urlscan.io logo urlscan.io
SecurityTrails logo

www.freehosting.com Open in urlscan Pro
2606:4700:3032::ac43:c8f7  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://paypal-confirm-account-information.com.preview.services/Paypal90/get_started/billing.php
Effective URL: https://www.freehosting.com/client/clientarea.php
Submission Tags: phishing malicious Search All
Submission: On October 13 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 10 domains to perform 31 HTTP transactions. The main IP is 2606:4700:3032::ac43:c8f7, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.freehosting.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 25th 2020. Valid for: a year.
This is the only time www.freehosting.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    195.201.179.80 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: free-hosting-clients.freehosting.com
paypal-confirm-account-information.com.preview.services
20    2606:4700:3032::ac43:c8f7 (United States)

ASN13335 (CLOUDFLARENET, US)
www.freehosting.com
2    2a00:1450:4001:81b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2a00:1450:4001:816::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2606:4700::6810:262f (United States)

ASN13335 (CLOUDFLARENET, US)
device.maxmind.com
1    2606:4700::6812:1a12 (United States)

ASN13335 (CLOUDFLARENET, US)
d-ipv6.mmapiws.com
1    104.19.146.54 (United States)

ASN13335 (CLOUDFLARENET, US)
d-ipv4.mmapiws.com
Domain Requested by
20 www.freehosting.com 2 redirects paypal-confirm-account-information.com.preview.services
www.freehosting.com
5 fonts.gstatic.com fonts.googleapis.com
2 ssl.google-analytics.com 1 redirects www.freehosting.com
2 fonts.googleapis.com paypal-confirm-account-information.com.preview.services
www.freehosting.com
1 d-ipv4.mmapiws.com device.maxmind.com
1 d-ipv6.mmapiws.com device.maxmind.com
1 device.maxmind.com www.freehosting.com
1 www.google.de www.freehosting.com
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 paypal-confirm-account-information.com.preview.services
31 11

This site contains links to these domains. Also see Links.

Domain
www.freehosting.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-06-25 -
2021-06-25		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
*.maxmind.com
COMODO RSA Organization Validation Secure Server CA		 2018-10-15 -
2020-11-06		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://www.freehosting.com/client/clientarea.php
Frame ID: 3A07EA35AA94713B0CA7D43CEA4C28E7
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://paypal-confirm-account-information.com.preview.services/Paypal90/get_started/billing.php Page URL
  2. https://www.freehosting.com/client/logout.php HTTP 302
    https://www.freehosting.com/client/index.php HTTP 302
    https://www.freehosting.com/client/clientarea.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

31
Requests

97 %
HTTPS

82 %
IPv6

10
Domains

11
Subdomains

9
IPs

3
Countries

1669 kB
Transfer

2862 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://paypal-confirm-account-information.com.preview.services/Paypal90/get_started/billing.php Page URL
  2. https://www.freehosting.com/client/logout.php HTTP 302
    https://www.freehosting.com/client/index.php HTTP 302
    https://www.freehosting.com/client/clientarea.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=840936255&utmhn=www.freehosting.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Client%20Area%20-%20FreeHosting.com&utmhid=1273446448&utmr=http%3A%2F%2Fpaypal-confirm-account-information.com.preview.services%2FPaypal90%2Fget_started%2Fbilling.php&utmp=%2Fclient%2Fclientarea.php&utmht=1602562684725&utmac=UA-12514117-10&utmcc=__utma%3D71999765.444803375.1602562685.1602562685.1602562685.1%3B%2B__utmz%3D71999765.1602562685.1.1.utmcsr%3Dpaypal-confirm-account-information.com.preview.services%7Cutmccn%3D(referral)%7Cutmcmd%3Dreferral%7Cutmcct%3D%2FPaypal90%2Fget_started%2Fbilling.php%3B&utmjid=1716019836&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-12514117-10&cid=444803375.1602562685&jid=1716019836&_v=5.7.2&z=840936255 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12514117-10&cid=444803375.1602562685&jid=1716019836&_v=5.7.2&z=840936255 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12514117-10&cid=444803375.1602562685&jid=1716019836&_v=5.7.2&z=840936255&slf_rd=1&random=1942896683

