AXcoOmQg8fF0LNxHSUkyWuHvBT0QJ0DVHQ7xLwhEaXHsU3YDXNGWoFHb9pbZYIb0OXBBuuPHGTvy7Ojhz_NchbnU7-kh-d5gcT4IHx8d&par...
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEPl2kZukwqV58fisN2Cd8IQ&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://an.yandex.ru/resource/spacer.gif

43 B
144 B

181ms
180ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Protocol

Server

2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
content-type: image/gif
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 14 Oct 2024 04:40:32 GMT

Redirect headers

pragma: no-cache
date: Mon, 30 Oct 2023 04:40:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://an.yandex.ru/resource/spacer.gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 85DC 0
130 B 177ms
61ms Image
text/html 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IqG1bBNcGGBDP1umz-csdMApqCoOJrHNKgs17Ku_nDyRtaVchFyKEA5AARXM5M-c1ohQwowY0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:31 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 8a6c58a25e971cfbc194f00dd2aa8ad4.js Show response
www.gstatic.com/mysidia/ Frame DD84 9 KB
4 KB 220ms
208ms Script
text/javascript 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8a6c58a25e971cfbc194f00dd2aa8ad4.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3907260628152818&output=html&h=90&adk=3921313794&adf=1937372392&pi=t.aa~a.2849377179~rp.4&w=1180&fwrn=1&fwrnh=100&lmt=1698676241&rafmt=1&to=qs&pwprc=3889220726&format=1180x90&url=https%3A%2F%2Fwww.freedidi.com%2F9982.html&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698640830539&bpp=1&bdt=1933&idt=-M&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd3fa451c4fe5cdaf%3AT%3D1698640829%3ART%3D1698640829%3AS%3DALNI_Ma_akyAxRRC9UvrsKGpW1OGmF6A9Q&gpic=UID%3D00000d9d9821ad12%3AT%3D1698640829%3ART%3D1698640829%3AS%3DALNI_MaPTj_E25uDkk2ACeGpVkCgNw4YWg&prev_fmts=0x0%2C1180x590%2C220x600%2C1200x280%2C300x240&nras=3&correlator=1881258287801&frm=20&pv=1&ga_vid=1487215949.1698640830&ga_sid=1698640830&ga_hid=5260425&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=100&ady=2254&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079083%2C44805931%2C44806738%2C31078301&oid=2&pvsid=811607028370533&tmod=2078831252&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=UDfxRXMur8&p=https%3A//www.freedidi.com&dtd=115

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0667e955cab54a1fb06cfc1746d31f4b4c5ec474132f2392e866eeea1869c767

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 21:43:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 284199
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3907
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 16:29:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 24 Jan 2024 21:43:52 GMT

GET
H2 200 281c723aa683930efadfba50222cf93a.js Show response
www.gstatic.com/mysidia/ Frame DD84 11 KB
5 KB 213ms
202ms Script
text/javascript 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/281c723aa683930efadfba50222cf93a.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6230d463437f9f212ff5a23e3242981dbb9a3d79711a688f1651d35d08990f0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 19:44:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 550573
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4593
x-xss-protection: 0
last-modified: Tue, 17 Oct 2023 21:06:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 21 Jan 2024 19:44:18 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame DD84 2 KB
825 B 44ms
42ms Script
text/javascript 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:11:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1734
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 798
x-xss-protection: 0
server: cafe
etag: 15713038447858168282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Nov 2023 04:11:37 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/ Frame DD84 23 KB
9 KB 45ms
44ms Script
text/javascript 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:11:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1734
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9137
x-xss-protection: 0
server: cafe
etag: 5200559654007170660
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Nov 2023 04:11:37 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame DD84 3 KB
1 KB 42ms
39ms Script
text/javascript 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:11:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1734
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Nov 2023 04:11:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame DD84 20 KB
8 KB 132ms
123ms Script
text/javascript 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:11:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1735
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8426
x-xss-protection: 0
server: cafe
etag: 17696348727749479825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Nov 2023 04:11:36 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame DD84 0
0 202ms
194ms Image
text/html 2607:f8b0:4006:821::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTQEzqDzElvEQO3ui9nVgdCPkIgkFuU49mpEUpNp1KU9wZ1-lKXoM85_0ltRdyKJiqOxM2g2T-SEIAmI9oqAs_8Bs2rUg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3907260628152818&output=html&h=90&adk=3921313794&adf=1937372392&pi=t.aa~a.2849377179~rp.4&w=1180&fwrn=1&fwrnh=100&lmt=1698676241&rafmt=1&to=qs&pwprc=3889220726&format=1180x90&url=https%3A%2F%2Fwww.freedidi.com%2F9982.html&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698640830539&bpp=1&bdt=1933&idt=-M&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd3fa451c4fe5cdaf%3AT%3D1698640829%3ART%3D1698640829%3AS%3DALNI_Ma_akyAxRRC9UvrsKGpW1OGmF6A9Q&gpic=UID%3D00000d9d9821ad12%3AT%3D1698640829%3ART%3D1698640829%3AS%3DALNI_MaPTj_E25uDkk2ACeGpVkCgNw4YWg&prev_fmts=0x0%2C1180x590%2C220x600%2C1200x280%2C300x240&nras=3&correlator=1881258287801&frm=20&pv=1&ga_vid=1487215949.1698640830&ga_sid=1698640830&ga_hid=5260425&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=100&ady=2254&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079083%2C44805931%2C44806738%2C31078301&oid=2&pvsid=811607028370533&tmod=2078831252&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=UDfxRXMur8&p=https%3A//www.freedidi.com&dtd=115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:821::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DD84 187 KB
59 KB 96ms
89ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698233972131352"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 30 Oct 2023 04:40:31 GMT

