urlscan.io logo urlscan.io
SecurityTrails logo

freenom.link Open in urlscan Pro
199.59.243.200  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bit.ly/3sr6tqv
Effective URL: http://freenom.link/?k=80808080&_=1645473828
Submission: On February 21 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 8 domains to perform 15 HTTP transactions. The main IP is 199.59.243.200, located in United States and belongs to AMAZON-02, US. The main domain is freenom.link. The Cisco Umbrella rank of the primary domain is 175191.
This is the only time freenom.link was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.10 396982 (GOOGLE-PR...)
1 1 2600:9000:223... 16509 (AMAZON-02)
1 195.20.50.253 31624 (VFMNL-AS ...)
1 1 109.235.49.197 47869 (NETROUTIN...)
6 199.59.243.200 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:310... 13335 (CLOUDFLAR...)
15 5
1    67.199.248.10 (United States)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly
bit.ly
1    2600:9000:223d:6e00:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)
3aep3.app.link
1    195.20.50.253 (Netherlands)

ASN31624 (VFMNL-AS Amsterdam Location BGP Setup, NL)
ayana.darlynepearson.ga
1    109.235.49.197 (Netherlands)

ASN47869 (NETROUTING-AS, NL)
domain.dot.tk
6    199.59.243.200 (United States)

ASN16509 (AMAZON-02, US)
freenom.link
5    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
afs.googleusercontent.com
1    2606:4700:3108::ac42:28c7 (United States)

ASN13335 (CLOUDFLARENET, US)
parking.bodiscdn.com
Apex Domain
Subdomains		 Transfer
6 freenom.link
freenom.link — Cisco Umbrella Rank: 175191
26 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 2
104 KB
2 googleusercontent.com
afs.googleusercontent.com — Cisco Umbrella Rank: 11410
1 KB
1 bodiscdn.com
parking.bodiscdn.com — Cisco Umbrella Rank: 38924
3 KB
1 dot.tk
domain.dot.tk — Cisco Umbrella Rank: 231400
242 B
1 darlynepearson.ga
ayana.darlynepearson.ga
992 B
1 app.link
3aep3.app.link
596 B
1 bit.ly
bit.ly — Cisco Umbrella Rank: 4034
348 B
15 8
Domain Requested by
6 freenom.link ayana.darlynepearson.ga
freenom.link
5 www.google.com freenom.link
www.google.com
2 afs.googleusercontent.com www.google.com
1 parking.bodiscdn.com
1 domain.dot.tk 1 redirects
1 ayana.darlynepearson.ga
1 3aep3.app.link 1 redirects
1 bit.ly 1 redirects
15 8

This site contains no links.

Subject Issuer Validity Valid
www.google.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-26 -
2022-07-25		 a year crt.sh

This page contains 2 frames:

Primary Page: http://freenom.link/?k=80808080&_=1645473828
Frame ID: C3C57416B0C92FD1270B24DF485993E6
Requests: 11 HTTP requests in this frame

Frame: https://www.google.com/afs/ads?adtest=off&psid=9458580115&pcsa=false&channel=pid-bodis-gcontrol265%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol320%2Cpid-bodis-gcontrol152&client=dp-bodis31_3ph&r=m&hl=en&max_radlink_len=60&type=3&uiopt=false&swp=as-drid-2277932748432058&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17300842%2C17300919%2C17300922&format=r3&nocache=2821645474403666&num=0&output=afd_ads&domain_name=freenom.link&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1645474403667&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1584&psh=77&frm=0&uio=-&cont=rs&inames=master-1&jsid=caf&jsv=17553&rurl=http%3A%2F%2Ffreenom.link%2F%3Fk%3D80808080%26_%3D1645473828&referer=http%3A%2F%2Fayana.darlynepearson.ga%2F
Frame ID: E80F87180C51887076E9722DB4474186
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Freenom.link

Page URL History Show full URLs

  1. http://bit.ly/3sr6tqv HTTP 301
    https://3aep3.app.link/cFGVWbbkMib HTTP 307
    http://ayana.darlynepearson.ga/bEs1SnksREVFLVBPTlRFTlVNVU0sMTYyOTE0OTI4Myws?_branch_match_id=10244007702496... Page URL
  2. http://domain.dot.tk/p/?d=DARLYNEPEARSON.GA&i=193.27.14.39&c=0&ro=0&ref=unknown&_=1645474402982 HTTP 301
    http://freenom.link/?k=80808080&_=1645473828 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