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
billing.php
paypal-confirm-account-information.com.preview.services/Paypal90/get_started/ 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://paypal-confirm-account-information.com.preview.services/Paypal90/get_started/billing.php
Protocol
HTTP/1.1
Server
195.201.179.80 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
free-hosting-clients.freehosting.com
Software
nginx/1.17.8 /
Resource Hash
8ea95775ae841839f16037b1068f6da01f83363ce0590e42398eee29b39f62b3

Request headers

Host
paypal-confirm-account-information.com.preview.services
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx/1.17.8
Date
Tue, 13 Oct 2020 04:17:33 GMT
Content-Type
text/html
Last-Modified
Thu, 18 Apr 2019 14:42:07 GMT
Transfer-Encoding
chunked
Connection
keep-alive
ETag
W/"5cb88cbf-cc5"
Content-Encoding
gzip
iconsmind.css
www.freehosting.com/css/ 		80 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.freehosting.com/css/iconsmind.css
Requested by
Host: paypal-confirm-account-information.com.preview.services
URL: http://paypal-confirm-account-information.com.preview.services/Paypal90/get_started/billing.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:c8f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38391d0c01d7fee8c61a80c9b507ef05d0cb76876a42feebded8b06905015d13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://paypal-confirm-account-information.com.preview.services/Paypal90/get_started/billing.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 13 Oct 2020 04:17:34 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4680869
cf-polished
origSize=96447
status
200
cf-request-id
05c1c6973d000005bf0b9e1200000001
expires
Fri, 20 Aug 2021 00:03:05 GMT
last-modified
Fri, 16 Feb 2018 07:55:48 GMT
server
cloudflare
etag
W/"178bf-5654fac1da900-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602562654"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31536000
cf-ray
5e16406b9fbd05bf-FRA
cf-bgj
minify
bootstrap.css
www.freehosting.com/css/ 		68 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.freehosting.com/css/bootstrap.css
Requested by
Host: paypal-confirm-account-information.com.preview.services
URL: http://paypal-confirm-account-information.com.preview.services/Paypal90/get_started/billing.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:c8f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
580645620fd71893e8d59820a85e3c69bad36cc10db7a29e1967c7f745071f27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://paypal-confirm-account-information.com.preview.services/Paypal90/get_started/billing.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 13 Oct 2020 04:17:34 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
10037202
cf-polished
origSize=88774
status
200
cf-request-id
05c1c6973d000005bf0b9e2200000001
expires
Sat, 19 Jun 2021 00:10:52 GMT
last-modified
Fri, 16 Feb 2018 07:55:48 GMT
server
cloudflare
etag
W/"15ac6-5654fac1da900-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602562654"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31536000
cf-ray
5e16406b9fc005bf-FRA
cf-bgj
minify
stack-interface.css
www.freehosting.com/css/ 		2 KB
623 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.freehosting.com/css/stack-interface.css
Requested by
Host: paypal-confirm-account-information.com.preview.services
URL: http://paypal-confirm-account-information.com.preview.services/Paypal90/get_started/billing.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:c8f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc3e1c7f25f8898edf9bba53c1cf0730271371e373bdd4dad4535cecedf85ba3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://paypal-confirm-account-information.com.preview.services/Paypal90/get_started/billing.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 13 Oct 2020 04:17:34 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
11604884
cf-polished
origSize=3082
status
200
cf-request-id
05c1c6973d000005bf0b9e3200000001
expires
Mon, 31 May 2021 20:42:50 GMT
last-modified
Fri, 16 Feb 2018 07:55:48 GMT
server
cloudflare
etag
W/"c0a-5654fac1da900-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602562654"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31536000
cf-ray
5e16406b9fc205bf-FRA
cf-bgj
minify
theme.css
www.freehosting.com/css/ 		159 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.freehosting.com/css/theme.css
Requested by
Host: paypal-confirm-account-information.com.preview.services
URL: http://paypal-confirm-account-information.com.preview.services/Paypal90/get_started/billing.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:c8f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a794b06d853fa232b1db1713f3a141d725a54386595f80e4e80a654a3e77cf7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://paypal-confirm-account-information.com.preview.services/Paypal90/get_started/billing.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 13 Oct 2020 04:17:34 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2934532
cf-polished
origSize=197746
status
200
cf-request-id
05c1c6973d000005bf0b9e4200000001
expires
Thu, 09 Sep 2021 05:08:42 GMT
last-modified
Thu, 20 Dec 2018 23:11:21 GMT
server
cloudflare
etag