GET
H3 200 ac1dbca482530a26bafc7a8c1241173a.js Show response
www.gstatic.com/mysidia/ Frame DD84 36 KB
15 KB 49ms
41ms Script
text/javascript 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ac1dbca482530a26bafc7a8c1241173a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 00:37:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 273794
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15099
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 16:29:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 25 Jan 2024 00:37:17 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5047 0
19 B 70ms
66ms Image
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cd1BvvjM_ZaigKvHHxtYPw6OQ4AOcge-wXKqbqap0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItMzkwNzI2MDYyODE1MjgxOMgBCagDAcgDAqoE4wFP0IjvRzZ9n8BRsuy-N3uB352EimhjdnFfiTYMSs782Qm0aSv_Rve095Y7wyAZFY3auBm2lh4iekE1c-W9L2OxQD-QcoyFymgsnaVJ52lF67zLPq6-78mZKKGtxxzHVtuQlS0yGxQE_dH6hQv-uS-mVxiBPcQNCy9gvDzT9qmjqI1jdU6n-o6D4rDpwWYn8tEi_Rmn28pZCf-diA-qcIax8gq6kHi_zdVsYCHXXeB_cd_xviiigLTG1EepbzOR4MH5ESNaoPvZgGhN_EwX5U2x97eG4bPIQTLi5X4cwihjNXfHUIAGpaLYz_-s-ujtAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMzkwNzI2MDYyODE1MjgxOBgA&sigh=NjEK-AtHPHY&uach_m=[UACH]&cid=CAQSPADICaaNxQfcvC52a-VRWiELYUxzfOmZoe6snAQn_j4MNCKH8_YWPNIqezbhAKupKpNVspCXtQyQWN3BfhgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3907260628152818&output=html&h=240&adk=160681226&adf=626423659&pi=t.aa~a.601257254~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1698676241&rafmt=1&to=qs&pwprc=3889220726&format=300x240&url=https%3A%2F%2Fwww.freedidi.com%2F9982.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698640830539&bpp=2&bdt=1933&idt=-M&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd3fa451c4fe5cdaf%3AT%3D1698640829%3ART%3D1698640829%3AS%3DALNI_Ma_akyAxRRC9UvrsKGpW1OGmF6A9Q&gpic=UID%3D00000d9d9821ad12%3AT%3D1698640829%3ART%3D1698640829%3AS%3DALNI_MaPTj_E25uDkk2ACeGpVkCgNw4YWg&prev_fmts=0x0%2C1180x590%2C220x600%2C1200x280&nras=2&correlator=1881258287801&frm=20&pv=1&ga_vid=1487215949.1698640830&ga_sid=1698640830&ga_hid=5260425&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1300&ady=1241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079083%2C44805931%2C44806738%2C31078301&oid=2&pvsid=811607028370533&tmod=2078831252&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=8fCMXJKRJe&p=https%3A//www.freedidi.com&dtd=104
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 30 Oct 2023 04:40:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.va.us.criteo.com/google/auction/ Frame 5047 0
126 B 478ms
57ms Image
text/plain 2620:100:a001::3
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kMOwGM36RKwC8AHiIp0XAgAAADqGr-H47XI-EL0zP2V_e7f2dfTnBZ9YAAASAAAKCkFRVUJDZ0VCQ2c&wp=ZT8zvgAKkCgE0aPxAAQRw8Gxy7Dydq7DZRd69Q&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:31 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 179025
server: Kestrel
content-length: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 84D6 2 KB
1 KB 165ms
47ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZT8zvgAKkCgE0aPxAAQRw8Gxy7Dydq7DZRd69Q&u=%7CbSeKvK0WIlefMXJd73DV0dQGo%2Bxzauu3NNNjPRU%2Fgds%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR6JaQbtbG989qYxMuTT2xEjM0SlPNkBp1w7xRV07GhHiGkG9JeimBj_2CTcNVvPV3crBPwcj_1YryGry7UPVV6bo4pcAtVK6BVzTRjfBml0tb1iVm3q5_zecUJgG5OZ7PkWGLCpkL_OlR0dTUpDHlFfMh8pUcg52mUxQDEPO_Lop_IOUWPi5pHnXKa3vImaouK_yNPjlhPQxZII0xdbkbXzOx4YORSiy8K33JtSGWIL5H073IsWYEar26vYkx0Xj-F8cgKJYiBFMg5LEVPHx7o3Bh2f8Wij6PYCvsA0QkSC9SN7wxKg3WVPnn3W9xLjhL-lY2LEsRXBbvYXMBcsuHAzk8rb2xBFWkSodx5tfmROrcWMLXMr6ERNtbrdxWfnCZW6xMqUqSLRbrqsyXf5nomphvlIMqL--09EPtr1l4G47GXAIyeYs9A9tDgTd_yHV9Q7pL45NgFjmX0bnN1vX0aBrXP7Ud7nrU4pKUWEeNYclWt0mlB3keNknHeVerCocHkHyQ8p0_EZJVHxns3OKSc-e7c-wks1pz0sSo65pIMoJYXPYVdlDYUxcTRN9G1Wpmg8TIeK3_RtKw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR4RrvjM_ZaigKvHHxtYPw6OQ4AOcge-wXKqbqap0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItMzkwNzI2MDYyODE1MjgxOMgBCagDAcgDAqoE5gFP0IjvRzZ9n8BRsuy-N3uB352EimhjdnFfiTYMSs782Qm0aSv_Rve095Y7wyAZFY3auBm2lh4iekE1c-W9L2OxQD-QcoyFymgsnaVJ52lF67zLPq6-78mZKKGtxxzHVtuQlS0yGxQE_dH6hQv-uS-mVxiBPcQNCy9gvDzT9qmjqI1jdU6n-o6D4rDpwWYn8tEi_Rmn28pZCf-diA-qcIax8gq6kHi_zdVsYCHXXeB_cd_xviiigLTG1EepbzORosPZg-XnS4FQa1eZcHXwQfy-376o-XdTskhrLMAC7jDi8eP-t1rQUoAGpaLYz_-s-ujtAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0OjPc-Wau7SAfpYVHEHKWN-LKONw%26client%3Dca-pub-3907260628152818%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:31 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 24 Oct 2024 04:40:31 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 84D6 2 KB
1 KB 168ms
51ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:31 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 24 Oct 2024 04:40:31 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 84D6 308 B
636 B 153ms
46ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:31 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 24 Oct 2024 04:40:31 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 84D6 293 B
621 B 156ms
49ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:31 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Thu, 24 Oct 2024 04:40:31 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame 84D6 43 B
348 B 710ms
54ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=RAUUIZImb6r6NMtUY7CHwt5auXfPq6SZaE1y-Kidi5VVCDtodxBXjuO6_JyU3YC5IkN0dSy5sD2fMoKGdgziBYbIHvIvc4yZgVSjwbgKEeZtSCz8LAJG7Kd-iDUi8lR7hFAXFb03ouZj1UauCrS3RbNPzuyqUnhbt29EgZFj3GmeWEjBNFGwdNlwLRfqFG4QK-PJq4ffkqOeB-ei_xrRmdZkcIEx6auP1mksORoVQGXW24M-6HceaME52nF2yllEtaHK_UiWp6LuFmUucDOSjRvY3dOMfoUJgUHS3JUS4lmy65bbvFJwjHZIP-atiatO51vjDhwH7IEm__HGhwBg2iVboPG4rdz20Jjc1dg0AbqqaIKS34rrZyJ3bf3x0YViNikF46amxFvNm-mg5wWs4NvUp62sFo8UXlLR3L8SrEXYMVsx

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 04:40:31 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3261622
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 84D6 12 KB
6 KB 116ms
44ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:31 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 24 Oct 2024 04:40:31 GMT

GET
H3 200 EHo6i7O_0JOvtrr8dxlkDoYuw_rm2628d10tqmkoAl4.js Show response
pagead2.googlesyndication.com/bg/ Frame BDE1 38 KB
15 KB 65ms
63ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EHo6i7O_0JOvtrr8dxlkDoYuw_rm2628d10tqmkoAl4.js

Requested by

Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

107a3a8bb3bfd093afb6bafc7719640e862ec3fae6dbadbc775d2daa6928025e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 20:46:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28414
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15078
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 28 Oct 2024 20:46:57 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 84D6 8 KB
8 KB 547ms
63ms Image
image/png 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?h=96&m=0&partner=102266&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F102266%2F4793735%2Ff9c2d9664fcd442e8122c7b802ba1714_logo_-_boston_brain_science.png&v=3&w=596&rid=4&s=PKl6cRhZtkaHnuOXPX-NdRgn

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

f6c9a46cfe68406c6d8b533f550cb1ab68497be16c40fb27e86315b0a41b98db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:31 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 8223
expires: Wed, 02 Oct 2024 03:57:53 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 84D6 0
128 B 580ms
53ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=miEPp9rpaAmst3o-X0ivC72TyeeLMJRpTI_Qh_J6efeOzcps0V5a8jey3ZaUUyy2ToZzWUttwKYsZQRwITh7_6aHtcgsPqXt1Q3gOelu2niwg27Ux3q7D1itMNWcYJFsvrGV3Zw2_ae_24lCOw6zi0diZOxQYi8vj4BhxDH724BxGulfR0BcOkaCum9lVNHaMf0rYCP8BLdSTibUOBwY7Px9vOPdMbl16e9RbFohqMZEfna6Ikd0svJW8sNJBuR2F7Ad1A&sds=2&rev=89054&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 30 Oct 2023 04:40:31 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 84D6 2 KB
1 KB 63ms
61ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:31 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 24 Oct 2024 04:40:31 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 84D6 2 KB
1 KB 67ms
65ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:31 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 24 Oct 2024 04:40:31 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 02C2 143 B
166 B 54ms
50ms Document
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3907260628152818&output=html&h=90&adk=3921313794&adf=1937372392&pi=t.aa~a.2849377179~rp.4&w=1180&fwrn=1&fwrnh=100&lmt=1698676241&rafmt=1&to=qs&pwprc=3889220726&format=1180x90&url=https%3A%2F%2Fwww.freedidi.com%2F9982.html&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698640830539&bpp=1&bdt=1933&idt=-M&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd3fa451c4fe5cdaf%3AT%3D1698640829%3ART%3D1698640829%3AS%3DALNI_Ma_akyAxRRC9UvrsKGpW1OGmF6A9Q&gpic=UID%3D00000d9d9821ad12%3AT%3D1698640829%3ART%3D1698640829%3AS%3DALNI_MaPTj_E25uDkk2ACeGpVkCgNw4YWg&prev_fmts=0x0%2C1180x590%2C220x600%2C1200x280%2C300x240&nras=3&correlator=1881258287801&frm=20&pv=1&ga_vid=1487215949.1698640830&ga_sid=1698640830&ga_hid=5260425&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=100&ady=2254&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079083%2C44805931%2C44806738%2C31078301&oid=2&pvsid=811607028370533&tmod=2078831252&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=UDfxRXMur8&p=https%3A//www.freedidi.com&dtd=115
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 568
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 30 Oct 2023 04:31:03 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2369 1 KB
643 B 52ms
51ms Document
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 15232
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 30 Oct 2023 00:26:39 GMT
etag: 48472445140208031
expires: Tue, 31 Oct 2023 00:26:39 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

c.gif
www.bing.com/aes/ Frame 5232
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=77393372-8b51-4770-81ca-21369c66b783&bidId=15000&bidderId=4&cmExpId=V7&oAdUnit=391466&publisherId=162645330&rId=364d434c-9f90-4119-...
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=95a8b4effae249a99889246c8873595a&tids=15000&med=10