15
Requests

53 %
HTTPS

50 %
IPv6

8
Domains

8
Subdomains

5
IPs

3
Countries

135 kB
Transfer

354 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bit.ly/3sr6tqv HTTP 301
    https://3aep3.app.link/cFGVWbbkMib HTTP 307
    http://ayana.darlynepearson.ga/bEs1SnksREVFLVBPTlRFTlVNVU0sMTYyOTE0OTI4Myws?_branch_match_id=1024400770249679302&utm_source=facebook&utm_campaign=facebook&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXN05MLTDWSywo0MvJzMvWT3ZzDwtPSsr2zUwCAOMBlSIiAAAA Page URL
  2. http://domain.dot.tk/p/?d=DARLYNEPEARSON.GA&i=193.27.14.39&c=0&ro=0&ref=unknown&_=1645474402982 HTTP 301
    http://freenom.link/?k=80808080&_=1645473828 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://bit.ly/3sr6tqv HTTP 301
  • https://3aep3.app.link/cFGVWbbkMib HTTP 307
  • http://ayana.darlynepearson.ga/bEs1SnksREVFLVBPTlRFTlVNVU0sMTYyOTE0OTI4Myws?_branch_match_id=1024400770249679302&utm_source=facebook&utm_campaign=facebook&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXN05MLTDWSywo0MvJzMvWT3ZzDwtPSsr2zUwCAOMBlSIiAAAA

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
bEs1SnksREVFLVBPTlRFTlVNVU0sMTYyOTE0OTI4Myws
ayana.darlynepearson.ga/
Redirect Chain
  • http://bit.ly/3sr6tqv
  • https://3aep3.app.link/cFGVWbbkMib
  • http://ayana.darlynepearson.ga/bEs1SnksREVFLVBPTlRFTlVNVU0sMTYyOTE0OTI4Myws?_branch_match_id=1024400770249679302&utm_source=facebook&utm_campaign=facebook&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXN...
655 B
992 B 		Document
General
Check archive.org
Download Go to
Full URL
http://ayana.darlynepearson.ga/bEs1SnksREVFLVBPTlRFTlVNVU0sMTYyOTE0OTI4Myws?_branch_match_id=1024400770249679302&utm_source=facebook&utm_campaign=facebook&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXN05MLTDWSywo0MvJzMvWT3ZzDwtPSsr2zUwCAOMBlSIiAAAA
Protocol
HTTP/1.1
Server
195.20.50.253 , Netherlands, ASN31624 (VFMNL-AS Amsterdam Location BGP Setup, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx
Date
Mon, 21 Feb 2022 20:13:24 GMT
Content-Type
text/html;charset=UTF-8
Content-Length
655
Connection
keep-alive
Cache-Control
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
X-Server
ip-172-30-1-31

Redirect headers

location
http://ayana.darlynepearson.ga/bEs1SnksREVFLVBPTlRFTlVNVU0sMTYyOTE0OTI4Myws?_branch_match_id=1024400770249679302&utm_source=facebook&utm_campaign=facebook&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXN05MLTDWSywo0MvJzMvWT3ZzDwtPSsr2zUwCAOMBlSIiAAAA
server
openresty
date
Mon, 21 Feb 2022 20:13:22 GMT
x-powered-by
Express
last-modified
Mon, 21 Feb 2022 20:13:22 GMT
x-cache
Miss from cloudfront
via
1.1 9e1b24b39ac8b669f996f1e7907eb696.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
WAyINopQBcwcM_QMgbJXb_q-81RpcVlKCXv0B3tQdYcSe7MOPyXnwQ==
Primary Request /
freenom.link/
Redirect Chain
  • http://domain.dot.tk/p/?d=DARLYNEPEARSON.GA&i=193.27.14.39&c=0&ro=0&ref=unknown&_=1645474402982
  • http://freenom.link/?k=80808080&_=1645473828
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://freenom.link/?k=80808080&_=1645473828
Requested by
Host: ayana.darlynepearson.ga
URL: http://ayana.darlynepearson.ga/bEs1SnksREVFLVBPTlRFTlVNVU0sMTYyOTE0OTI4Myws?_branch_match_id=1024400770249679302&utm_source=facebook&utm_campaign=facebook&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXN05MLTDWSywo0MvJzMvWT3ZzDwtPSsr2zUwCAOMBlSIiAAAA
Protocol
HTTP/1.1
Server
199.59.243.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
30f2595a99cc7494e646671d559dbfcfb3dab990fc3a31e8c4c03c92416bcf92