W/"30472-57d7c3fb12baf-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602562654"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31536000
cf-ray
5e16406b9fc305bf-FRA
cf-bgj
minify
custom.css
www.freehosting.com/css/ 		0
129 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.freehosting.com/css/custom.css
Requested by
Host: paypal-confirm-account-information.com.preview.services
URL: http://paypal-confirm-account-information.com.preview.services/Paypal90/get_started/billing.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:c8f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://paypal-confirm-account-information.com.preview.services/Paypal90/get_started/billing.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 13 Oct 2020 04:17:34 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
11604884
cf-polished
origSize=1
status
200
strict-transport-security
max-age=31536000
content-length
0
x-xss-protection
1; mode=block
last-modified
Mon, 17 Dec 2018 22:03:26 GMT
server
cloudflare
etag
"1-57d3ef341a08d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602562654"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
expires
Mon, 31 May 2021 20:42:50 GMT
cache-control
max-age=31536000
cf-request-id
05c1c6973d000005bf0b9e5200000001
accept-ranges
bytes
cf-ray
5e16406b9fc405bf-FRA
cf-bgj
minify
css
fonts.googleapis.com/ 		12 KB
987 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700
Requested by
Host: paypal-confirm-account-information.com.preview.services
URL: http://paypal-confirm-account-information.com.preview.services/Paypal90/get_started/billing.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8be5c6301da1b9998a2eda72be2f3fa24ae903241e176be45031da127cb7f4ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://paypal-confirm-account-information.com.preview.services/Paypal90/get_started/billing.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 13 Oct 2020 04:17:33 GMT
server
ESF
date
Tue, 13 Oct 2020 04:17:33 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 13 Oct 2020 04:17:33 GMT
jquery-3.1.1.min.js
www.freehosting.com/js/ 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.freehosting.com/js/jquery-3.1.1.min.js
Requested by
Host: paypal-confirm-account-information.com.preview.services
URL: http://paypal-confirm-account-information.com.preview.services/Paypal90/get_started/billing.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:c8f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://paypal-confirm-account-information.com.preview.services/Paypal90/get_started/billing.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 13 Oct 2020 04:17:34 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4680869
status
200
cf-request-id
05c1c6973d000005bf0b9e7200000001
last-modified
Fri, 16 Feb 2018 07:55:48 GMT
server
cloudflare
etag
W/"152b5-5654fac1da900-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602562654"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31536000
cf-ray
5e16406b9fc605bf-FRA
expires
Fri, 20 Aug 2021 00:03:05 GMT
parallax.js
www.freehosting.com/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.freehosting.com/js/parallax.js
Requested by
Host: paypal-confirm-account-information.com.preview.services
URL: http://paypal-confirm-account-information.com.preview.services/Paypal90/get_started/billing.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:c8f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d8901aa714a1f0f38642694c3a4cefdd299d4e952c94e299ddcc132c79e41be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://paypal-confirm-account-information.com.preview.services/Paypal90/get_started/billing.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 13 Oct 2020 04:17:34 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4680869
status
200
cf-request-id
05c1c6973d000005bf0b9e9200000001
expires
Fri, 20 Aug 2021 00:03:05 GMT
last-modified
Fri, 16 Feb 2018 07:55:48 GMT
server
cloudflare
etag
W/"130a-5654fac1da900-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602562654"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31536000
cf-ray
5e16406b9fc905bf-FRA
cf-bgj
minify
easypiechart.min.js
www.freehosting.com/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.freehosting.com/js/easypiechart.min.js
Requested by
Host: paypal-confirm-account-information.com.preview.services
URL: http://paypal-confirm-account-information.com.preview.services/Paypal90/get_started/billing.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:c8f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f73f452b5961dbe04bffdc40586dc8c689e172c2dcbfa90353d92acb7a08c444
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://paypal-confirm-account-information.com.preview.services/Paypal90/get_started/billing.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 13 Oct 2020 04:17:34 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1020669
status
200
cf-request-id
05c1c6973d000005bf0b9e6200000001
last-modified
Fri, 16 Feb 2018 07:55:48 GMT
server
cloudflare
etag
W/"f96-5654fac1da900-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602562654"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31536000
cf-ray
5e16406b9fc505bf-FRA
expires
Fri, 01 Oct 2021 08:46:25 GMT
smooth-scroll.min.js
