urlscan.io logo urlscan.io
SecurityTrails logo

earnfreeltc.gq Open in urlscan Pro
206.189.19.197  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.earnfreeltc.gq/
Effective URL: https://earnfreeltc.gq/
Submission Tags: krdtest
Submission: On March 15 via api from JP — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 5 countries across 11 domains to perform 56 HTTP transactions. The main IP is 206.189.19.197, located in London, United Kingdom and belongs to DIGITALOCEAN-ASN, US. The main domain is earnfreeltc.gq.
TLS certificate: Issued by R3 on March 14th 2022. Valid for: 3 months.
This is the only time earnfreeltc.gq was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 11 206.189.19.197 14061 (DIGITALOC...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
7 192.243.59.13 39572 (ADVANCEDH...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 188.114.96.7 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (STACKPATH...)
6 195.201.108.252 24940 (HETZNER-AS)
14 188.114.97.7 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
56 14
11    206.189.19.197 (London, United Kingdom)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: r213.lon1.mysecurecloudhost.com
www.earnfreeltc.gq
earnfreeltc.gq
2    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
7    192.243.59.13 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
illegalprotected.com
1    2606:4700:3035::ac43:d116 (United States)

ASN13335 (CLOUDFLARENET, US)
static.surfe.pro
2    188.114.96.7 (Medellín, Colombia)

ASN13335 (CLOUDFLARENET, US)
adhitzads.com
p3.adhitzads.com
4    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
6    195.201.108.252 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.252.108.201.195.clients.your-server.de
surfe.pro
14    188.114.97.7 (Medellín, Colombia)

ASN13335 (CLOUDFLARENET, US)
p3.adhitzads.com
5    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
16 adhitzads.com
adhitzads.com — Cisco Umbrella Rank: 175023
p3.adhitzads.com — Cisco Umbrella Rank: 195090
141 KB
11 earnfreeltc.gq
www.earnfreeltc.gq
earnfreeltc.gq
124 KB
7 surfe.pro
static.surfe.pro — Cisco Umbrella Rank: 250179
surfe.pro — Cisco Umbrella Rank: 195881
6 KB
7 illegalprotected.com
illegalprotected.com
5 gstatic.com
www.gstatic.com
469 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
24 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 194
90 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 403
48 KB
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
5 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 90
53 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 588
30 KB
56 11
Domain Requested by
15 p3.adhitzads.com adhitzads.com
p3.adhitzads.com
10 earnfreeltc.gq earnfreeltc.gq
7 illegalprotected.com earnfreeltc.gq
6 surfe.pro earnfreeltc.gq
5 www.gstatic.com www.google.com
4 www.google.com earnfreeltc.gq
www.gstatic.com
www.google.com
2 cdnjs.cloudflare.com earnfreeltc.gq
cdnjs.cloudflare.com
2 cdn.jsdelivr.net earnfreeltc.gq
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 pagead2.googlesyndication.com earnfreeltc.gq
1 code.jquery.com earnfreeltc.gq
1 adhitzads.com earnfreeltc.gq
1 static.surfe.pro earnfreeltc.gq
1 www.earnfreeltc.gq 1 redirects
56 14

This site contains links to these domains. Also see Links.

Domain
cryptofp.xyz
claimfreeltc.com
cryptoonly.xyz
claimfreedoge.ml
faucetpay.io
t.me
Subject Issuer Validity Valid
cpcontacts.payfreetrx.gq
R3		 2022-03-14 -
2022-06-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-03 -
2022-07-02		 a year crt.sh
illegalprotected.com
R3		 2022-02-17 -
2022-05-18		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
surfe.pro
R3		 2022-01-02 -
2022-04-02		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://earnfreeltc.gq/
Frame ID: C7D4C5E7ED4B95ED55A11ACE44628694
Requests: 40 HTTP requests in this frame

Frame: https://p3.adhitzads.com/622fe54d91d82914539216gearnfreeltc.gq216120
Frame ID: 779131BCF316D71E27BA8053B887EDFF
Requests: 8 HTTP requests in this frame

Frame: https://p3.adhitzads.com/622fe54db4ccb928779113gearnfreeltc.gq216120
Frame ID: CB28E811E08EA8695D2463E7C7900F0E
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeiAu4dAAAAAN1xvX2kleY0ij8oFG_z5660wLpb&co=aHR0cHM6Ly9lYXJuZnJlZWx0Yy5ncTo0NDM.&hl=en&v=85AXn53af-oJBEtL2o2WpAjZ&size=normal&cb=u004yw48j7u3
Frame ID: 085CC20E11FC512E3A482AFCFA74C86E
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=85AXn53af-oJBEtL2o2WpAjZ&k=6LeiAu4dAAAAAN1xvX2kleY0ij8oFG_z5660wLpb
Frame ID: 666248B1926B378061A1B7AFABEF5AC7
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20190131/zrt_lookup.html
Frame ID: 1BB97243B9D9A7F55810A09CB9F25E52
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Earn Free LTC | Free Litecoin Faucet

Page URL History Show full URLs

  1. http://www.earnfreeltc.gq/ HTTP 302
    https://earnfreeltc.gq/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

56
Requests

100 %
HTTPS

62 %
IPv6

11
Domains

14
Subdomains

14
IPs

5
Countries

989 kB
Transfer

2305 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.earnfreeltc.gq/ HTTP 302
    https://earnfreeltc.gq/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

56 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
earnfreeltc.gq/
Redirect Chain
  • http://www.earnfreeltc.gq/
  • https://earnfreeltc.gq/
51 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://earnfreeltc.gq/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.189.19.197 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
r213.lon1.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
ae0945e3c55ddfc2a23ba900133af67ef0e39a35d69fbae0808d68a5e3d462d6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9

Response headers

expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
x-xss-protection
0
content-type
text/html; charset=UTF-8
content-encoding
br
vary
Accept-Encoding,User-Agent
date
Tue, 15 Mar 2022 01:01:00 GMT
server
LiteSpeed
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

Redirect headers

Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-type
text/html
content-length
683
date
Tue, 15 Mar 2022 01:01:00 GMT
server
LiteSpeed
cache-control
no-cache, no-store, must-revalidate, max-age=0
location
https://earnfreeltc.gq/
vary
User-Agent
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/ 		158 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css
Requested by
Host: earnfreeltc.gq
URL: https://earnfreeltc.gq/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://earnfreeltc.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 01:01:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
12101
x-jsd-version
4.6.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19124-FRA, cache-lcy19275-LCY
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"27681-LKxK/BIJg5IUESlr1Oj9ipS6I34"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6ec150c0dd61740f-LHR
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/ 		58 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css
Requested by
Host: earnfreeltc.gq
URL: https://earnfreeltc.gq/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://earnfreeltc.gq/
Origin
https://earnfreeltc.gq
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 01:01:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1670477
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10472
timing-allow-origin
*
last-modified
Wed, 13 Jan 2021 22:29:05 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fff7431-e7d0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BuJOCAFHnN5SaiSWAUsUenQ%2ByrZXp7ERZ%2BR8CA5eaIV26FGmhgA5I6fzOcKH6Al2w0WNHfo39duLR8wMb07wC2etftLFhokbB4dNjkgQ%2Bl7dPG2rgOj4M0KvE95BE%2F9w4b%2B53XnZu5RxCJ6cPMaPkBc1"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ec150c0df4b067e-LHR
expires
Sun, 05 Mar 2023 01:01:00 GMT
base.css
earnfreeltc.gq/libs/css/ 		748 B
421 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://earnfreeltc.gq/libs/css/base.css
Requested by
Host: earnfreeltc.gq
URL: https://earnfreeltc.gq/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.189.19.197 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
r213.lon1.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
96d937266e197db610a6e47e75f3afe063b0795eb0559104696e89bf74c538cb

