Submitted URL: http://tonfree.win/
Effective URL: https://tonfree.win/
Submission: On March 14 via api from US — Scanned from DE

Summary

This website contacted 8 IPs in 3 countries across 6 domains to perform 12 HTTP transactions. The main IP is 2606:4700:3034::ac43:9204, located in United States and belongs to CLOUDFLARENET, US. The main domain is tonfree.win.
TLS certificate: Issued by GTS CA 1P5 on February 19th 2024. Valid for: 3 months.
This is the only time tonfree.win was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 152.199.21.70 15133 (EDGECAST)
1 2a04:4e42:200... 54113 (FASTLY)
2 23.97.225.52 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2620:116:800d... 16509 (AMAZON-02)
1 2600:9000:20a... 16509 (AMAZON-02)
12 8
Apex Domain
Subdomains
Transfer
4 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 19223
e3.adpushup.com — Cisco Umbrella Rank: 22225
137 KB
3 tonfree.win
tonfree.win
931 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1388
pixel.quantserve.com — Cisco Umbrella Rank: 1125
10 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1374
634 B
1 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 653
10 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 746
30 KB
12 6
Domain Requested by
3 tonfree.win 1 redirects tonfree.win
2 e3.adpushup.com tonfree.win
2 cdn.adpushup.com tonfree.win
cdn.adpushup.com
1 pixel.quantserve.com tonfree.win
1 rules.quantcount.com secure.quantserve.com
1 secure.quantserve.com cdn.adpushup.com
1 fundingchoicesmessages.google.com cdn.adpushup.com
1 code.jquery.com cdn.adpushup.com
12 8

This site contains links to these domains. Also see Links.

Domain
coinmarketcap.com
www.certik.com
github.com
t.me
twitter.com
www.linkedin.com
Subject Issuer Validity Valid
tonfree.win
GTS CA 1P5
2024-02-19 -
2024-05-19
3 months crt.sh
*.adpushup.com
GeoTrust TLS RSA CA G1
2023-08-11 -
2024-07-12
a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2023-07-11 -
2024-07-14
a year crt.sh
*.google.com
GTS CA 1C3
2024-02-19 -
2024-05-13
3 months crt.sh
quantserve.com
R3
2024-02-25 -
2024-05-25
3 months crt.sh

This page contains 1 frames:

Primary Page: https://tonfree.win/
Frame ID: 8A5AE2309EE8588D32E0C389B1DF45AE
Requests: 25 HTTP requests in this frame

Screenshot

Page Title

TONFree: The Open Network for free for everyone

Page URL History Show full URLs

  1. http://tonfree.win/ HTTP 301
    https://tonfree.win/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

12
Requests

92 %
HTTPS

75 %
IPv6

6
Domains

8
Subdomains

8
IPs

3
Countries

1431 kB
Transfer

3026 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://tonfree.win/ HTTP 301
    https://tonfree.win/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
tonfree.win/
Redirect Chain
  • http://tonfree.win/
  • https://tonfree.win/
1 MB
912 KB
Document
General
Full URL
https://tonfree.win/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:9204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
489088d37777decee5cb9f926f37e45f7712c25378a7de2cbd6b52d769cdb17e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
864590de7c2c65de-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 14 Mar 2024 16:16:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8KlO981lm622iDSrmU%2B62qlflmBdje%2FXoK5uICdGwFu%2BObLuMqccknhd0DsesVcnZaRwz5d8XSE4bZum78Lui2uv%2BAcmXlTkC8JWjw5ARBm5fkEB4Ssrp%2B%2BQ7wCi%2F8t3XPMBD6uUU8rGgg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

CF-RAY
864590de2cd59c01-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Thu, 14 Mar 2024 16:16:02 GMT
Expires
Thu, 14 Mar 2024 17:16:02 GMT
Location
https://tonfree.win/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FuWNRtw42DTV3NAhPQtPDmQrwxxy6FCZRZVuPQZtrNRft938EY57cFhmevKmkNRHlvL7wGqxBsc3hSe5JdUBH7gI5oW84S4Bjz8dsOzEHVZFusmFThKed1JXK%2FRtqhUaGEFe%2B9r%2FNLUlpA%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
adpushup.js
cdn.adpushup.com/45900/
606 KB
136 KB
Script
General
Full URL
https://cdn.adpushup.com/45900/adpushup.js
Requested by
Host: tonfree.win
URL: https://tonfree.win/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48AA) /
Resource Hash
126fe9490070b3918f846cdd257fdf57e02464744d65f0e3f2333293ed778028