www.freehosting.com/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.freehosting.com/js/smooth-scroll.min.js
Requested by
Host: paypal-confirm-account-information.com.preview.services
URL: http://paypal-confirm-account-information.com.preview.services/Paypal90/get_started/billing.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:c8f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8daef829c397c41e42a1f9faffc25aa4834334e5305805419933a1b44b6c1e30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://paypal-confirm-account-information.com.preview.services/Paypal90/get_started/billing.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 13 Oct 2020 04:17:34 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2934532
status
200
cf-request-id
05c1c6973d000005bf0b9ea200000001
last-modified
Fri, 16 Feb 2018 07:55:48 GMT
server
cloudflare
etag
W/"1776-5654fac1da900-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602562654"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31536000
cf-ray
5e16406b9fca05bf-FRA
expires
Thu, 09 Sep 2021 05:08:42 GMT
scripts.js
www.freehosting.com/js/ 		65 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.freehosting.com/js/scripts.js
Requested by
Host: paypal-confirm-account-information.com.preview.services
URL: http://paypal-confirm-account-information.com.preview.services/Paypal90/get_started/billing.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:c8f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf9d93f623f820aacebb7425ccef8ab9826df3b2e80cd9cf99e17c42fcef0e8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://paypal-confirm-account-information.com.preview.services/Paypal90/get_started/billing.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 13 Oct 2020 04:17:34 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2934532
cf-polished
origSize=113191
status
200
cf-request-id
05c1c6973d000005bf0b9e8200000001
expires
Thu, 09 Sep 2021 05:08:42 GMT
last-modified
Fri, 16 Feb 2018 07:55:48 GMT
server
cloudflare
etag
W/"1ba27-5654fac1da900-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602562654"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31536000
cf-ray
5e16406b9fc705bf-FRA
cf-bgj
minify
iconsmind.woff
www.freehosting.com/fonts/ 		1 MB
1 MB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.freehosting.com/fonts/iconsmind.woff
Requested by
Host: www.freehosting.com
URL: https://www.freehosting.com/css/iconsmind.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:c8f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55167ff2dba40b2eb3734d4653b6a3b25a33094cfce64ffb09a23205f33777f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Origin
http://paypal-confirm-account-information.com.preview.services
Referer
https://www.freehosting.com/css/iconsmind.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 13 Oct 2020 04:17:34 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
status
200
strict-transport-security
max-age=31536000
content-length
1177484
cf-request-id
05c1c6977d0000dfef498dd200000001
last-modified
Fri, 16 Feb 2018 07:55:48 GMT
server
cloudflare
etag
"11f78c-5654fac1da900"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602562654"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
5e16406bfcd7dfef-FRA
expires
Tue, 20 Oct 2020 04:17:34 GMT
mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://paypal-confirm-account-information.com.preview.services
Referer
https://fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 12 Oct 2020 09:05:24 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:16 GMT
server
sffe
age
69130
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9016
x-xss-protection
0
expires
Tue, 12 Oct 2021 09:05:24 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://paypal-confirm-account-information.com.preview.services
Referer
https://fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 12 Oct 2020 09:05:23 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:28 GMT
server
sffe
age
69131
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9132
x-xss-protection
0
expires
Tue, 12 Oct 2021 09:05:23 GMT
Primary Request clientarea.php
www.freehosting.com/client/
Redirect Chain
  • https://www.freehosting.com/client/logout.php
  • https://www.freehosting.com/client/index.php
  • https://www.freehosting.com/client/clientarea.php
10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.freehosting.com/client/clientarea.php
Requested by
Host: paypal-confirm-account-information.com.preview.services
URL: http://paypal-confirm-account-information.com.preview.services/Paypal90/get_started/billing.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:c8f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a95b037598abab961da05d916e756e3d093fe3e8dd38343aab0a8478b6e4174
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.freehosting.com
:scheme
https
:path
/client/clientarea.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
http://paypal-confirm-account-information.com.preview.services/Paypal90/get_started/billing.php
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=d7c816743a1bde65246c4a5208c80e7711602562684; WHMCSEtKrSd5FHLXJ=tjlrt3imr64dbt0qbcgb66u53k
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://paypal-confirm-account-information.com.preview.services/Paypal90/get_started/billing.php