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://earnfreeltc.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 01:01:00 GMT
content-encoding
br
last-modified
Sat, 04 Dec 2021 15:04:03 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
313
expires
Tue, 22 Mar 2022 01:01:00 GMT
muluken33.css
earnfreeltc.gq/libs/css/ 		481 B
247 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://earnfreeltc.gq/libs/css/muluken33.css
Requested by
Host: earnfreeltc.gq
URL: https://earnfreeltc.gq/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.189.19.197 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
r213.lon1.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
38d02513f9d05aff4dfabb80c52ff1ebde2121c3d36d9220839a6e420411ef7c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://earnfreeltc.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 01:01:00 GMT
content-encoding
br
last-modified
Sat, 04 Dec 2021 15:04:03 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
215
expires
Tue, 22 Mar 2022 01:01:00 GMT
non2.css
earnfreeltc.gq/libs/css/ 		268 B
174 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://earnfreeltc.gq/libs/css/non2.css
Requested by
Host: earnfreeltc.gq
URL: https://earnfreeltc.gq/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.189.19.197 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
r213.lon1.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
9d06ebf17ecd008d93560a00503c7fc28d98626bb3fa6753940328fdcfd404af

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://earnfreeltc.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 01:01:00 GMT
content-encoding
br
last-modified
Sat, 04 Dec 2021 15:04:03 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
142
expires
Tue, 22 Mar 2022 01:01:00 GMT
ltc.png
earnfreeltc.gq/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://earnfreeltc.gq/images/ltc.png
Requested by
Host: earnfreeltc.gq
URL: https://earnfreeltc.gq/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
206.189.19.197 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
r213.lon1.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
660f278b2a3296b26b1f7c03cef134d736e10e2ab90eedfc0fa3c6d491cb2a1f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://earnfreeltc.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 01:01:01 GMT
last-modified
Sat, 04 Dec 2021 15:04:01 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
8583
expires
Tue, 22 Mar 2022 01:01:01 GMT
bitcoin.png
earnfreeltc.gq/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://earnfreeltc.gq/images/bitcoin.png
Requested by
Host: earnfreeltc.gq
URL: https://earnfreeltc.gq/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
206.189.19.197 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
r213.lon1.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
12bac3f45f1535bada74fa9b39e3e70b88d0991e1c5ba8c5bbfc8d4f6534b091

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://earnfreeltc.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 01:01:01 GMT
last-modified
Sat, 04 Dec 2021 15:04:01 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4517
expires
Tue, 22 Mar 2022 01:01:01 GMT
trx.webp
earnfreeltc.gq/images/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://earnfreeltc.gq/images/trx.webp
Requested by
Host: earnfreeltc.gq
URL: https://earnfreeltc.gq/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
206.189.19.197 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
r213.lon1.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
61eab1d4003b3dd628d918947651f8432c9dafaa34481246de5f2b36b2bee00a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://earnfreeltc.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 01:01:01 GMT
last-modified
Sat, 04 Dec 2021 15:04:01 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/webp
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
14274
expires
Tue, 22 Mar 2022 01:01:01 GMT
dogecoin.webp
earnfreeltc.gq/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://earnfreeltc.gq/images/dogecoin.webp
Requested by
Host: earnfreeltc.gq
URL: https://earnfreeltc.gq/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
206.189.19.197 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
r213.lon1.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
12cdf34bdeaa0a84bcd0bb7be47519ad24905d66c3c8935c75ab39935e9ed922

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://earnfreeltc.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 01:01:01 GMT
last-modified
Sat, 04 Dec 2021 15:04:01 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/webp
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
8118
expires
Tue, 22 Mar 2022 01:01:01 GMT
0b05f50e38d77c6adbf11e8b6af54ebd.js
illegalprotected.com/0b/05/f5/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://illegalprotected.com/0b/05/f5/0b05f50e38d77c6adbf11e8b6af54ebd.js
Requested by
Host: earnfreeltc.gq
URL: https://earnfreeltc.gq/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://earnfreeltc.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 15 Mar 2022 01:01:01 GMT
Server
nginx/1.17.6
Connection
keep-alive
Content-Type
application/javascript
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
f156f38ef3303dbe65c3d25738afdabe.js
illegalprotected.com/f1/56/f3/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://illegalprotected.com/f1/56/f3/f156f38ef3303dbe65c3d25738afdabe.js
Requested by
Host: earnfreeltc.gq
URL: https://earnfreeltc.gq/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://earnfreeltc.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 15 Mar 2022 01:01:01 GMT
Server
nginx/1.17.6
Connection
keep-alive
Content-Type
application/javascript
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
net.js
static.surfe.pro/js/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.surfe.pro/js/net.js
Requested by
Host: earnfreeltc.gq
URL: https://earnfreeltc.gq/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:d116 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
907106ff835026bd9f8f6fbf84342aafc70923664634d6afbcd4da37a7dc964d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://earnfreeltc.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 01:01:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 10 Mar 2022 16:06:12 GMT
server
cloudflare
age
3184
etag
W/"622a21f4-11a9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M3i3RIloMuSgKivsHJbSGGHt%2BHWlflZoUmYGgG80D2fLq%2FnbGxdl83H7ZNdp7F8%2BWN6XpKQaLLdtT0S3bFbHyzxWH0KSPisP45qpGHFiW3IucxToFV0sR4r58CgyTtXq6BOmQmehPrJfkgsaGxOD"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ec150c1ded971a5-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
1150264
adhitzads.com/ 		448 B
842 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adhitzads.com/1150264
Requested by
Host: earnfreeltc.gq
URL: https://earnfreeltc.gq/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dab0162a9e214fefb3189806d30db7c200a96cc6a9ffb7c9e03bd4d05927caa3