0
260 B

79ms
77ms

Image
text/plain

2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=95a8b4effae249a99889246c8873595a&tids=15000&med=10
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: H2
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 04:40:31 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0ECE8BF89239439E9A7569A5AF7EB0BB Ref B: EWR311000101025 Ref C: 2023-10-30T04:40:32Z
vary: Origin
x-cache: CONFIG_NOCACHE
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Mon, 30 Oct 2023 04:40:31 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B5A77287562F4B759AB96A18D9C8544E Ref B: EWR311000101025 Ref C: 2023-10-30T04:40:31Z
vary: Origin
x-cache: CONFIG_NOCACHE
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=95a8b4effae249a99889246c8873595a&tids=15000&med=10
cache-control: no-cache, no-store, must-revalidate
content-length: 146
expires: 0

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 62ms
61ms Image
image/gif 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=7.00037306992925

Requested by

Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-urjNAfxtefRedv_n5OGBrg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:31 GMT
content-security-policy: script-src 'report-sample' 'nonce-urjNAfxtefRedv_n5OGBrg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 76ms
75ms Image
image/gif 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=10.748653471712913

Requested by

Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ms_6siWxjald-_foj4OLAg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:31 GMT
content-security-policy: script-src 'report-sample' 'nonce-ms_6siWxjald-_foj4OLAg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame DD84 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05109b4c273a5b2f4a82ab1ec1af0d8b1d82288aed72f3ca1be4a1d76e8772fe

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 2369 35 B
464 B 203ms
57ms Image
image/gif 2620:116:800b:21:1456:d0e1:7db4:a56b
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDuej10hQ1qAU7aYt4CDRIw&google_cver=1&google_push=AXcoOmQEzqFdmelL7Wf9mCa0P0ZDT7qVUyzumRF1BLBeK06gYaJQTa7JYzHoUDVEBG7jXmYkM8TVJqAMp1CrqVDAmXPWm6yVIaz1dLk

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800b:21:1456:d0e1:7db4:a56b , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 04:40:32 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2369
Redirect Chain

https://aep.mxptint.net/sn.ashx?google_gid=CAESEEjKOv6C2oRRtGVw8EuUEV0&google_cver=1&google_push=AXcoOmQPJx3RhPctl-2JjUuFgDP7T9I5YD4KlM9MlK_z52nR0ubpwoMVqUUT9-I04j-4DQw3NMmn1swioDbZXsbRaiopERKGbGsHBw
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmQPJx3RhPctl-2JjUuFgDP7T9I5YD4KlM9MlK_z52nR0ubpwoMVqUUT9-I04j-4DQw3NMmn1swioDbZXsbRaiopERKGbGsHBw&google_hm=UjMzNjQ1XzEwQj...

170 B
188 B

71ms
67ms

Image
image/png

142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmQPJx3RhPctl-2JjUuFgDP7T9I5YD4KlM9MlK_z52nR0ubpwoMVqUUT9-I04j-4DQw3NMmn1swioDbZXsbRaiopERKGbGsHBw&google_hm=UjMzNjQ1XzEwQjU4NEFEOV9DNzUxNTQ1OA%3D%3D

Requested by

Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html

Protocol

Server

142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 04:40:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmQPJx3RhPctl-2JjUuFgDP7T9I5YD4KlM9MlK_z52nR0ubpwoMVqUUT9-I04j-4DQw3NMmn1swioDbZXsbRaiopERKGbGsHBw&google_hm=UjMzNjQ1XzEwQjU4NEFEOV9DNzUxNTQ1OA%3D%3D
Date: Mon, 30 Oct 2023 04:40:31 GMT
Cache-Control: private
Strict-Transport-Security: max-age=-381645632; includeSubDomains
P3P: CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE", CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length: 348
Content-Type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2369
Redirect Chain

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEGSjfDhvX-r3L7Tp8Axbxe4&google_cver=1&google_push=AXcoOmRJpbCreZedE2yl3ecJahwArRSHjblLZdc0rVDsJvxVD_I78MJsJeKYiAOd3q-3b8TM9t7B-2bbUgPQnEJHLi...
https://match.adsrvr.org/track/cmb/google?google_gid=CAESEGSjfDhvX-r3L7Tp8Axbxe4&google_cver=1&google_push=AXcoOmRJpbCreZedE2yl3ecJahwArRSHjblLZdc0rVDsJvxVD_I78MJsJeKYiAOd3q-3b8TM9t7B-2bbUgPQnEJHLi...
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZDgwMTg0OGQtNjcxYS00M2UzLTk1MWEtYjEzNDdlMjBkZGIy&google_push&gdpr=0&gdpr_consent=&ttd_tdid=d801848d-671a-43e3-951a-b1347e20ddb2

170 B
188 B

71ms
69ms

Image
image/png

142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZDgwMTg0OGQtNjcxYS00M2UzLTk1MWEtYjEzNDdlMjBkZGIy&google_push&gdpr=0&gdpr_consent=&ttd_tdid=d801848d-671a-43e3-951a-b1347e20ddb2

Requested by

Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html

Protocol

Server

142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 04:40:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZDgwMTg0OGQtNjcxYS00M2UzLTk1MWEtYjEzNDdlMjBkZGIy&google_push&gdpr=0&gdpr_consent=&ttd_tdid=d801848d-671a-43e3-951a-b1347e20ddb2
date: Mon, 30 Oct 2023 04:40:32 GMT
server: Kestrel
content-length: 423

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2369
Redirect Chain

https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESENW8qnT0ma2V0ckMfbrH_ZU&google_cver=...
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YjVkZmFiMzgtMDgxMS00NTQ4LWI0ZGItNDk1OTIwNGI0ZWQ4&google_gid=CAESENW8qnT0ma2V0ckMfbrH_ZU&google_cver=1&google_push=AXcoOmRa...

170 B
188 B

75ms
72ms

Image
image/png

142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YjVkZmFiMzgtMDgxMS00NTQ4LWI0ZGItNDk1OTIwNGI0ZWQ4&google_gid=CAESENW8qnT0ma2V0ckMfbrH_ZU&google_cver=1&google_push=AXcoOmRaUbM5LLRK9789FQbk8aLkSadTb6bf347FRg38Iv1sP4b34avveLr8YgatkHLDmnA_UNzaXCKxkIma8Q_7Qd9quc2XZaY6bDA

Requested by

Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html

Protocol

Server

142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 04:40:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YjVkZmFiMzgtMDgxMS00NTQ4LWI0ZGItNDk1OTIwNGI0ZWQ4&google_gid=CAESENW8qnT0ma2V0ckMfbrH_ZU&google_cver=1&google_push=AXcoOmRaUbM5LLRK9789FQbk8aLkSadTb6bf347FRg38Iv1sP4b34avveLr8YgatkHLDmnA_UNzaXCKxkIma8Q_7Qd9quc2XZaY6bDA
date: Mon, 30 Oct 2023 04:40:32 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2369
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESELE_wM2S6DPSJI38KWv7VFQ&google_cver=1&google_push=AXcoOmR1dENnm0tGy1XmLM_6h4rQeHPRu_jtfOgl1qW07d3zadCKHR3AQs7XAjHKRgNeJ2tyolWf8UZEHYsI...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi37iJf4TwgInJj5f5B52RH_GVGJ4HQJdag&google_push=AXcoOmR1dENnm0tGy1XmLM_6h4rQeHPRu_jtfOgl1qW07d3zadCKHR3AQs7XAjHKRgNeJ2tyolWf8UZEHY...