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://ayana.darlynepearson.ga/bEs1SnksREVFLVBPTlRFTlVNVU0sMTYyOTE0OTI4Myws?_branch_match_id=1024400770249679302&utm_source=facebook&utm_campaign=facebook&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXN05MLTDWSywo0MvJzMvWT3ZzDwtPSsr2zUwCAOMBlSIiAAAA

Response headers

Server
openresty
Date
Mon, 21 Feb 2022 20:13:23 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_Z8HBPNZLn/MYXEA5J7nwhLw9oEmRVFGxxl2azmgIU47luM6VQFytjNbRhij/TUj7ju47Wb64f15XDzV0y7kftQ==
Cache-Control
no-cache no-store, must-revalidate post-check=0, pre-check=0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Pragma
no-cache
Content-Encoding
gzip

Redirect headers

Date
Mon, 21 Feb 2022 20:03:48 GMT
Server
Apache/2.4.38 (Debian)
Location
http://freenom.link/?k=80808080&_=1645473828
Content-Length
0
Content-Type
text/html; charset=ISO-8859-1
Connection
close
parking.2.81.0.js
freenom.link/js/ 		60 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://freenom.link/js/parking.2.81.0.js
Requested by
Host: freenom.link
URL: http://freenom.link/?k=80808080&_=1645473828
Protocol
HTTP/1.1
Server
199.59.243.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
eb03f01670b7df57b1b99825ea6132b3e01e5dd7bbcc32ddb520b73c1d1afc91

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://freenom.link/?k=80808080&_=1645473828
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 21 Feb 2022 20:13:23 GMT
Content-Encoding
gzip
Last-Modified
Sat, 19 Feb 2022 10:29:09 GMT
Server
openresty
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:01 GMT
_fd
freenom.link/ 		6 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
http://freenom.link/_fd?k=80808080&_=1645473828
Requested by
Host: freenom.link
URL: http://freenom.link/js/parking.2.81.0.js
Protocol
HTTP/1.1
Server
199.59.243.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
6ed9214cc050576e3d96a34e0722a88fbd60f256f079a821facdc5aa60dc24f5

Request headers

Accept
application/json
Referer
http://freenom.link/?k=80808080&_=1645473828
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

X-Version
2.81.0
Date
Mon, 21 Feb 2022 20:13:23 GMT
Content-Encoding
gzip
Server
openresty
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:01 GMT
caf.js
www.google.com/adsense/domains/ 		139 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/adsense/domains/caf.js
Requested by
Host: freenom.link
URL: http://freenom.link/js/parking.2.81.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
683ca9ae5a11c30fe1759ca4f095f03dc26e4015b93520afce5a2dbf41c2863b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://freenom.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 21 Feb 2022 20:13:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
etag
"6562349149113739408"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
expires
Mon, 21 Feb 2022 20:13:23 GMT
px.gif
freenom.link/ 		42 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://freenom.link/px.gif?ch=1&rn=6.594853543170458
Requested by
Host: freenom.link
URL: http://freenom.link/?k=80808080&_=1645473828
Protocol
HTTP/1.1
Server
199.59.243.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://freenom.link/?k=80808080&_=1645473828
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 21 Feb 2022 20:13:23 GMT
Last-Modified
Wed, 15 Sep 2021 19:38:30 GMT
Server
openresty
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:01 GMT
px.gif
freenom.link/ 		42 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://freenom.link/px.gif?ch=2&rn=6.594853543170458
Requested by
Host: freenom.link
URL: http://freenom.link/?k=80808080&_=1645473828
Protocol
HTTP/1.1
Server
199.59.243.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://freenom.link/?k=80808080&_=1645473828
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 21 Feb 2022 20:13:23 GMT
Last-Modified
Wed, 15 Sep 2021 19:38:30 GMT
Server
openresty
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:01 GMT
ads
www.google.com/afs/ Frame E80F 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/afs/ads?adtest=off&psid=9458580115&pcsa=false&channel=pid-bodis-gcontrol265%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol320%2Cpid-bodis-gcontrol152&client=dp-bodis31_3ph&r=m&hl=en&max_radlink_len=60&type=3&uiopt=false&swp=as-drid-2277932748432058&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17300842%2C17300919%2C17300922&format=r3&nocache=2821645474403666&num=0&output=afd_ads&domain_name=freenom.link&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1645474403667&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1584&psh=77&frm=0&uio=-&cont=rs&inames=master-1&jsid=caf&jsv=17553&rurl=http%3A%2F%2Ffreenom.link%2F%3Fk%3D80808080%26_%3D1645473828&referer=http%3A%2F%2Fayana.darlynepearson.ga%2F
Requested by
Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
4c6309f21148e743626974758ff627e380ee1edef7b04a01e1139ae4f8128fa4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://freenom.link/