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://earnfreeltc.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 01:01:01 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gMG%2Fr5nkO1GgwmQ8%2FNi0a53WKPEpxSSUAxdeMA6T9sRLE4MmwBNLCYmemq%2FAa6YuMTc6jU0sR9fOQ3lMFuZxvDAatxG30RAXM6J9QrZE6RyNFCsTZxh%2FW5XcJ8sodxZm"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=3600, public
cf-ray
6ec150c1ebc873fb-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 15 Mar 2022 02:01:01 GMT
api.js
www.google.com/recaptcha/ 		850 B
966 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: earnfreeltc.gq
URL: https://earnfreeltc.gq/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
efe60d3132396e59045e15ed5c74035c98ac27b363af49041b12706746af8b52
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://earnfreeltc.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 01:01:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
553
x-xss-protection
1; mode=block
expires
Tue, 15 Mar 2022 01:01:01 GMT
invoke.js
illegalprotected.com/afd15ca3f93b6450222f339f84a542e3/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://illegalprotected.com/afd15ca3f93b6450222f339f84a542e3/invoke.js
Requested by
Host: earnfreeltc.gq
URL: https://earnfreeltc.gq/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://earnfreeltc.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 15 Mar 2022 01:01:01 GMT
Server
nginx/1.17.6
Connection
keep-alive
Content-Type
application/javascript
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
jquery-3.5.1.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.5.1.min.js
Requested by
Host: earnfreeltc.gq
URL: https://earnfreeltc.gq/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer
https://earnfreeltc.gq/
Origin
https://earnfreeltc.gq
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 01:01:01 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-15d84"
vary
Accept-Encoding
x-hw
1647306061.dop122.am5.t,1647306061.cds282.am5.hn,1647306061.cds203.am5.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30879
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/ 		82 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js
Requested by
Host: earnfreeltc.gq
URL: https://earnfreeltc.gq/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://earnfreeltc.gq/
Origin
https://earnfreeltc.gq
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 01:01:01 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
12098
x-jsd-version
4.6.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19158-FRA, cache-lcy19252-LCY
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"1499a-rsVR5NVzRjCI/KfRT7ZE6zifGDk"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6ec150c19afc768f-LHR
show_ads.js
earnfreeltc.gq/libs/ 		23 B
290 B 		Script
General
Check archive.org
Download Go to
Full URL
https://earnfreeltc.gq/libs/show_ads.js
Requested by
Host: earnfreeltc.gq
URL: https://earnfreeltc.gq/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
206.189.19.197 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
r213.lon1.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
ae8733fbaff642fc86c871273af6a0430ca67d764e4169c5a38c6fd66fbf8169

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://earnfreeltc.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 01:01:01 GMT
last-modified
Sat, 04 Dec 2021 15:04:03 GMT
server
LiteSpeed
vary
User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
23
expires
Tue, 22 Mar 2022 01:01:01 GMT
invoke.js
illegalprotected.com/9f8289f5d568111840dffb0698a677ad/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://illegalprotected.com/9f8289f5d568111840dffb0698a677ad/invoke.js
Requested by
Host: earnfreeltc.gq
URL: https://earnfreeltc.gq/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
https://earnfreeltc.gq/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 15 Mar 2022 01:01:01 GMT
Server
nginx/1.17.6
Connection
keep-alive
Content-Type
application/javascript
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
id
surfe.pro/net/ 		17 B
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://surfe.pro/net/id
Requested by
Host: earnfreeltc.gq
URL: https://earnfreeltc.gq/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.108.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.108.201.195.clients.your-server.de
Software
nginx /
Resource Hash
ad88fedfd3107ae4c5052b12da61327dc822b1658597fb3cfcc3fa591d2e1708

Request headers

Referer
https://earnfreeltc.gq/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 15 Mar 2022 01:01:01 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://earnfreeltc.gq
access-control-allow-credentials
true
the-rule
surfe.pro
access-control-allow-headers
User-Agent,Keep-Alive,Content-Type
speed-02
main-t-new - 0.0018391609191895
teaser
surfe.pro/net/ 		0
419 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://surfe.pro/net/teaser?sid=298250&w=1140&seed=6361432865439804&doc_ref=&href=aHR0cHM6Ly9lYXJuZnJlZWx0Yy5ncS8=
Requested by
Host: earnfreeltc.gq
URL: https://earnfreeltc.gq/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.108.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.108.201.195.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://earnfreeltc.gq/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 15 Mar 2022 01:01:01 GMT
content-encoding
gzip
server
nginx
speed-04
site-notfound - 0.011672019958496
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://earnfreeltc.gq
sb-error
Too many requests
access-control-allow-credentials
true
speed-03
site-inited-view - 0.011667013168335
access-control-allow-headers
User-Agent,Keep-Alive,Content-Type
speed-02
preload - 0.0015559196472168
the-rule
surfe.pro
/
p3.adhitzads.com/ 		649 B
666 B 		Script
General
Check archive.org
Download Go to
Full URL
https://p3.adhitzads.com/?z=1150264&p=566676683&l=https%3A//earnfreeltc.gq/&c=1
Requested by
Host: adhitzads.com
URL: https://adhitzads.com/1150264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
c3479de6e2d495f4e6bf5ba21438040a09ba2d7078212a27ae464ad7958986ed

Request headers

Referer
https://earnfreeltc.gq/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma
no-cache
date
Tue, 15 Mar 2022 01:01:01 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SZGSFOT73fnUGFbIXmLW3EM1O9eMp4Hml%2FZRYQWfncmXPLYhtn61rPlcds%2FLIF6IV5LpSm5efKMl6hRGH7i1tCam3GOti3BE%2F%2FymWG%2FE2EcromKIZPQjN2kSXjI6%2BhRq%2BEDX"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
6ec150c4dda473fb-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 26 Jul 1997 05:00:00 GMT
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/webfonts/ 		78 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0428c36942097bbf7cc98bcebc81dee047382fac414217e89cc572c7f9473f6
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css
Origin
https://earnfreeltc.gq
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 01:01:01 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1043249
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
80252
timing-allow-origin
*
last-modified
Wed, 13 Jan 2021 22:29:06 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fff7432-1397c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GviHf4KDTCDUHGwtAH1Pxb4UhbG3DTSJXGYYCWW9Y8q51SeYgw5AorJZHByxNheWSu3HkYRkGh6BDdQPhiolz%2FmSvaoOl3EUzcFScKFDiCKo3vI2iZKrblv5kpb0NBGDf%2Bw6ASSUKziG6tVddhM2edv5"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ec150c51b91777f-LHR
expires
Sun, 05 Mar 2023 01:01:01 GMT
622fe54d91d82914539216gearnfreeltc.gq216120
p3.adhitzads.com/ Frame 7791 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://p3.adhitzads.com/622fe54d91d82914539216gearnfreeltc.gq216120
Requested by
Host: p3.adhitzads.com
URL: https://p3.adhitzads.com/?z=1150264&p=566676683&l=https%3A//earnfreeltc.gq/&c=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb43715c75aab2b5a8b0e53a371fe5e708d20c0a05279e7d98cc1be7583c2004