170 B
188 B

82ms
81ms

Image
image/png

142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi37iJf4TwgInJj5f5B52RH_GVGJ4HQJdag&google_push=AXcoOmR1dENnm0tGy1XmLM_6h4rQeHPRu_jtfOgl1qW07d3zadCKHR3AQs7XAjHKRgNeJ2tyolWf8UZEHYsIAYwcpC4Av8vwRrfXE-A

Requested by

Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html

Protocol

Server

142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 04:40:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi37iJf4TwgInJj5f5B52RH_GVGJ4HQJdag&google_push=AXcoOmR1dENnm0tGy1XmLM_6h4rQeHPRu_jtfOgl1qW07d3zadCKHR3AQs7XAjHKRgNeJ2tyolWf8UZEHYsIAYwcpC4Av8vwRrfXE-A
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2369
Redirect Chain

https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESEM53L-zbYSEYFv-fS8dR5OA&google_cver=1&google_push=AXcoOmTYJ6wnY0tju26r9SyDo1c4Xw6CdDEKaOiQAolMTl3_LBTrgaOUWxYNFMad0-1mz8c3sjAVE3yt25aqTmk...
https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=MBLjUHie_Ue0H6K4BdzWsg&google_push=AXcoOmTYJ6wnY0tju26r9SyDo1c4Xw6CdDEKaOiQAolMTl3_LBTrgaOUWxYNFMad0-1mz8c3sjAVE3yt25aqTmk8vJqaHP9jO...

170 B
188 B

60ms
59ms

Image
image/png

142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=MBLjUHie_Ue0H6K4BdzWsg&google_push=AXcoOmTYJ6wnY0tju26r9SyDo1c4Xw6CdDEKaOiQAolMTl3_LBTrgaOUWxYNFMad0-1mz8c3sjAVE3yt25aqTmk8vJqaHP9jO3TnfmKb

Protocol

Server

142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 04:40:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=MBLjUHie_Ue0H6K4BdzWsg&google_push=AXcoOmTYJ6wnY0tju26r9SyDo1c4Xw6CdDEKaOiQAolMTl3_LBTrgaOUWxYNFMad0-1mz8c3sjAVE3yt25aqTmk8vJqaHP9jO3TnfmKb
Date: Mon, 30 Oct 2023 04:40:33 GMT
Server: Kestrel
Connection: keep-alive
Content-Length: 0

GET
H2

200

report
sync.teads.tv/um/ Frame 2369
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEEES68UaCg_y...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=YTQ3ODFjMmMtZDA1ZC00MjJkLTk1YjEtYTk5ZmExMDkyMzFh&google_push=AXcoOmSDY9DWOptCKwVmPL6CT28TP3I5j7vqSAa8y_5Y2MmWhOjXC-4lMURi8I_vl5YAc...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

92ms
91ms

Image
image/gif

69.192.109.215
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 69.192.109.215 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-109-215.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Mon, 30 Oct 2023 04:40:32 GMT
pragma: no-cache
date: Mon, 30 Oct 2023 04:40:32 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 30 Oct 2023 04:40:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 2369 0
12 B 50ms
49ms Image
text/html 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ij5YjCTg0qIhMi8uG2no5zWwfa-ZJkyEoatFZPWXCSUGb422ktWZYXRrB_FFwOD3qRnPQlQrs

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:32 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame DD84
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CWJ6dvjM_ZeTYKt6BvPIPiJmUwAfP35zmc67J94viEdjxy_-kFBABIOHv_nhgye6Oi8CkjBCgAd3d_qAqyAEBqAMByAPDBKoE6gFP0E5agrBYccy50A6BKHbXQzQrtEt39hyjQ2gFfO8K0P_...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9444ce7b8b8ea4cf0000000000000000%22,%222%22:%220x101a0ca59ea9e0f90000000000000000%22,%223%22:%220xd305ce...

0
0

278ms
72ms

Fetch
text/css

142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9444ce7b8b8ea4cf0000000000000000%22,%222%22:%220x101a0ca59ea9e0f90000000000000000%22,%223%22:%220xd305ce15dfaff7d20000000000000000%22,%224%22:%220x6fefab11c17100a90000000000000000%22,%225%22:%220x4bc2c014231acfdc0000000000000000%22},%22debug_key%22:%227824100457745787964%22,%22debug_reporting%22:true,%22destination%22:%22https://xvxvsan.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211343474397%22],%224%22:[%2210-30%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210337435186575109553%22}&andc=true

Requested by

Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html

Protocol

Server

142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:32 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x9444ce7b8b8ea4cf0000000000000000","2":"0x101a0ca59ea9e0f90000000000000000","3":"0xd305ce15dfaff7d20000000000000000","4":"0x6fefab11c17100a90000000000000000","5":"0x4bc2c014231acfdc0000000000000000"},"debug_key":"7824100457745787964","debug_reporting":true,"destination":"https://xvxvsan.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11343474397"],"4":["10-30"],"6":["true"]},"priority":"500","source_event_id":"10337435186575109553"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 30 Oct 2023 04:40:32 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 30 Oct 2023 04:40:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x9444ce7b8b8ea4cf0000000000000000","2":"0x101a0ca59ea9e0f90000000000000000","3":"0xd305ce15dfaff7d20000000000000000","4":"0x6fefab11c17100a90000000000000000","5":"0x4bc2c014231acfdc0000000000000000"},"debug_key":"7824100457745787964","debug_reporting":true,"destination":"https://xvxvsan.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11343474397"],"4":["10-30"],"6":["true"]},"priority":"500","source_event_id":"10337435186575109553"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 02C2
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

71ms
68ms

Document
text/html

2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 30 Oct 2023 04:40:32 GMT
expires: Mon, 30 Oct 2023 04:40:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 30 Oct 2023 04:40:32 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 EHo6i7O_0JOvtrr8dxlkDoYuw_rm2628d10tqmkoAl4.js Show response
pagead2.googlesyndication.com/bg/ Frame A48E 38 KB
15 KB 42ms
41ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EHo6i7O_0JOvtrr8dxlkDoYuw_rm2628d10tqmkoAl4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

107a3a8bb3bfd093afb6bafc7719640e862ec3fae6dbadbc775d2daa6928025e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 20:46:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28415
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15078
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 28 Oct 2024 20:46:57 GMT