Request headers

Referer
https://tonfree.win/
Origin
https://tonfree.win
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-client-geo
DE
date
Thu, 14 Mar 2024 16:16:02 GMT
content-encoding
br
age
2878694
x-cache
HIT
x-client-device
desktop
content-length
139297
x-ap-device
DESKTOP
last-modified
Thu, 08 Feb 2024 20:52:16 GMT
server
ECAcc (ama/48AA)
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-ap-geo
DE
accept-ranges
bytes
expires
Thu, 14 Mar 2024 17:16:02 GMT
logo.png
tonfree.win/
18 KB
18 KB
Image
General
Full URL
https://tonfree.win/logo.png
Requested by
Host: tonfree.win
URL: https://tonfree.win/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:9204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e52daebcddf2ee7a1c4e763c6f4a3634c84b1696fd6c42da4b30dcc243b002c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tonfree.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 16:16:02 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
985
etag
1684162701.0-18103
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rwnQeYWwZvbBmbzqFRe64V94A8B%2FDUkX4jLmefeVcxHzfdtPYGATnNpC3k6z3iRTIxHHzobjHnvU6bkjOqOXwtPQkfWxdA8UVKtsTC8X%2Bb%2BAxBdfvw7sbpL8bKfv74%2BEbg2hTwetuO7tiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
cf-ray
864590df3d1565de-FRA
alt-svc
h3=":443"; ma=86400
truncated
/
7 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0c966214639739ab7f5ffcf2be0d3182f82a1fa0abfb5eac49eb8059b865c54a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
79 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
11a4dbfae28e9ea4612d65664f06beb1d61be7a9172df6fd5dc8a7dff73384b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/
68 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
600ba6a41ed6aed32cc53ef966cc9131e0c10d2350d7a1755c1c9185b22a699d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/
42 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3766672f409e96ebd9acb848e3b7c2330134c8d052f06ba633a3567b66469fdf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
27 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
426da6c321a25b9a89c34a3ca3be98161eee85117e1f0adc6501bab6a97bb6fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
28 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8526f4a2e82abea407cb645fdc2659ff9594315ce68ab891fbda073b8e8b41da

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
39 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f74379144655b70af7c6da06cc21d567ec92e81470a4cdc97aa99aec8cada687

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
56 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8246d7611210453e9bb53763f7302f8f540898f3ce3b26bf9261a38780f453c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
108 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f8885e8bd8d6f2de511e6683382d1865d2931483dc07e28e2d885caf5346b00b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5011dd269e43f2721f3c612ee3ad6e20939bc543d628816179c8db5cb4404afa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
107 KB
107 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3b91f4345dc4ea30e7767250988defaf93836b2727d78abff53732ddfbae03a

Request headers

Referer
Origin
https://tonfree.win
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
font/woff2
truncated
/
98 KB
98 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
954bfdf81f6e7d131149c5959e64577b2545a2655db6b0cc4fa32e572cc9907f

Request headers

Referer
Origin
https://tonfree.win
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
font/woff2
truncated
/
107 KB
107 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
522d5e113eb13b7e53e3f03a007c9eb84bd257a878c24516064b202894005c0a