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://earnfreeltc.gq/

Response headers

date
Tue, 15 Mar 2022 01:01:01 GMT
content-type
text/html; charset=UTF-8
expires
Tue, 15 Mar 2022 01:31:01 GMT
cache-control
max-age=1800 private
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uEWEuszNauNKs%2FcvXuG5wzB7hpcHTZbD2okUjJ8Df8tRqBz9uAGQx8iebDwMvAkwQIzBzU5S%2F%2F4UAdIpO0708duSH%2FfV2iHBjiSiD0kN9lbXSD8a4J%2BvKL67n4uGsUEr63Qe"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6ec150c5acc97511-LHR
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43893b9e5ed2579114eca7884aa381a94751271e53f97904e82783d99b1ee286

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
/
p3.adhitzads.com/ 		649 B
882 B 		Script
General
Check archive.org
Download Go to
Full URL
https://p3.adhitzads.com/?z=1150264&p=566676683&l=https%3A//earnfreeltc.gq/&c=2
Requested by
Host: adhitzads.com
URL: https://adhitzads.com/1150264
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
56ab053c701ad6b54143002cff7fa46354eeb9b4a9c00902b95c9450abafb111

Request headers

Referer
https://earnfreeltc.gq/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma
no-cache
date
Tue, 15 Mar 2022 01:01:01 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fi5qMYiGGeA1cNApmhSvWLsxLGjMa9wLVXZFIoijsJZFEMR7kqPDZhwqa7BBHojb4ZLIjwnbAthucLN%2Fy1jZ7so9nvN%2FwbhdX%2BiKyO%2Fj4wlbFC6uz7pyKE1d6t3DfiXWgr3b"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
6ec150c5acca7511-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 26 Jul 1997 05:00:00 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/ 		357 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfb94e5ee3cf4cc864f0afd05660956b94cf3f42232c7ac5e119924713c294ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://earnfreeltc.gq/
Origin
https://earnfreeltc.gq
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 08:20:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60022
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
143659
x-xss-protection
0
last-modified
Mon, 07 Mar 2022 05:02:21 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 14 Mar 2023 08:20:39 GMT
622fe54db4ccb928779113gearnfreeltc.gq216120
p3.adhitzads.com/ Frame CB28 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://p3.adhitzads.com/622fe54db4ccb928779113gearnfreeltc.gq216120
Requested by
Host: p3.adhitzads.com
URL: https://p3.adhitzads.com/?z=1150264&p=566676683&l=https%3A//earnfreeltc.gq/&c=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fa7af7eec8f793229af7c153c4be5384d51d4e37589c3800680f7dd519667db

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://earnfreeltc.gq/

Response headers

date
Tue, 15 Mar 2022 01:01:01 GMT
content-type
text/html; charset=UTF-8
expires
Tue, 15 Mar 2022 01:31:01 GMT
cache-control
max-age=1800 private
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8JNlxVMjAs94Ls0phzvKIcCfZUFN8o9Al8FDnTdvpIAp%2BCJ51h2YkfKiCsaVFjsAVWQrI4QVKj0aEkUcmzInI%2F519vMmc3OpWZSaVg3rkzyk7T7%2BFUSASNK4VnjA%2FxHqStXP"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6ec150c64d717511-LHR
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
teaser
surfe.pro/net/ 		0
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://surfe.pro/net/teaser?sid=298252&w=0&seed=31365702456804256&doc_ref=&href=aHR0cHM6Ly9lYXJuZnJlZWx0Yy5ncS8=
Requested by
Host: earnfreeltc.gq
URL: https://earnfreeltc.gq/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.108.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.108.201.195.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://earnfreeltc.gq/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 15 Mar 2022 01:01:01 GMT
content-encoding
gzip
server
nginx
speed-04
site-notfound - 0.0099408626556396
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://earnfreeltc.gq
sb-error
Too many requests
access-control-allow-credentials
true
speed-03
site-inited-view - 0.0099380016326904
access-control-allow-headers
User-Agent,Keep-Alive,Content-Type
speed-02
preload - 0.0018908977508545
the-rule
surfe.pro
teaser
surfe.pro/net/ 		0
419 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://surfe.pro/net/teaser?sid=298251&w=1140&seed=696154804773103&doc_ref=&href=aHR0cHM6Ly9lYXJuZnJlZWx0Yy5ncS8=
Requested by
Host: earnfreeltc.gq
URL: https://earnfreeltc.gq/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.108.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.108.201.195.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://earnfreeltc.gq/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 15 Mar 2022 01:01:01 GMT
content-encoding
gzip
server
nginx
speed-04
site-notfound - 0.0087149143218994
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://earnfreeltc.gq
sb-error
Too many requests
access-control-allow-credentials
true
speed-03
site-inited-view - 0.0087108612060547
access-control-allow-headers
User-Agent,Keep-Alive,Content-Type
speed-02
preload - 0.002079963684082
the-rule
surfe.pro
invoke.js
illegalprotected.com/8cc1b6da16d3c3a17edc33dedcb245d8/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://illegalprotected.com/8cc1b6da16d3c3a17edc33dedcb245d8/invoke.js
Requested by
Host: earnfreeltc.gq
URL: https://earnfreeltc.gq/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
https://earnfreeltc.gq/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 15 Mar 2022 01:01:01 GMT
Server
nginx/1.17.6
Connection
keep-alive
Content-Type
application/javascript
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
1PPSUHdoqwjL2VWcj6xyFKbKzkU.js
p3.adhitzads.com/cdn-cgi/apps/head/ Frame 7791 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p3.adhitzads.com/cdn-cgi/apps/head/1PPSUHdoqwjL2VWcj6xyFKbKzkU.js
Requested by
Host: p3.adhitzads.com
URL: https://p3.adhitzads.com/622fe54d91d82914539216gearnfreeltc.gq216120
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
065a05d12986a9e31fba40f27204e3d048315acb63e4f70b2cc7d44a6f80df3f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://p3.adhitzads.com/622fe54d91d82914539216gearnfreeltc.gq216120
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 01:01:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9796060
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
4FFCV0Y6R13S47C7
x-amz-id-2
ulAgBneS5ByYsZVourTTMINFI3qAP/bnlmQ3Ltxda6glG4/N7I2pUoeWwWPb8GSjSOW/Oyq5jmM=
last-modified
Sat, 21 Aug 2021 07:52:28 GMT
server
cloudflare
etag
W/"0efa17b3260a0b776ab28207ab5cc303"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E3uPkyhFG80tE2EWCt55qYozbGsnSv7OcisBJT%2FXwIL4rZ2Kp5ZTDiVRU4oWyXKxYctjRmLnFWyPy0tg9Eu7z73QXCWkve3%2FYGUtINvuVjooBgAf9o6u2hp8J%2FoeKtExSk8D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
HIlLEqrgQhxtvnqNOJO.wJAtVe0RPRw5
cf-ray
6ec150c66d8b7511-LHR
invisible.js
p3.adhitzads.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame 7791 		45 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p3.adhitzads.com/cdn-cgi/challenge-platform/h/g/scripts/invisible.js?ts=1647306000
Requested by
Host: p3.adhitzads.com
URL: https://p3.adhitzads.com/622fe54d91d82914539216gearnfreeltc.gq216120
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a822ece7541a3bf9c6886f407c875bd574681882e9e39b81e8cb5391efd9c4ad