Response headers

content-type
text/html; charset=UTF-8
content-disposition
inline
date
Mon, 21 Feb 2022 20:13:23 GMT
expires
Mon, 21 Feb 2022 20:13:23 GMT
cache-control
private, max-age=3600
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-encoding
br
server
gws
content-length
1966
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
caf.js
www.google.com/adsense/domains/ Frame E80F 		139 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/adsense/domains/caf.js?pac=2
Requested by
Host: www.google.com
URL: https://www.google.com/afs/ads?adtest=off&psid=9458580115&pcsa=false&channel=pid-bodis-gcontrol265%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol320%2Cpid-bodis-gcontrol152&client=dp-bodis31_3ph&r=m&hl=en&max_radlink_len=60&type=3&uiopt=false&swp=as-drid-2277932748432058&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17300842%2C17300919%2C17300922&format=r3&nocache=2821645474403666&num=0&output=afd_ads&domain_name=freenom.link&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1645474403667&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1584&psh=77&frm=0&uio=-&cont=rs&inames=master-1&jsid=caf&jsv=17553&rurl=http%3A%2F%2Ffreenom.link%2F%3Fk%3D80808080%26_%3D1645473828&referer=http%3A%2F%2Fayana.darlynepearson.ga%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1892593da3fe0b7efb2761261a4729bc2a84dae62e72c9c582b4e6800c424e0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 21 Feb 2022 20:13:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
etag
"8114526953360839185"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
expires
Mon, 21 Feb 2022 20:13:23 GMT
search.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame E80F 		391 B
890 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%2311264d
Requested by
Host: www.google.com
URL: https://www.google.com/afs/ads?adtest=off&psid=9458580115&pcsa=false&channel=pid-bodis-gcontrol265%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol320%2Cpid-bodis-gcontrol152&client=dp-bodis31_3ph&r=m&hl=en&max_radlink_len=60&type=3&uiopt=false&swp=as-drid-2277932748432058&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17300842%2C17300919%2C17300922&format=r3&nocache=2821645474403666&num=0&output=afd_ads&domain_name=freenom.link&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1645474403667&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1584&psh=77&frm=0&uio=-&cont=rs&inames=master-1&jsid=caf&jsv=17553&rurl=http%3A%2F%2Ffreenom.link%2F%3Fk%3D80808080%26_%3D1645473828&referer=http%3A%2F%2Fayana.darlynepearson.ga%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ba0d867e58e5caf5499901274fb5425180cce1f974d6c18c0f05ade47a7986e
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
content-encoding
gzip
x-content-type-options
nosniff
age
57523
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
last-modified
Thu, 19 Dec 2019 14:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="afs-native-asset-managers"
date
Mon, 21 Feb 2022 04:14:40 GMT
vary
Accept-Encoding
report-to
{"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-type
image/svg+xml
cache-control
public, max-age=82800
accept-ranges
bytes
expires
Tue, 22 Feb 2022 03:14:40 GMT
chevron.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame E80F 		200 B
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
Requested by
Host: www.google.com
URL: https://www.google.com/afs/ads?adtest=off&psid=9458580115&pcsa=false&channel=pid-bodis-gcontrol265%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol320%2Cpid-bodis-gcontrol152&client=dp-bodis31_3ph&r=m&hl=en&max_radlink_len=60&type=3&uiopt=false&swp=as-drid-2277932748432058&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17300842%2C17300919%2C17300922&format=r3&nocache=2821645474403666&num=0&output=afd_ads&domain_name=freenom.link&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1645474403667&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1584&psh=77&frm=0&uio=-&cont=rs&inames=master-1&jsid=caf&jsv=17553&rurl=http%3A%2F%2Ffreenom.link%2F%3Fk%3D80808080%26_%3D1645473828&referer=http%3A%2F%2Fayana.darlynepearson.ga%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
809fb4619d2a2f1a85dbda8cc69a7f1659215212d708a098d62150eee57070c1
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
content-encoding
gzip
x-content-type-options
nosniff
age
35200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
174
x-xss-protection
0
last-modified
Thu, 22 Oct 2020 21:45:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="afs-native-asset-managers"
date
Mon, 21 Feb 2022 10:26:43 GMT
vary
Accept-Encoding
report-to
{"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-type
image/svg+xml
cache-control
public, max-age=82800
accept-ranges
bytes
expires
Tue, 22 Feb 2022 09:26:43 GMT
arrows-bg-single.png
parking.bodiscdn.com/parking/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://parking.bodiscdn.com/parking/arrows-bg-single.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:28c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8436c93cfe365821cf9ec9d10320c9abb9862f4292a10e6c6fe75c15f5316b68