Request headers

Referer
Origin
https://tonfree.win
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
font/woff2
jquery-3.6.0.min.js
code.jquery.com/
87 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45900/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tonfree.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 16:16:02 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
2890581
x-cache
HIT, HIT
content-length
30875
x-served-by
cache-lga21931-LGA, cache-fra-eddf8230081-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1710432963.638034,VS0,VE0
etag
W/"28feccc0-15d9d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
15, 572194
quantcast.js
cdn.adpushup.com/pbuseridscripts/
450 B
452 B
Script
General
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45900/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48CB) /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tonfree.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-client-geo
DE
date
Thu, 14 Mar 2024 16:16:02 GMT
content-encoding
br
age
18695682
x-cache
HIT
x-client-device
desktop
content-length
211
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
ECAcc (ama/48CB)
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Fri, 14 Mar 2025 16:16:02 GMT
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/
70 B
317 B
Image
General
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE3MTA0MzI5NjI2NjMsInBhY2tldElkIjoiMDAwMEIzNEMtNmFhZjViYTctYzAwYi00Yjg2LWJiMzgtYWEwMjM3Y2EzMmUyIiwic2l0ZUlkIjo0NTkwMCwic2l0ZURvbWFpbiI6Imh0dHBzOi8vdG9uZnJlZS53aW4iLCJ1cmwiOiJodHRwczovL3RvbmZyZWUud2luLyIsIm1vZGUiOjQsImVycm9yQ29kZSI6MCwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsLCJjb3VudHJ5IjoiREUifQ%3D%3D&c_b=425.5999984741211
Requested by
Host: tonfree.win
URL: https://tonfree.win/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tonfree.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Mar 2024 16:16:02 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://tonfree.win
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/
70 B
365 B
Image
General
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: tonfree.win
URL: https://tonfree.win/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tonfree.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Mar 2024 16:16:02 GMT
server
nginx/1.18.0 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid not set due to GDPR
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://tonfree.win
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
804289d2-b554-4830-8357-045132b969d3
https://tonfree.win/
2 KB
0
Other
General
Full URL
blob:https://tonfree.win/804289d2-b554-4830-8357-045132b969d3
Requested by
Host: tonfree.win
URL: https://tonfree.win/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf4fb2f01d9cf9dacc86bde88160ba3a8eb5d81b95a5a6064075d246404b4c80

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Length
1760
Content-Type
application/javascript
AGSKWxWGtL7zuZ1y1IcNdDu97XV3A1nSFYlAxzUsMF11iBnZwCEpDsaZDLJvauA2_Cx3VImW-PkAxWSsA1Yld5y1tqA=
fundingchoicesmessages.google.com/f/
23 KB
10 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWGtL7zuZ1y1IcNdDu97XV3A1nSFYlAxzUsMF11iBnZwCEpDsaZDLJvauA2_Cx3VImW-PkAxWSsA1Yld5y1tqA=
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45900/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0bfdd6265f72f61bd4b0ee52f6dcaf2e8349d7adb529b0c569d70efbbff18127
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-osDWQJqv7ERZBsSLUDxmPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tonfree.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 16:16:02 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-osDWQJqv7ERZBsSLUDxmPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStHikmJw1pBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiHf4eLDwrZvOqgLEhuuns0YCcczz6awpQOyUPoM1BIh96mewxgHxyQXnWS8CsRAPx6GjZ9azCWx49u4hEwD31i7m"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
quant.js
secure.quantserve.com/
23 KB
9 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tonfree.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 16:16:02 GMT
content-encoding
gzip
etag
"bvEECQq4Zy6gU9J/qv1O6Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Thu, 21 Mar 2024 16:16:02 GMT
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/
160 B
634 B
Script
General
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ab:ba00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tonfree.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 15:46:11 GMT
via
1.1 2b4f91feaec910b23d827812b244c812.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P3
age
1792
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
M_2OiZYC_JJ6ETrh3LmNbA_wOfZ6Tu6uEsI91M4YCUODQTIJX8EWgg==
pixel;r=1815311932;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Ftonfree.win%2F;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-72504129-1710432962752;pbc=;ns=0;c...
pixel.quantserve.com/
35 B
455 B
Image
General
Full URL
https://pixel.quantserve.com/pixel;r=1815311932;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Ftonfree.win%2F;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-72504129-1710432962752;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;ref=;d=tonfree.win;dst=1;et=1710432962799;tzo=-60;ogl=type.website%2Csite_name.TONfree%2Ctitle.TON%3A%20The%20Open%20Network%20for%20everyone%2Cdescription.A%20decentralized%20and%20open%20internet%20for%20free%252C%20created%20by%20the%20community%20using%20a%20tec%2Curl.https%3A%2F%2Ftonfree%252Ewin%2Cimage.%2Fmain_page%252Epng;ses=c334ab80-68b4-45fc-a9d0-96bfce6208ae;mdl=
Requested by
Host: tonfree.win
URL: https://tonfree.win/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tonfree.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Mar 2024 16:16:02 GMT
attribution-reporting-register-trigger
{"event_trigger_data":[{"filters":[],"trigger_data":"1"}]}
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| adpushup function| setImmediate function| clearImmediate undefined| $ undefined| jQuery string| currentState object| adpGlobals object| googletag object| googlefc function| __d3lUW8vwsKlB__ object| _qevents function| quantserve function| __qc object| ezt object| _qoptions function| __an6na521li18__ object| NmI2NmEyN2Y1NDFlYzE1ZWxvYWRlcl9qcw== string| NmI2NmEyN2Y1NDFlYzE1ZWNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady