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://p3.adhitzads.com/622fe54d91d82914539216gearnfreeltc.gq216120
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 01:01:01 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8w9X6zxO9nKJyBBi%2F534fScXgnVyRzP%2F8xUqheWy%2BjUdn2nFnQfiYc2N%2BeUxaP9ld3JcGUeaLW%2Bk5JgiDp%2FYmqoBMsRu6WbcRuaWRBdyJgE4H5XYlhitlB2LN9PEoaLs9kMF"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
x-control-type-options
nosniff
cf-ray
6ec150c66d8d7511-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
1PPSUHdoqwjL2VWcj6xyFKbKzkU.js
p3.adhitzads.com/cdn-cgi/apps/head/ Frame CB28 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p3.adhitzads.com/cdn-cgi/apps/head/1PPSUHdoqwjL2VWcj6xyFKbKzkU.js
Requested by
Host: p3.adhitzads.com
URL: https://p3.adhitzads.com/622fe54db4ccb928779113gearnfreeltc.gq216120
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
065a05d12986a9e31fba40f27204e3d048315acb63e4f70b2cc7d44a6f80df3f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://p3.adhitzads.com/622fe54db4ccb928779113gearnfreeltc.gq216120
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 01:01:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9796060
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
4FFCV0Y6R13S47C7
x-amz-id-2
ulAgBneS5ByYsZVourTTMINFI3qAP/bnlmQ3Ltxda6glG4/N7I2pUoeWwWPb8GSjSOW/Oyq5jmM=
last-modified
Sat, 21 Aug 2021 07:52:28 GMT
server
cloudflare
etag
W/"0efa17b3260a0b776ab28207ab5cc303"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QoHNDblH0rIyZOVD95HuhvITl3zpAt0n767ExiIZOB3O6noTu%2BLBWexsa0s70ogfNKdXzr1APE12%2BWN%2BiQuL1lvzSDaeCFc5nmO5RoHEsfKQnF93dLCMdb3rVcSYlnGpBjgM"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
HIlLEqrgQhxtvnqNOJO.wJAtVe0RPRw5
cf-ray
6ec150c6cdd57511-LHR
invisible.js
p3.adhitzads.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame CB28 		42 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p3.adhitzads.com/cdn-cgi/challenge-platform/h/g/scripts/invisible.js?ts=1647306000
Requested by
Host: p3.adhitzads.com
URL: https://p3.adhitzads.com/622fe54db4ccb928779113gearnfreeltc.gq216120
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5247592297f38dca9ea55b60e894a436fe0f5ed86c14a09c8c0c90d76270b135

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://p3.adhitzads.com/622fe54db4ccb928779113gearnfreeltc.gq216120
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 01:01:01 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jruR4ApRyKeJdGaDi6pGsTJbOYKmPiIZUtqsx0FZoB1o7LGLk3n7A%2F5p0ws5CUNNZjvZbxyAemMb6yJlNhb0qBcLu6cWhl3BidpxYVsYdmTRfyz1yLu%2FDvZpKT9GpS6qdnar"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
x-control-type-options
nosniff
cf-ray
6ec150c6cdd77511-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
truncated
/ Frame 7791 		984 B
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
654054d57d0184c0f925aa8890f206bf4432243ff8a971700b55217eccbe4e3d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
text/css;charset=utf-8
1645457183img_ad_cmp_437014.jpg
p3.adhitzads.com/s/ad_files/ Frame 7791 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p3.adhitzads.com/s/ad_files/1645457183img_ad_cmp_437014.jpg
Requested by
Host: p3.adhitzads.com
URL: https://p3.adhitzads.com/622fe54d91d82914539216gearnfreeltc.gq216120
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
991188c4d5fd2bb3905c8ce11469d4c0be04b469ffded026eb89ba83fc35ab68

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://p3.adhitzads.com/622fe54d91d82914539216gearnfreeltc.gq216120
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 01:01:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
745506
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
57273
last-modified
Mon, 21 Feb 2022 15:26:23 GMT
server
cloudflare
etag
"6213af1f-dfb9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2BCuIy8SWxi5Xom87jVX%2F9kXbvrTRSZiKjYZTLggPEHl0FgfZ5xvMP0NzIjnmN%2FECA1cKRc530kYCnhAe9AC%2BMI14ks5yWqUuSClGRO83j6jKIkk6cIEN1UMAsDiPlch4%2Bxt"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
6ec150c6cdde7511-LHR
expires
Tue, 05 Apr 2022 09:55:55 GMT
bannerslink.png
p3.adhitzads.com/s/ Frame 7791 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p3.adhitzads.com/s/bannerslink.png
Requested by
Host: p3.adhitzads.com
URL: https://p3.adhitzads.com/622fe54d91d82914539216gearnfreeltc.gq216120
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c97c6711a3842ff47e9255b0d954eef44acb0ae4625ca9180e3f5bcde4f0f8b1