POST
H3 204 AGSKWxV2hzsO0ozxInwMIYWkmDq5V56pLlVBX88j4oekGs9A_VNqKseanFGBqw963Siqqe0yTpVhDky6gr9Tqk1SZqBG3Fh3mw8LU2PBM06tBIDNoE79kbjf1P9wd3P4bi3hfQu1O_GC_Q== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 191ms
69ms XHR
text/html 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV2hzsO0ozxInwMIYWkmDq5V56pLlVBX88j4oekGs9A_VNqKseanFGBqw963Siqqe0yTpVhDky6gr9Tqk1SZqBG3Fh3mw8LU2PBM06tBIDNoE79kbjf1P9wd3P4bi3hfQu1O_GC_Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-bQNqayxcSal8qMcY_QYQMQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.freedidi.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 30 Oct 2023 04:40:32 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-bQNqayxcSal8qMcY_QYQMQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.freedidi.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 205ms
71ms Preflight
text/html 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 30 Oct 2023 04:40:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5232 42 B
174 B 82ms
72ms Fetch
image/gif 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvRQ8NSLSDhGAOwWIfU2vOwFDDscWRDE3mRK8EKV530ZwbOfIW3CMKBbaZPic5tCQ0a2Y9FDNzhQHJSNKqP_09GRSMA__K2rb0PMLcc&sig=Cg0ArKJSzIUDb_E24YgeEAE&id=lidar2&mcvt=1033&p=0,0,600,160&mtos=1033,1033,1033,1033,1033&tos=1033,0,0,0,0&v=20231025&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1871830121&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698640830322&rpt=734&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 04:40:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 vevent
nym1-ib.adnxs.com/ Frame 5232 0
554 B 99ms
92ms Ping
text/html 68.67.160.137
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.freedidi.com%2F9982.html&e=wqT_3QKnB-inAwAAAwDWAAUBCL3n_KkGEIeUiqGd9a_mVBgAKjYJ0ENwE8bzoD8RvWoYnZRxoD8ZAAAAgOtR8D8hvQ0SACkRJNAxAAAAIIXrsT8w2_imAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR4ysoFgAEBigEDVVNEkgUG8PWYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCImh0dHBzOi8vd3d3LmZyZWVkaWRpLmNvbS85OTgyLmh0bWyAAwCIAwGQAwCYAwmgAwGqA6wDCsICaHR0cHM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9MzY0ZDQzNGMtOWY5MC00MTE5LTkyNjQtY2QwYzAwZTgwNWFkJmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1WNyZvQWRVbmkVWxxwdWJsaXNoZQEoJDE2MjY0NTMzMCYBDgQzNopwALhydHlwZT1udXJsJnRhZ0lkPTY5Mjk0OTkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YjYZAPDQX3B5dnB4cGJhc3Zlem5ndmJhJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTNjExMDQ2OTUzMDU2NDMzMjAzOSIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpOemcwTURreE1qYzVOVGcwTnpnak1qTXpNREl3T0Rjek5qa3hPRGczTkE9PcAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLpBd1iIBQGYBQCgBbGBsayX7ouFXsAFAMkFAAUBFPA_0gUJCQULQAAAANgFAeAFAfAFvuMB-gUEAVwokAYAmAYAuAYAwQYBITQAAPA_0AbCjQTaBhYKEAkSGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAfKygXSBw0VZQEmCNoHBgFetBgA4AcA6gcCCADwB42FhwOKCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=8e415fde3fbe16ac7f851f3631ed7cdab89e4f61&type=pv&jm=1003&px=30&py=0&bw=160&bh=160&sf=1&sid=2455652621327295147&vd=ct~0|rr~5&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.137 Fairfield, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 04:40:32 GMT
an-x-request-uuid: d4ca470a-e65a-4d83-885e-f93558f20e84
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 96.9.246.195; 96.9.246.195; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 83ms
82ms XHR
application/json 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231025&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6abd0b83d9a0af9389df5a018837397504b0d9e968a7e0c9eccbdf1c0f75594e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12231
x-xss-protection: 0

POST
H3 204 rum Show response
www.freedidi.com/cdn-cgi/ 0
142 B 83ms
60ms XHR
text/plain 2606:4700:20::ac43:4be2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.freedidi.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4be2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.freedidi.com/9982.html
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
content-type: application/json

Response headers

date: Mon, 30 Oct 2023 04:40:32 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.freedidi.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 81e0fb11fd034bcd-BUF

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 82ms
82ms Script
text/javascript 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 30 Oct 2023 04:40:32 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6D77 13 KB
5 KB 59ms
54ms Document
text/html 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.freedidi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 1722
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 30 Oct 2023 04:11:50 GMT
expires: Tue, 29 Oct 2024 04:11:50 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A105 829 B
560 B 76ms
74ms Document
text/html 2607:f8b0:4006:821::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3dce8644a63c0632c209ba4ad92fb8600c116c9dd995e9710ade49c29d663d18

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Ya2u5WLlW7C8GQxsbL5lHA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.freedidi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Ya2u5WLlW7C8GQxsbL5lHA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 30 Oct 2023 04:40:32 GMT
expires: Mon, 30 Oct 2023 04:40:32 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A105 0
0 64ms
63ms Image
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231025&jk=811607028370533&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame 6D77 38 KB
15 KB 43ms
42ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 01:26:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11628
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 29 Oct 2024 01:26:44 GMT

GET
H3 200 ads.asp Show response
fundingchoicesmessages.google.com/f/AGSKWxU-2YDvOhcpJQRKnS2LH5BDi-uD50lW_VR5S79Lx3EBKn9KugKwj91w5P-M_5YqLn3NEAieSFPXPcT-9yMuG3oU_veqyOk713yv1wCOtNNntTDbNDeid17sCidDhVGk6Bi5hmvrwBoYrAqrGINDzPArXgifN... 54 B
109 B 67ms
65ms Script
application/javascript 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxU-2YDvOhcpJQRKnS2LH5BDi-uD50lW_VR5S79Lx3EBKn9KugKwj91w5P-M_5YqLn3NEAieSFPXPcT-9yMuG3oU_veqyOk713yv1wCOtNNntTDbNDeid17sCidDhVGk6Bi5hmvrwBoYrAqrGINDzPArXgifNozPx4b4lA97pZU7PSIenYMLM6yBPSnR/_/ads.asp?&video_ads_/nb/avanti./vert_ad./adnow-

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.lxJYWa8TJIo.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwryr7cjqO_6tKsVk9VNlc2UqQw_w/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

675ef7de6f5ed2aeffae3ef06edb98d64760ff4ca5d383ab99ef06e4bbdd3744

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TKcHlWpE08Yo1AA6rnVcZw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:32 GMT
content-security-policy: script-src 'report-sample' 'nonce-TKcHlWpE08Yo1AA6rnVcZw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 lidar.js Show response
pagead2.googlesyndication.com/pagead/js/ 83 KB
30 KB 47ms
45ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ddeff58be43487e7a1f37342ec1694791ac54a1bc3c5d09d24a918cf7ffc882

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:34:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 379
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30417
x-xss-protection: 0
server: cafe
etag: 13571002494190059452
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Mon, 30 Oct 2023 05:34:13 GMT

POST
H3 204 AGSKWxV2hzsO0ozxInwMIYWkmDq5V56pLlVBX88j4oekGs9A_VNqKseanFGBqw963Siqqe0yTpVhDky6gr9Tqk1SZqBG3Fh3mw8LU2PBM06tBIDNoE79kbjf1P9wd3P4bi3hfQu1O_GC_Q== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 68ms
68ms XHR
text/html 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV2hzsO0ozxInwMIYWkmDq5V56pLlVBX88j4oekGs9A_VNqKseanFGBqw963Siqqe0yTpVhDky6gr9Tqk1SZqBG3Fh3mw8LU2PBM06tBIDNoE79kbjf1P9wd3P4bi3hfQu1O_GC_Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cmcbFsaDZFC_-0qAaBgZ5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.freedidi.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 30 Oct 2023 04:40:32 GMT
content-security-policy: script-src 'report-sample' 'nonce-cmcbFsaDZFC_-0qAaBgZ5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.freedidi.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxV2hzsO0ozxInwMIYWkmDq5V56pLlVBX88j4oekGs9A_VNqKseanFGBqw963Siqqe0yTpVhDky6gr9Tqk1SZqBG3Fh3mw8LU2PBM06tBIDNoE79kbjf1P9wd3P4bi3hfQu1O_GC_Q== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 69ms
67ms XHR
text/html 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV2hzsO0ozxInwMIYWkmDq5V56pLlVBX88j4oekGs9A_VNqKseanFGBqw963Siqqe0yTpVhDky6gr9Tqk1SZqBG3Fh3mw8LU2PBM06tBIDNoE79kbjf1P9wd3P4bi3hfQu1O_GC_Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-0cGSI92AbLd8tjR1Hxt1tQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.freedidi.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 30 Oct 2023 04:40:32 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-0cGSI92AbLd8tjR1Hxt1tQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.freedidi.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxV2hzsO0ozxInwMIYWkmDq5V56pLlVBX88j4oekGs9A_VNqKseanFGBqw963Siqqe0yTpVhDky6gr9Tqk1SZqBG3Fh3mw8LU2PBM06tBIDNoE79kbjf1P9wd3P4bi3hfQu1O_GC_Q== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 154ms
153ms XHR
text/html 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV2hzsO0ozxInwMIYWkmDq5V56pLlVBX88j4oekGs9A_VNqKseanFGBqw963Siqqe0yTpVhDky6gr9Tqk1SZqBG3Fh3mw8LU2PBM06tBIDNoE79kbjf1P9wd3P4bi3hfQu1O_GC_Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-KtQISdSLXuTbw7k6iAHCRw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.freedidi.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 30 Oct 2023 04:40:32 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-KtQISdSLXuTbw7k6iAHCRw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.freedidi.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxV2hzsO0ozxInwMIYWkmDq5V56pLlVBX88j4oekGs9A_VNqKseanFGBqw963Siqqe0yTpVhDky6gr9Tqk1SZqBG3Fh3mw8LU2PBM06tBIDNoE79kbjf1P9wd3P4bi3hfQu1O_GC_Q== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 157ms
156ms XHR
text/html 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV2hzsO0ozxInwMIYWkmDq5V56pLlVBX88j4oekGs9A_VNqKseanFGBqw963Siqqe0yTpVhDky6gr9Tqk1SZqBG3Fh3mw8LU2PBM06tBIDNoE79kbjf1P9wd3P4bi3hfQu1O_GC_Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-FTrQ31pEz8cZyenl9MNawQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.freedidi.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 30 Oct 2023 04:40:32 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-FTrQ31pEz8cZyenl9MNawQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.freedidi.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWdJSBQc_EVyYevYgc8Zay8EtOxcBHsstt2UXgyIgOyq9WffO82OI9xKl43RJ7ewMi5Xg_ScOxFQnp4XWDr1TGItvGxgh06H_6WVyS6X8s0W8wW86F4KDYA2qggvjR38MqHo9j5BQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 84ms
83ms Script
application/javascript 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWdJSBQc_EVyYevYgc8Zay8EtOxcBHsstt2UXgyIgOyq9WffO82OI9xKl43RJ7ewMi5Xg_ScOxFQnp4XWDr1TGItvGxgh06H_6WVyS6X8s0W8wW86F4KDYA2qggvjR38MqHo9j5BQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk4NjQwODMyLDc4MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3LmZyZWVkaWRpLmNvbS85OTgyLmh0bWwiLG51bGwsW1s4LCJseEpZV2E4VEpJbyJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d3ff625f1cf77b2fc73d6b692ecfe77b75ad622478826dffaa611ae7a72d8d57