3 Cookies

Domain/Path Name / Value
tonfree.win/ Name: vapor-session
Value: i9ixfX1MnR8LskWmO4Av3A==
.quantserve.com/ Name: mc
Value: 65f322c2-c4903-d2dc3-18c53
.tonfree.win/ Name: __qca
Value: P0-72504129-1710432962752

10 Console Messages

Source Level URL
Text
other warning URL: https://tonfree.win/(Line 43)
Message:
<link rel=preload> has an invalid `href` value
other warning URL: https://tonfree.win/(Line 45)
Message:
<link rel=preload> has an invalid `href` value
other warning URL: https://tonfree.win/(Line 47)
Message:
<link rel=preload> has an invalid `href` value
other warning URL: https://tonfree.win/(Line 49)
Message:
<link rel=preload> has an invalid `href` value
other warning URL: https://tonfree.win/(Line 51)
Message:
<link rel=preload> has an invalid `href` value
other warning URL: https://tonfree.win/(Line 53)
Message:
<link rel=preload> has an invalid `href` value
other warning URL: https://tonfree.win/(Line 54)
Message:
<link rel=preload> has an invalid `href` value
other warning URL: https://tonfree.win/(Line 1946)
Message:
<link rel=preload> has an invalid `href` value
other warning URL: https://tonfree.win/(Line 4896)
Message:
<link rel=preload> has an invalid `href` value
other warning URL: https://tonfree.win/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.adpushup.com
code.jquery.com
e3.adpushup.com
fundingchoicesmessages.google.com
pixel.quantserve.com
rules.quantcount.com
secure.quantserve.com
tonfree.win
152.199.21.70
23.97.225.52
2600:9000:20ab:ba00:6:44e3:f8c0:93a1
2606:4700:3030::6815:aa5
2606:4700:3034::ac43:9204
2620:116:800d:21:93ca:31d8:d86e:38f6
2a00:1450:4001:811::200e
2a04:4e42:200::649
0bfdd6265f72f61bd4b0ee52f6dcaf2e8349d7adb529b0c569d70efbbff18127
0c966214639739ab7f5ffcf2be0d3182f82a1fa0abfb5eac49eb8059b865c54a
11a4dbfae28e9ea4612d65664f06beb1d61be7a9172df6fd5dc8a7dff73384b1
126fe9490070b3918f846cdd257fdf57e02464744d65f0e3f2333293ed778028
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
3766672f409e96ebd9acb848e3b7c2330134c8d052f06ba633a3567b66469fdf
426da6c321a25b9a89c34a3ca3be98161eee85117e1f0adc6501bab6a97bb6fa
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
489088d37777decee5cb9f926f37e45f7712c25378a7de2cbd6b52d769cdb17e
5011dd269e43f2721f3c612ee3ad6e20939bc543d628816179c8db5cb4404afa
522d5e113eb13b7e53e3f03a007c9eb84bd257a878c24516064b202894005c0a
600ba6a41ed6aed32cc53ef966cc9131e0c10d2350d7a1755c1c9185b22a699d
8246d7611210453e9bb53763f7302f8f540898f3ce3b26bf9261a38780f453c6
8526f4a2e82abea407cb645fdc2659ff9594315ce68ab891fbda073b8e8b41da
954bfdf81f6e7d131149c5959e64577b2545a2655db6b0cc4fa32e572cc9907f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
b3b91f4345dc4ea30e7767250988defaf93836b2727d78abff53732ddfbae03a
cf4fb2f01d9cf9dacc86bde88160ba3a8eb5d81b95a5a6064075d246404b4c80
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e52daebcddf2ee7a1c4e763c6f4a3634c84b1696fd6c42da4b30dcc243b002c5
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
f74379144655b70af7c6da06cc21d567ec92e81470a4cdc97aa99aec8cada687
f8885e8bd8d6f2de511e6683382d1865d2931483dc07e28e2d885caf5346b00b
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e