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://p3.adhitzads.com/622fe54d91d82914539216gearnfreeltc.gq216120
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 01:01:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1982237
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1323
last-modified
Thu, 20 May 2010 21:29:39 GMT
server
cloudflare
etag
"4bf5a9c3-52b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lVn7tHwuB2xzy4Twz6Dzk42T7ivWWnUFFDXhNFM6M4RdzcNFlRo23yVrgb0KaakNvXAwGKHFlv%2FvDe9Aj9hbnQU78B4iRHZhdy4qly5k2XROnCcU1NqV8FKxk4E5Abt9TIVC"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
6ec150c6cddf7511-LHR
expires
Tue, 22 Mar 2022 02:23:44 GMT
pica.js
p3.adhitzads.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame 7791 		22 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://p3.adhitzads.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by
Host: p3.adhitzads.com
URL: https://p3.adhitzads.com/622fe54d91d82914539216gearnfreeltc.gq216120
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef83461bdff0f1eaa2ca091c6e30e4a6382e6e5b2024a754b4d24ebb7698563a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://p3.adhitzads.com/622fe54d91d82914539216gearnfreeltc.gq216120
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 01:01:01 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eCE%2F0x9nLD8233FQlPNBOyBEoKh34H2E%2B1o2gsmRr6MiXohjAWMHKPjei1Vq5gLL6M8tHGUshLRKnFKrL%2BCuOvxCquU96fBJTnwHId0dHk3cf1nplwgMEKPRTQF8JTEPLvyb"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
x-control-type-options
nosniff
cf-ray
6ec150c70e0a7511-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
teaser
surfe.pro/net/ 		0
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://surfe.pro/net/teaser?sid=298251&w=1140&seed=8759493838345604&doc_ref=&href=aHR0cHM6Ly9lYXJuZnJlZWx0Yy5ncS8=
Requested by
Host: earnfreeltc.gq
URL: https://earnfreeltc.gq/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.108.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.108.201.195.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://earnfreeltc.gq/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 15 Mar 2022 01:01:01 GMT
content-encoding
gzip
server
nginx
speed-04
site-notfound - 0.0078251361846924
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://earnfreeltc.gq
sb-error
Too many requests
access-control-allow-credentials
true
speed-03
site-inited-view - 0.0078201293945312
access-control-allow-headers
User-Agent,Keep-Alive,Content-Type
speed-02
preload - 0.0016441345214844
the-rule
surfe.pro
invoke.js
illegalprotected.com/8cc1b6da16d3c3a17edc33dedcb245d8/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://illegalprotected.com/8cc1b6da16d3c3a17edc33dedcb245d8/invoke.js
Requested by
Host: earnfreeltc.gq
URL: https://earnfreeltc.gq/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
https://earnfreeltc.gq/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 15 Mar 2022 01:01:02 GMT
Server
nginx/1.17.6
Connection
keep-alive
Content-Type
application/javascript
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
truncated
/ Frame CB28 		984 B
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
654054d57d0184c0f925aa8890f206bf4432243ff8a971700b55217eccbe4e3d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
text/css;charset=utf-8
1646348126img_ad_cmp_437551.jpg
p3.adhitzads.com/s/ad_files/ Frame CB28 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p3.adhitzads.com/s/ad_files/1646348126img_ad_cmp_437551.jpg
Requested by
Host: p3.adhitzads.com
URL: https://p3.adhitzads.com/622fe54db4ccb928779113gearnfreeltc.gq216120
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72b3faf07047b9d5759f58a469c3bab623144c7c6c27ed0abc0011365a13b39b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://p3.adhitzads.com/622fe54db4ccb928779113gearnfreeltc.gq216120
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 01:01:02 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
948713
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9649
last-modified
Thu, 03 Mar 2022 22:55:26 GMT
server
cloudflare
etag
"6221475e-25b1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8SRbgxSTMtG%2FqzFAes1r2Utg0ba5J%2ByD1c92crBomczLb8C5MHyZaNzopBDacagktoRBxFtvHiLYKCQi9TOqCRyMYfeS1%2FUxY89uMQJjR9OSBMaP3an5yfrrDFywWPWWF%2B9k"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
6ec150c79e817511-LHR
expires
Sun, 03 Apr 2022 01:29:09 GMT
pica.js
p3.adhitzads.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame CB28 		23 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://p3.adhitzads.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by
Host: p3.adhitzads.com
URL: https://p3.adhitzads.com/622fe54db4ccb928779113gearnfreeltc.gq216120
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b89125b87b1f9058363fb8830faddc4bd99186072e6bf32fc27e8cfc0eabb52c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://p3.adhitzads.com/622fe54db4ccb928779113gearnfreeltc.gq216120
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 01:01:02 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TE5Vjp0ZZ1FE7a4kkNxI71nGOzFGAFmBYUFsAuhhZTspBxNyKtNifD4O6sYDaxKpreWtewvJvXtTZz67uz2a5tHtaya8t9be6pfbamADobP69K4h9QArqqbNV7N5dEDHvNHh"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
x-control-type-options
nosniff
cf-ray
6ec150c79e867511-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
teaser
surfe.pro/net/ 		0
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://surfe.pro/net/teaser?sid=298251&w=1140&seed=30623162589408914&doc_ref=&href=aHR0cHM6Ly9lYXJuZnJlZWx0Yy5ncS8=
Requested by
Host: earnfreeltc.gq
URL: https://earnfreeltc.gq/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.108.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.108.201.195.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://earnfreeltc.gq/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 15 Mar 2022 01:01:02 GMT
content-encoding
gzip
server
nginx
speed-04
site-notfound - 0.0096988677978516
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://earnfreeltc.gq
sb-error
Too many requests
access-control-allow-credentials
true
speed-03
site-inited-view - 0.0096960067749023
access-control-allow-headers
User-Agent,Keep-Alive,Content-Type
speed-02
preload - 0.00142502784729
the-rule
surfe.pro
invoke.js
illegalprotected.com/8cc1b6da16d3c3a17edc33dedcb245d8/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://illegalprotected.com/8cc1b6da16d3c3a17edc33dedcb245d8/invoke.js
Requested by
Host: earnfreeltc.gq
URL: https://earnfreeltc.gq/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
https://earnfreeltc.gq/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 15 Mar 2022 01:01:02 GMT
Server
nginx/1.17.6
Connection
keep-alive
Content-Type
application/javascript
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
6ec150c64d717511
p3.adhitzads.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame CB28 		2 B
683 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p3.adhitzads.com/cdn-cgi/challenge-platform/h/g/cv/result/6ec150c64d717511
Requested by
Host: p3.adhitzads.com
URL: https://p3.adhitzads.com/cdn-cgi/challenge-platform/h/g/scripts/invisible.js?ts=1647306000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://p3.adhitzads.com/622fe54db4ccb928779113gearnfreeltc.gq216120
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 15 Mar 2022 01:01:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6ec150c99ffa7511-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q5IOCfKBoqoblB9KnbjhfPvbdpYNnEe%2FcbZA4Bjd6%2F0jgKl1v4GVlumjcSR60f%2BKsyEf0BlxDK8XaPD2j1BNL3afOKABh%2FS7Jcf03dAlb%2BQw1P2Qe6yBo7C2pvmx2uvI%2Bx6m"}],"group":"cf-nel","max_age":604800}
6ec150c5acc97511
p3.adhitzads.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 7791 		2 B
677 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p3.adhitzads.com/cdn-cgi/challenge-platform/h/g/cv/result/6ec150c5acc97511
Requested by
Host: p3.adhitzads.com
URL: https://p3.adhitzads.com/cdn-cgi/challenge-platform/h/g/scripts/invisible.js?ts=1647306000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://p3.adhitzads.com/622fe54d91d82914539216gearnfreeltc.gq216120
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 15 Mar 2022 01:01:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6ec150ca88af7511-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mt95em32R0JQs5ZftViYB38aiw%2FrzB1jvGiTmrdUN%2BDINbRH1R8X8hZqP2E8okMTPgik2jjHJBKDrzD9TGV6dfHIgzUGYLUfR61wqE8vkLEy7Dx1ectLuv1bN82QtRneMGro"}],"group":"cf-nel","max_age":604800}
anchor
www.google.com/recaptcha/api2/ Frame 085C 		43 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeiAu4dAAAAAN1xvX2kleY0ij8oFG_z5660wLpb&co=aHR0cHM6Ly9lYXJuZnJlZWx0Yy5ncTo0NDM.&hl=en&v=85AXn53af-oJBEtL2o2WpAjZ&size=normal&cb=u004yw48j7u3
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
604dbedf6321fb32d86b86b7f34aaadabaad6922e2ae73bb5178c71d491734e4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6vnC9PMfap41TDMljDp0Yg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://earnfreeltc.gq/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 15 Mar 2022 01:01:02 GMT
content-security-policy
script-src 'report-sample' 'nonce-6vnC9PMfap41TDMljDp0Yg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
22535
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2fc2fd28fb081fef9ab263d862bb1c1fa4cbf2b2ca83d2fe3e43d4c1deafa659