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-R2K1eBLV9Pak9rNKRWsFcQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:32 GMT
content-security-policy: script-src 'report-sample' 'nonce-R2K1eBLV9Pak9rNKRWsFcQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6D77 0
10 B 48ms
47ms Image
text/plain 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?DIKdfg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:32 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 AGSKWxVMPDG3Qa2zbCBLsib85hUoAegVs2JSiPdsNpw-5HdHLjyJdDZpwdGKnuRtqmtkCGBMpRsh4xHZ078Nx4E-SXho4_M4oPOAS93xJO9rN9B_y22dGZEjMS8Q76iwclX6hLFbc-KFvw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 85ms
84ms Script
application/javascript 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVMPDG3Qa2zbCBLsib85hUoAegVs2JSiPdsNpw-5HdHLjyJdDZpwdGKnuRtqmtkCGBMpRsh4xHZ078Nx4E-SXho4_M4oPOAS93xJO9rN9B_y22dGZEjMS8Q76iwclX6hLFbc-KFvw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk4NjQwODMyLDg4NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cuZnJlZWRpZGkuY29tLzk5ODIuaHRtbCIsbnVsbCxbWzgsImx4SllXYThUSklvIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dc1ae28b57771ff8398b6b57c333ee7f617293176450c2377766a23b1e515cb0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-S-k1bOxNJy1rUdvMwYKGWQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 04:40:32 GMT
content-security-policy: script-src 'report-sample' 'nonce-S-k1bOxNJy1rUdvMwYKGWQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxU3brAtxdLEY5sI4MPoYqpGoERyDf2jnX6g3ay18_0nKWgMLQyxGgi7hV1OxAaW25HqCehf1Xc4n8eM7xMrmAH9rqG3q79TAcuiEcqMuY1OjDnhJ1b1mu8Mw09yzqx32Rjv2CZmdg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 75ms
75ms XHR
text/html 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU3brAtxdLEY5sI4MPoYqpGoERyDf2jnX6g3ay18_0nKWgMLQyxGgi7hV1OxAaW25HqCehf1Xc4n8eM7xMrmAH9rqG3q79TAcuiEcqMuY1OjDnhJ1b1mu8Mw09yzqx32Rjv2CZmdg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-5O2Xw3Wq8L8-l-lc8x9Ktg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.freedidi.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 30 Oct 2023 04:40:33 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-5O2Xw3Wq8L8-l-lc8x9Ktg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.freedidi.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxV2hzsO0ozxInwMIYWkmDq5V56pLlVBX88j4oekGs9A_VNqKseanFGBqw963Siqqe0yTpVhDky6gr9Tqk1SZqBG3Fh3mw8LU2PBM06tBIDNoE79kbjf1P9wd3P4bi3hfQu1O_GC_Q== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 87ms
86ms XHR
text/html 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV2hzsO0ozxInwMIYWkmDq5V56pLlVBX88j4oekGs9A_VNqKseanFGBqw963Siqqe0yTpVhDky6gr9Tqk1SZqBG3Fh3mw8LU2PBM06tBIDNoE79kbjf1P9wd3P4bi3hfQu1O_GC_Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-t81QG78sGcaG7X89iWzGfg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.freedidi.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 30 Oct 2023 04:40:33 GMT
content-security-policy: script-src 'report-sample' 'nonce-t81QG78sGcaG7X89iWzGfg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.freedidi.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 66ms
65ms Image
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231025&jk=811607028370533&bg=!UVKlUh3NAAbo5yKYyOc7ADQBe5WfOCnTTwjSOkgtzrI-_0-2PO4f46duyDsHxgp3pHdlhIN2X__kWTSkgR-wm1mCqSnMAgAAAMhSAAAAC2gBB5kCuvDfzd9FFl7Rv3obGGAnJFMx00BX25jqW2N7TQ5rK56uGzq6mD7Dce54qIsgZZZ_ZsF4Mh8Jb2SJ8sLM351HA4ynEoF0vaiQWIHWLNlV5EgyJV1AASlLaKkq7j0CP3w1fo3bNmdGJgLpN4674Se4hPDaolwsFG-K8ahhoH6B2jIOSxuQwSzOb9Ynx46D4W3UDLcMLan21IwCF0D2LbW8JIDXo6QdMcDM0pN536Vi3y-1zGZuOBSV_8LWT9rAtH0neXiH7A7PWlzVEvTv9_ZUBNtcrYbJG1kamDZFJ4SICv3Vfox9SsoseJc6azvSGIb0J3jhc4FVMexWvzcy_Qj7Flwtfq6G2Qs9Ekx-wB_P9AaGn4zw-IlxBDBuHcq2_R5tIeeoS56sOgfpJUOReyuqu0K6e4TsC7bqVTs6j9K4dM5Q1zjEjjxj5AEkS_TU-Rz7RTiPvfwUlVuwsQ6IcFOP_TSCA482ExF3eSGLCQQnRZhewM7unwu1ygK3lAkmOxC8Nspi-dWql5MLzn9NP7f9wVi-2_hsx3ATxErkDt9spv8INjMGzYENXVB82AVnTyZ1vpP2o7nJLYDmb1nQJlLg-iMW6HE4mqSqUEBUp65kauEcj__xnwa-urYFfTFJo42Jgp2zoTENl9jxdERq_l_itrxAeX5TxYRB94207jliEGKDEe3RNAkI_1ahmvE5vXMo-0_L4vjlM3sEJqEYl7Km5jNOc10mdOf8s8FOFkzNxNB_dvZHwB179QyjyjVjt_qkDqPuI7G8hehNoStc7hlL20m-ViE8sR1CWkTg0xlTAIBASBHW_r1AH-tAO39Pcqlp87U4g2Za5_F8Zby07KGLiOinTxyb9L7BYtzd_F3mm0y7RSz-2GINJzJHnwXtvSIzW8kpEQR_5oRrwb15HSbK9ctTlkfcBaAnrQwS
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