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://freenom.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 21 Feb 2022 20:13:24 GMT
cf-cache-status
HIT
age
3080
cf-polished
origFmt=png, origSize=3365
cf-ray
6e12a29129200f72-MXP
content-disposition
inline; filename="arrows-bg-single.webp"
content-length
2740
x-amz-id-2
nwg+js+MhzzzqBQn+UD4OS2rq9gVZWHlW3L4kvmP8/NONu3/lUIkpi2tXSWEXyNH+neH9ecQHdU=
last-modified
Fri, 13 Aug 2021 17:44:53 GMT
server
cloudflare
etag
"be0ad31eeb486cdcc271ce6ebab43d97"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-amz-request-id
7Y6KCKBQJGNJQR2F
cache-control
max-age=14400
accept-ranges
bytes
content-type
image/webp
cf-bgj
imgq:100,h2pri
_tr
freenom.link/ 		2 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
http://freenom.link/_tr
Requested by
Host: freenom.link
URL: http://freenom.link/js/parking.2.81.0.js
Protocol
HTTP/1.1
Server
199.59.243.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash

Request headers

Accept
application/json
Referer
http://freenom.link/?k=80808080&_=1645473828
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

X-Version
2.81.0
Date
Mon, 21 Feb 2022 20:13:24 GMT
Content-Encoding
gzip
Server
openresty
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:01 GMT
gen_204
www.google.com/afs/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/afs/gen_204?client=dp-bodis31_3ph&output=uds_ads_only&zx=wcv0sqtkyi3g&aqid=Y_ITYuKTLIj03gPRiIa4Bw&psid=9458580115&pbt=bs&adbx=550&adby=134&adbh=561&adbw=500&adbah=180%2C182%2C182&adbn=master-1&eawp=partner-dp-bodis31_3ph&errv=17553483161230516511&csadii=7&csadr=285&csala=7%7C205%7C30%7C50&lle=0&llm=1000&ifv=1&usr=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://freenom.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 21 Feb 2022 20:13:25 GMT
server
gws
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type
text/html; charset=ISO-8859-1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
gen_204
www.google.com/afs/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/afs/gen_204?client=dp-bodis31_3ph&output=uds_ads_only&zx=lgih7htrwfdq&aqid=Y_ITYuKTLIj03gPRiIa4Bw&psid=9458580115&pbt=bv&adbx=550&adby=134&adbh=561&adbw=500&adbah=180%2C182%2C182&adbn=master-1&eawp=partner-dp-bodis31_3ph&errv=17553483161230516511&csadii=7&csadr=285&csala=7%7C205%7C30%7C50&lle=0&llm=1000&ifv=1&usr=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://freenom.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 21 Feb 2022 20:13:25 GMT
server
gws
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type
text/html; charset=ISO-8859-1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone string| park object| regeneratorRuntime function| setImmediate function| clearImmediate number| googleNDT_ number| googleAltLoader object| google

4 Cookies

Domain/Path Name / Value
.bit.ly/ Name: _bit
Value: m1lkdm-2fc7a79451899db2e8-008
.app.link/ Name: _s
Value: WOSquT53duXJQRv6iv5ij%2FjxxidD0SJI4Pm4UPHKC8tmKJPnyje8%2FEL50xD3Og1f
ayana.darlynepearson.ga/ Name: JSESSIONID
Value: EFBE0C5D4F1DC3D678B553914947EF4E
freenom.link/ Name: parking_session
Value: 6ec20c2a-a9d0-dc3d-ed4b-07df5761414a