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
46eba25da7e3af1f46bdfdc91ecb2db58f551a14e3acdae78610debaaff93dc0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e627db70b4bd4820e3827881ae859fecd41fc204e913fc30eb600ac8f4448e5a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48d944ab93e12ffc5e006b51d066f7fbe422cb425870ae8e7ee0cd1d715817d8

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
styles__ltr.css
www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/ Frame 085C 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeiAu4dAAAAAN1xvX2kleY0ij8oFG_z5660wLpb&co=aHR0cHM6Ly9lYXJuZnJlZWx0Yy5ncTo0NDM.&hl=en&v=85AXn53af-oJBEtL2o2WpAjZ&size=normal&cb=u004yw48j7u3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 16:53:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29247
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 07 Mar 2022 05:02:21 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 14 Mar 2023 16:53:36 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/ Frame 085C 		357 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeiAu4dAAAAAN1xvX2kleY0ij8oFG_z5660wLpb&co=aHR0cHM6Ly9lYXJuZnJlZWx0Yy5ncTo0NDM.&hl=en&v=85AXn53af-oJBEtL2o2WpAjZ&size=normal&cb=u004yw48j7u3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfb94e5ee3cf4cc864f0afd05660956b94cf3f42232c7ac5e119924713c294ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 08:20:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60024
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
143659
x-xss-protection
0
last-modified
Mon, 07 Mar 2022 05:02:21 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 14 Mar 2023 08:20:39 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 085C 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=85AXn53af-oJBEtL2o2WpAjZ
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeiAu4dAAAAAN1xvX2kleY0ij8oFG_z5660wLpb&co=aHR0cHM6Ly9lYXJuZnJlZWx0Yy5ncTo0NDM.&hl=en&v=85AXn53af-oJBEtL2o2WpAjZ&size=normal&cb=u004yw48j7u3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e9707e0f26dd47c5a91ff3582091109a33aeeb6eac0253ed617fb58bc0be7039
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeiAu4dAAAAAN1xvX2kleY0ij8oFG_z5660wLpb&co=aHR0cHM6Ly9lYXJuZnJlZWx0Yy5ncTo0NDM.&hl=en&v=85AXn53af-oJBEtL2o2WpAjZ&size=normal&cb=u004yw48j7u3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 01:01:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Tue, 15 Mar 2022 01:01:03 GMT
next.js
earnfreeltc.gq/ 		89 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://earnfreeltc.gq/next.js
Requested by
Host: earnfreeltc.gq
URL: https://earnfreeltc.gq/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
206.189.19.197 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
r213.lon1.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
40210c3e6699b543ce899a3eca6f2b66404ac53d728a626549557a92c1c59561

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://earnfreeltc.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 01:01:03 GMT
content-encoding
br
last-modified
Sat, 04 Dec 2021 15:04:01 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
61011
expires
Tue, 22 Mar 2022 01:01:03 GMT
bframe
www.google.com/recaptcha/api2/ Frame 6662 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=85AXn53af-oJBEtL2o2WpAjZ&k=6LeiAu4dAAAAAN1xvX2kleY0ij8oFG_z5660wLpb
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
76005f7caa7151336d83e9b32734535776b4aa4dc370c9e001a49b51bd7fb1eb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-k8rp6Za4ElBg26dlB/8fEA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://earnfreeltc.gq/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 15 Mar 2022 01:01:03 GMT
content-security-policy
script-src 'report-sample' 'nonce-k8rp6Za4ElBg26dlB/8fEA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1108
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		152 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: earnfreeltc.gq
URL: https://earnfreeltc.gq/next.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f1f34cc03208c1aef12cef83d542694369e30ff440dc2fa38530d0c6aae50dc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://earnfreeltc.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 01:01:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53721
x-xss-protection
0
server
cafe
etag
1961387021321701853
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 15 Mar 2022 01:01:03 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/ Frame 6662 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=85AXn53af-oJBEtL2o2WpAjZ&k=6LeiAu4dAAAAAN1xvX2kleY0ij8oFG_z5660wLpb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 16:53:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29247
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 07 Mar 2022 05:02:21 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 14 Mar 2023 16:53:36 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/ Frame 6662 		357 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=85AXn53af-oJBEtL2o2WpAjZ&k=6LeiAu4dAAAAAN1xvX2kleY0ij8oFG_z5660wLpb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfb94e5ee3cf4cc864f0afd05660956b94cf3f42232c7ac5e119924713c294ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 08:20:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60024
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
143659
x-xss-protection
0
last-modified
Mon, 07 Mar 2022 05:02:21 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 14 Mar 2023 08:20:39 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220308/r20190131/ Frame 1BB9 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220308/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://earnfreeltc.gq/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4502
x-xss-protection
0
date
Mon, 14 Mar 2022 23:41:54 GMT
expires
Mon, 28 Mar 2022 23:41:54 GMT
cache-control
public, max-age=1209600
age
4749
etag
4044455266028820542
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 function| structuredClone object| oncontextlost object| oncontextrestored function| downloadJSAtOnload object| atOptions object| adsurfebe number| _adhtz number| _adhtx object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| $ function| jQuery object| bootstrap boolean| show_ads_gr8_lite object| closure_lm_237735 object| googletag object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle string| google_user_agent_client_hint

2 Cookies

Domain/Path Name / Value
earnfreeltc.gq/ Name: PHPSESSID
Value: 41510ab0eb4d9f9d630e7e6b501e93c9
.adhitzads.com/ Name: __cf_bm
Value: owzzy76L3kD3sON6_fQ8fMJlBiPQA5tT_TB9Od4QZzU-1647306062-0-ATlDgJDiiL2ap/DvolmWMt8GP4BDB6S5wo2+I/9VlbzGnCf7H9TsoLkbMYDuIpBA2TVzeyAJYRR8bb1BrEMW37FF86CRkzgdRZ8WgghHvm9XFn6xejmoH+HV7ZJf9dpqNQ==