138 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.freedidi.com/	1970-01-21 00:36:16	Name: cf_clearance Value: HXV2UroWgYqJ8a.5HZecyBnm9GgD4syY1QSTwvgboIE-1698640829-0-1-a8e193de.7acdd14b.5bfad841-0.2.1698640829
.freedidi.com/	1970-01-21 01:12:16	Name: __gads Value: ID=d3fa451c4fe5cdaf:T=1698640829:RT=1698640829:S=ALNI_Ma_akyAxRRC9UvrsKGpW1OGmF6A9Q
.freedidi.com/	1970-01-21 01:12:16	Name: __gpi Value: UID=00000d9d9821ad12:T=1698640829:RT=1698640829:S=ALNI_MaPTj_E25uDkk2ACeGpVkCgNw4YWg
.bing.com/	1970-01-21 01:12:16	Name: MUID Value: 399EB820589F620E1EA0AB9A59F863BF
.doubleclick.net/	1970-01-21 01:26:40	Name: IDE Value: AHWqTUl0Uuo3H_PquuDPHp-_PbtZUqt17YW8YVG_J7ym0H0rhOLyQYRU75dODqBrgq0
.onetag-sys.com/	1970-01-21 01:20:27	Name: OTP Value: Zp4uRQm3HVf0IUlpNSXim8P6UX8sBDh67X0zJFLVEe8
.adform.net/	1970-01-20 16:35:19	Name: C Value: 1
.bidswitch.net/	1970-01-21 00:36:16	Name: tuuid Value: 7222d09c-6601-40c3-a442-e6ea4bbc5c7a
.bidswitch.net/	1970-01-21 00:36:16	Name: c Value: 1698640831
.bidswitch.net/	1970-01-21 00:36:16	Name: tuuid_lu Value: 1698640831
.mfadsrvr.com/	1970-01-21 01:26:40	Name: tuuid Value: c820322f-439c-4022-bddb-4b0c3ba34850
.mfadsrvr.com/	1970-01-21 01:26:40	Name: c Value: 1698640831
.mfadsrvr.com/	1970-01-21 01:26:40	Name: tuuid_lu Value: 1698640831
.adform.net/	1970-01-20 17:17:04	Name: uid Value: 9158685335210152755
.linkedin.com/	1970-01-21 00:36:16	Name: bcookie Value: "v=2&d8fcdb77-9dae-4d56-84fc-f2ff261dd61e"
.linkedin.com/	1970-01-20 15:52:07	Name: lidc Value: "b=OGST05:s=O:r=O:a=O:p=O:g=2872:u=1:x=1:i=1698640831:t=1698727231:v=2:sig=AQHVaoGR4whIjzL7cd23CviCIu7i5tD1"
.bidswitch.net/	1970-01-20 15:50:41	Name: google_push Value: AXcoOmRtmRaRAidqf-XWVFYNiiDUcF-UIf-UseGfLfIiCq38G88g6mCx4jGeD0hAJeA0R4-Xg6vpzxffWdeNmBZLEgFUNQGICU11_Zs
.mfadsrvr.com/	1970-01-21 01:26:40	Name: ssh Value: !google,1698640831
.tribalfusion.com/	1970-01-20 18:00:16	Name: ANON_ID Value: aQntmIo0P8fCmTN82fURD7ublZb73nUAGqRWAxu5J1JZby5d7k3UBcKZdXbuDtkZdZdZb3t9k8GqWFEZd4oTe0TJaA1PuGr
.yandex.ru/	1970-01-21 01:26:40	Name: yuidss Value: 3490047261698640831
.yandex.ru/	1970-01-21 01:26:40	Name: yandexuid Value: 3490047261698640831
.mxptint.net/	1970-01-21 01:26:40	Name: mxpim Value: R33645_10B584AD9_C7515458.1.653F33C0
.doubleclick.net/	1970-01-20 15:50:44	Name: DSID Value: NO_DATA
.inmobi.com/	1970-01-20 18:00:16	Name: idsp_c Value: b5dfab38-0811-4548-b4db-4959204b4ed8
.quantserve.com/	1970-01-20 18:00:16	Name: d Value: EBUBCQGnKoEA
.quantserve.com/	1970-01-21 01:20:55	Name: mc Value: 653f33c0-2295e-04a09-3d789
.adsrvr.org/	1970-01-21 00:37:43	Name: TDID Value: d801848d-671a-43e3-951a-b1347e20ddb2
.adsrvr.org/	1970-01-21 00:37:43	Name: TDCPM Value: CAESFQoGZ29vZ2xlEgsI-PD0oIzDrDwQBRgFIAEoAjILCNqKoM2iw6w8EAU4AQ..
.teads.tv/	1970-01-21 00:34:50	Name: tt_viewer Value: a4781c2c-d05d-422d-95b1-a99fa109231a
.googleadservices.com/	1970-01-20 18:00:16	Name: ar_debug Value: 1
.freedidi.com/	1970-01-21 00:36:16	Name: FCNEC Value: %5B%5B%22AKsRol_i5B7lGpDxhA-RNgebY87UNw9VE66j18I_zcpJATExD7GSoKx-tXPmw-8SGzySHE5pJmNItadDmzqbdkXXc9DaOY22nsds_ZRXT33fA6AfdTaxPRrv4hLI_hbJWlWQtetVDFJ6B06jN9dOwbBSUE5xNK3PGg%3D%3D%22%5D%2Cnull%2C%5B%5D%5D
beacon.lynx.cognitivlabs.com/	1970-01-21 00:37:43	Name: UID Value: 50e31230-9e78-47fd-b41f-a2b805dcd6b2
beacon.lynx.cognitivlabs.com/	1970-01-21 00:37:43	Name: ss Value: DRMYfdDWT4EfJxsbNJ9xlWLd%2B%2BJtFCpJFmY8dpdAtfx6vaq4P8d8jX2auT2R3xP00WC5lSnjlzuVJ8Cr43QtKg%3D%3D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3907260628152818&output=html&h=240&adk=160681226&adf=626423659&pi=t.aa~a.601257254~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1698676241&rafmt=1&to=qs&pwprc=3889220726&format=300x240&url=https%3A%2F%2Fwww.freedidi.com%2F9982.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698640830539&bpp=2&bdt=1933&idt=-M&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd3fa451c4fe5cdaf%3AT%3D1698640829%3ART%3D1698640829%3AS%3DALNI_Ma_akyAxRRC9UvrsKGpW1OGmF6A9Q&gpic=UID%3D00000d9d9821ad12%3AT%3D1698640829%3ART%3D1698640829%3AS%3DALNI_MaPTj_E25uDkk2ACeGpVkCgNw4YWg&prev_fmts=0x0%2C1180x590%2C220x600%2C1200x280&nras=2&correlator=1881258287801&frm=20&pv=1&ga_vid=1487215949.1698640830&ga_sid=1698640830&ga_hid=5260425&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1300&ady=1241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079083%2C44805931%2C44806738%2C31078301&oid=2&pvsid=811607028370533&tmod=2078831252&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=8fCMXJKRJe&p=https%3A//www.freedidi.com&dtd=104 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ads.us.criteo.com
adsdk.microsoft.com
aep.mxptint.net
an.yandex.ru
beacon.lynx.cognitivlabs.com
c1.adform.net
cat.va.us.criteo.com
cdn.adnxs.com
cm.g.doubleclick.net
cms.quantserve.com
csm.us.criteo.net
fonts.googleapis.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
imageproxy.us.criteo.net
match.adsrvr.org
mweb.ck.inmobi.com
nym1-ib.adnxs.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
px.ads.linkedin.com
rtb.mfadsrvr.com
rtb.va.us.criteo.com
s.tribalfusion.com
static.cloudflareinsights.com
static.criteo.net
sync.teads.tv
tpc.googlesyndication.com
www.ahwei.link
www.bing.com
www.freedidi.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
142.250.80.98
142.251.40.130
151.101.193.108
185.167.164.49
20.253.86.149
2606:4700:20::ac43:4be2
2606:4700::6810:3865
2606:4700::6812:18ad
2607:f8b0:4006:809::2002
2607:f8b0:4006:81c::2002
2607:f8b0:4006:81e::2001
2607:f8b0:4006:81f::2002
2607:f8b0:4006:81f::2003
2607:f8b0:4006:81f::200a
2607:f8b0:4006:821::2004
2607:f8b0:4006:821::200e
2607:f8b0:4006:824::2002
2620:100:a001::16
2620:100:a001::24
2620:100:a001::3
2620:100:a001::4
2620:100:a001::9
2620:116:800b:21:1456:d0e1:7db4:a56b
2620:1ec:21::14
2620:1ec:46::40
2620:1ec:c11::200
2a02:6b8::90
35.207.24.140
35.211.178.172
38.98.69.175
51.222.239.232
52.223.40.198
52.8.134.32
54.209.223.112
68.67.160.137
69.192.109.215
74.119.119.147