19 Console Messages

Source Level URL
Text
network error URL: https://illegalprotected.com/0b/05/f5/0b05f50e38d77c6adbf11e8b6af54ebd.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://illegalprotected.com/afd15ca3f93b6450222f339f84a542e3/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://illegalprotected.com/f1/56/f3/f156f38ef3303dbe65c3d25738afdabe.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript warning URL: https://earnfreeltc.gq/(Line 112)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://illegalprotected.com/9f8289f5d568111840dffb0698a677ad/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://earnfreeltc.gq/(Line 112)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://illegalprotected.com/9f8289f5d568111840dffb0698a677ad/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://illegalprotected.com/9f8289f5d568111840dffb0698a677ad/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript warning URL: https://adhitzads.com/1150264
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://p3.adhitzads.com/?z=1150264&p=566676683&l=https%3A//earnfreeltc.gq/&c=1, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://adhitzads.com/1150264
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://p3.adhitzads.com/?z=1150264&p=566676683&l=https%3A//earnfreeltc.gq/&c=1, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://adhitzads.com/1150264
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://p3.adhitzads.com/?z=1150264&p=566676683&l=https%3A//earnfreeltc.gq/&c=2, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://adhitzads.com/1150264
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://p3.adhitzads.com/?z=1150264&p=566676683&l=https%3A//earnfreeltc.gq/&c=2, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://earnfreeltc.gq/(Line 223)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://illegalprotected.com/8cc1b6da16d3c3a17edc33dedcb245d8/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://earnfreeltc.gq/(Line 223)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://illegalprotected.com/8cc1b6da16d3c3a17edc33dedcb245d8/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://illegalprotected.com/8cc1b6da16d3c3a17edc33dedcb245d8/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript warning URL: https://earnfreeltc.gq/(Line 238)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://illegalprotected.com/8cc1b6da16d3c3a17edc33dedcb245d8/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://earnfreeltc.gq/(Line 238)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://illegalprotected.com/8cc1b6da16d3c3a17edc33dedcb245d8/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://illegalprotected.com/8cc1b6da16d3c3a17edc33dedcb245d8/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript warning URL: https://earnfreeltc.gq/(Line 253)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://illegalprotected.com/8cc1b6da16d3c3a17edc33dedcb245d8/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://earnfreeltc.gq/(Line 253)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://illegalprotected.com/8cc1b6da16d3c3a17edc33dedcb245d8/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://illegalprotected.com/8cc1b6da16d3c3a17edc33dedcb245d8/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adhitzads.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
earnfreeltc.gq
googleads.g.doubleclick.net
illegalprotected.com
p3.adhitzads.com
pagead2.googlesyndication.com
static.surfe.pro
surfe.pro
www.earnfreeltc.gq
www.google.com
www.gstatic.com
188.114.96.7
188.114.97.7
192.243.59.13
195.201.108.252
2001:4de0:ac18::1:a:3b
206.189.19.197
2606:4700:3035::ac43:d116
2606:4700::6810:135e
2606:4700::6810:5814
2a00:1450:4001:803::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2004
2a00:1450:4001:831::2002
065a05d12986a9e31fba40f27204e3d048315acb63e4f70b2cc7d44a6f80df3f
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
0fa7af7eec8f793229af7c153c4be5384d51d4e37589c3800680f7dd519667db
12bac3f45f1535bada74fa9b39e3e70b88d0991e1c5ba8c5bbfc8d4f6534b091
12cdf34bdeaa0a84bcd0bb7be47519ad24905d66c3c8935c75ab39935e9ed922
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2fc2fd28fb081fef9ab263d862bb1c1fa4cbf2b2ca83d2fe3e43d4c1deafa659
38d02513f9d05aff4dfabb80c52ff1ebde2121c3d36d9220839a6e420411ef7c
40210c3e6699b543ce899a3eca6f2b66404ac53d728a626549557a92c1c59561
43893b9e5ed2579114eca7884aa381a94751271e53f97904e82783d99b1ee286
46eba25da7e3af1f46bdfdc91ecb2db58f551a14e3acdae78610debaaff93dc0
48d944ab93e12ffc5e006b51d066f7fbe422cb425870ae8e7ee0cd1d715817d8
4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601
5247592297f38dca9ea55b60e894a436fe0f5ed86c14a09c8c0c90d76270b135
56ab053c701ad6b54143002cff7fa46354eeb9b4a9c00902b95c9450abafb111
604dbedf6321fb32d86b86b7f34aaadabaad6922e2ae73bb5178c71d491734e4
61eab1d4003b3dd628d918947651f8432c9dafaa34481246de5f2b36b2bee00a
654054d57d0184c0f925aa8890f206bf4432243ff8a971700b55217eccbe4e3d
660f278b2a3296b26b1f7c03cef134d736e10e2ab90eedfc0fa3c6d491cb2a1f
72b3faf07047b9d5759f58a469c3bab623144c7c6c27ed0abc0011365a13b39b
76005f7caa7151336d83e9b32734535776b4aa4dc370c9e001a49b51bd7fb1eb
907106ff835026bd9f8f6fbf84342aafc70923664634d6afbcd4da37a7dc964d
96d937266e197db610a6e47e75f3afe063b0795eb0559104696e89bf74c538cb
991188c4d5fd2bb3905c8ce11469d4c0be04b469ffded026eb89ba83fc35ab68
9d06ebf17ecd008d93560a00503c7fc28d98626bb3fa6753940328fdcfd404af
a0428c36942097bbf7cc98bcebc81dee047382fac414217e89cc572c7f9473f6
a822ece7541a3bf9c6886f407c875bd574681882e9e39b81e8cb5391efd9c4ad
ad88fedfd3107ae4c5052b12da61327dc822b1658597fb3cfcc3fa591d2e1708
ae0945e3c55ddfc2a23ba900133af67ef0e39a35d69fbae0808d68a5e3d462d6
ae8733fbaff642fc86c871273af6a0430ca67d764e4169c5a38c6fd66fbf8169
b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b
b89125b87b1f9058363fb8830faddc4bd99186072e6bf32fc27e8cfc0eabb52c
c3479de6e2d495f4e6bf5ba21438040a09ba2d7078212a27ae464ad7958986ed
c97c6711a3842ff47e9255b0d954eef44acb0ae4625ca9180e3f5bcde4f0f8b1
cb43715c75aab2b5a8b0e53a371fe5e708d20c0a05279e7d98cc1be7583c2004
cfb94e5ee3cf4cc864f0afd05660956b94cf3f42232c7ac5e119924713c294ad
d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d
dab0162a9e214fefb3189806d30db7c200a96cc6a9ffb7c9e03bd4d05927caa3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e627db70b4bd4820e3827881ae859fecd41fc204e913fc30eb600ac8f4448e5a
e9707e0f26dd47c5a91ff3582091109a33aeeb6eac0253ed617fb58bc0be7039
ef83461bdff0f1eaa2ca091c6e30e4a6382e6e5b2024a754b4d24ebb7698563a
efe60d3132396e59045e15ed5c74035c98ac27b363af49041b12706746af8b52
f1f34cc03208c1aef12cef83d542694369e30ff440dc2fa38530d0c6aae50dc3
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d