00c335013f551c680c2d5739500723763112e00726e4a47549340bf4c4a1029c
05109b4c273a5b2f4a82ab1ec1af0d8b1d82288aed72f3ca1be4a1d76e8772fe
0667e955cab54a1fb06cfc1746d31f4b4c5ec474132f2392e866eeea1869c767
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
107a3a8bb3bfd093afb6bafc7719640e862ec3fae6dbadbc775d2daa6928025e
169129c84912473c3eea8cb0783089f986648c26f879f25caf12b9933feedebe
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1c239d3332d7cc92d8e6de702fb8a0c8fbe17e3523aeacca4dccd4f173e524ee
1e0a52e09f6a82103811fb05011f1487605df55d406ecaad89c68999d67f8ae0
24d4f8c30eaea3c91a5d3dc3c7e11f250fcfe10c3a6032a7cafdb5bc5eb8648d
254d80a49d0c9fced2fd0c272e7b868ca726df8189dc9c5735c56a33e7853dfc
25bb559beb57a681fbcd6b749ea0c17ecf3939efc5127ac756520f819f0c8f9b
25d6bee48ef82593fff3bc5bc6cf36e846d360cfb03b42e719fafd162b1964c0
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2ddeff58be43487e7a1f37342ec1694791ac54a1bc3c5d09d24a918cf7ffc882
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2efbed0afcb9d97798cf316d96d42d7c84317de960c169d16dd1cc1caaa36841
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
367f7cd2ed1bcf9c7b834fbcb927beb7797b8df2a3af0ac292f5a79ca70ced95
3a53f3b9cb83b33a91e55e9dc5da305067c2b74a451fd3868a2d60130f3cd98d
3c7b3ed32991df7fecd94925de903446f7c1257bfeb042cb0b798749e242c559
3d23ca298db3f95b782d680f920e614f362fc682481f455f1c3bba726391de65
3d781e0160c61f9ce44d07d180ba766435fe73dd55a147fa61c83468fff0720e
3dce8644a63c0632c209ba4ad92fb8600c116c9dd995e9710ade49c29d663d18
3e6a2ea5a63ace75063df05001301b608015fbcea91d66f1277b3f592b9a1f7b
3f5676a86af87439536dd10d678b3d458eee7d107a4a9bb0bac62752cc738fb0
422e61275666552abcc42eaf72fc17f53c803e7c43bdf3e176d8b8a7f2e4d8b4
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9
4b101340991fbebde5f9270261516148091e118c9d5e61dc617c27718b74dee1
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d6f9711e0b89931512ec47583e3b7014826651e1b9bb706634a712a1106439f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170
4e6f3e8694e0c9576d8dd310a8368024a26b92824f7cc4cd95119c8da7e2debf
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
529d0a7b3944929222155bca3272ba1a87acc2faa09b2ed26a713872b7ff8794
53f59017c9bc83993ef4607dd4861a5a1a646865b98134fb2a0f9a701814faef
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56c403d2eb0951999e5a3b90338a97c71eee19956ea41892c167dd354247fd84
5a65b0ca177f1c0433c0ead611692521c23e6668846a2861fedc09ae11416ffc
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5e03df6d4818248cbb73588f67a3befd93d21a0f8e77be72b487e8a8823bd978
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6230d463437f9f212ff5a23e3242981dbb9a3d79711a688f1651d35d08990f0c
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
675ef7de6f5ed2aeffae3ef06edb98d64760ff4ca5d383ab99ef06e4bbdd3744
6a8718ec4fc1ef339030d872627f42a45383396f2c8fc59c73b0a3e14f0efc9b
6abd0b83d9a0af9389df5a018837397504b0d9e968a7e0c9eccbdf1c0f75594e
6c916669cf923b4f1b2db5c5107c83b6ca205e7ad0dcd840b251e63f0c8d28a2
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7b370cb5b3a98725db5d3a47c42e88c347085afb826f2953c980a28ac9b036de
83dc6ef4f31b6c14bc5b45de192a2e2e4e970082f505670064761ac8335487a2
8464af55c871646e4c6cf848f49995b1f087acc696a63a67960fc2f7d419c4e1
85e74cf367fdd70c3bdbb603df85574f4f7e9a99b6f77c3e0b4cee1c9fe5105c
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c29ff6cb8ebb7a83af704c02a235b37fd77ce8cc48d87aaef2bfd9727fbd166
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a78457d2528c37d136e8f3cc97ba68c415f15988003f44f90e96d6e8ca324ba5
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d
aa17c3cd738256e90153ff7fd5ecdcb4548d72456bfe9da8f3391adbf5cc3ed8
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
b076e86301cbee8c5c9aef51863a9c0a88e6f6d2aabdffca93e031113c6caa74
b3b8c21edfe6c5e402fdc607366fd8d15949a65914f58134733dc68922bc8d61
bcd1fc77d1d8787ac24a9383e483152dc4c59dbe2367e6081029b5158e44a065
c2f00a9792f87f27371d2bf31a78f39ed4d55299bbe648d970513a5af008020e
c666d170725ab7ab4aaf07a11fe1e6e929024dd097eac49ee5a9f1ca05855c7a
c76780f98809f611842235926f44c647630c533ddd2c18ed18a8bac22bc8cc63
cb750dcabacf05ae0a5f5c7b646d0eb42780c7ca37b8e9e35aa3ee06dde4873c
cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3
cf0d8bce42dd39f77a9c4cabc9272361c1677f608552392c6971202f2b73740c
d282f61d014f01b59f41f2a22f1f8d3ca0f8322de908fc12a0f34c712e3f20b3
d3ff625f1cf77b2fc73d6b692ecfe77b75ad622478826dffaa611ae7a72d8d57
d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731
d8d220e05d808490f633f7e817447e688d92f0b26ed225e0ef4531c19c24281c
dc1ae28b57771ff8398b6b57c333ee7f617293176450c2377766a23b1e515cb0
de54d20ec67beddd1b5050d80ea032494652596617c6d31f297028a7efdab7bc
e131a3038aeb6f724a2a491a22abcaf0baf8103c218591d58cc046601245cd92
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3fce66a162c7fd66dee98d207d21e8dfe8ebba44c5ca8bdf8f46dbe90ef5305
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6ae08d2d6850a6d65f89489bae1d78db1fbea66dc0556b3173ef425863c6c15
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f073a70b7047ab128b5263ff6a45ae1d1c2c04b85704fbfd5458c27a5068947d
f134232a9a19dd6ab40fd09f335cb368f4441e2573462dea23b6201274d0b70b
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6c9a46cfe68406c6d8b533f550cb1ab68497be16c40fb27e86315b0a41b98db
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

www.freedidi.com Open in urlscan Pro 2606:4700:20::ac43:4be2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

155 Requests

88 %HTTPS

59 %IPv6

28 Domains

38 Subdomains

28 IPs

4 Countries

1706 kBTransfer

4057 kBSize

33 Cookies

11 Outgoing links

Page URL History

Redirected requests

155 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.freedidi.com Open in urlscan Pro
2606:4700:20::ac43:4be2 Public Scan

Screenshot
Live screenshot

Full Image

155
Requests

88 %
HTTPS

59 %
IPv6

28
Domains

38
Subdomains

28
IPs

4
Countries

1706 kB
Transfer

4057 kB
Size

33
Cookies

155 HTTP transactions
3 data transactions