Response headers

status
200
date
Tue, 13 Oct 2020 04:18:04 GMT
content-type
text/html; charset=utf-8
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
vary
Accept-Encoding
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000
cf-cache-status
DYNAMIC
cf-request-id
05c1c70dbc000005bf0b85e200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602562685"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
5e1641292dce05bf-FRA
content-encoding
br

Redirect headers

status
302
date
Tue, 13 Oct 2020 04:18:04 GMT
content-type
text/html; charset=utf-8
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
location
clientarea.php
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000
cf-cache-status
DYNAMIC
cf-request-id
05c1c70d42000005bf0b85a200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602562684"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
5e1641286c1005bf-FRA
css
fonts.googleapis.com/ 		10 KB
954 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600|Raleway:400,700
Requested by
Host: www.freehosting.com
URL: https://www.freehosting.com/client/clientarea.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
50f092948f063a6cc3f72a9b4d6e8317bcbab06626d9a4178131b0542241c39c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.freehosting.com/client/clientarea.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 13 Oct 2020 04:18:04 GMT
server
ESF
date
Tue, 13 Oct 2020 04:18:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 13 Oct 2020 04:18:04 GMT
all.min.css
www.freehosting.com/client/templates/six/css/ 		204 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.freehosting.com/client/templates/six/css/all.min.css?v=e404f2
Requested by
Host: www.freehosting.com
URL: https://www.freehosting.com/client/clientarea.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:c8f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f14fdcd160c47660b3893eba48b0c473189d8a62ea5aa15d10410dd147ef201d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.freehosting.com/client/clientarea.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 13 Oct 2020 04:18:04 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
10004969
status
200
cf-request-id
05c1c70e6e000005bf0b866200000001
last-modified
Mon, 11 Feb 2019 07:59:20 GMT
server
cloudflare
etag
W/"3310c-58199af9f8600-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602562685"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31536000
cf-ray
5e16412a481a05bf-FRA
expires
Sat, 19 Jun 2021 09:08:35 GMT
fontawesome-all.min.css
www.freehosting.com/client/assets/css/ 		59 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.freehosting.com/client/assets/css/fontawesome-all.min.css
Requested by
Host: www.freehosting.com
URL: https://www.freehosting.com/client/clientarea.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:c8f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d55e3385a8c2063d4b0f3a88c1acd01173f86009702067790613a08e55d7597f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.freehosting.com/client/clientarea.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 13 Oct 2020 04:18:04 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1024687
status
200
cf-request-id
05c1c70e6e000005bf0b867200000001
last-modified
Mon, 11 Feb 2019 07:59:20 GMT
server
cloudflare
etag
W/"ecca-58199af9f8600-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602562685"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31536000
cf-ray
5e16412a481c05bf-FRA
expires
Fri, 01 Oct 2021 07:39:57 GMT
custom.css
www.freehosting.com/client/templates/six/css/ 		0
170 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.freehosting.com/client/templates/six/css/custom.css
Requested by
Host: www.freehosting.com
URL: https://www.freehosting.com/client/clientarea.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:c8f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.freehosting.com/client/clientarea.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 13 Oct 2020 04:18:04 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3430934
cf-polished
origSize=214
status
200
strict-transport-security
max-age=31536000
content-length
0
x-xss-protection
1; mode=block
last-modified
Mon, 11 Feb 2019 07:59:20 GMT
server
cloudflare
etag
"d6-58199af9f8600-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602562685"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
expires
Fri, 03 Sep 2021 11:15:50 GMT
cache-control
max-age=31536000
cf-request-id
05c1c70e6e000005bf0b868200000001
accept-ranges
bytes
cf-ray
5e16412a481d05bf-FRA
cf-bgj
minify
scripts.js
www.freehosting.com/client/templates/six/js/ 		713 KB
173 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.freehosting.com/client/templates/six/js/scripts.js?v=e404f2
Requested by
Host: www.freehosting.com
URL: https://www.freehosting.com/client/clientarea.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:c8f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65d0ca1b20bffc80f35a215319dd610a6567e1b71d51cd057ce8543f7ec62d99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.freehosting.com/client/clientarea.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 13 Oct 2020 04:18:04 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1020691
cf-polished
origSize=1370387
status
200
cf-request-id
05c1c70e6e000005bf0b869200000001
expires
Fri, 01 Oct 2021 08:46:33 GMT
last-modified
Mon, 11 Feb 2019 07:59:20 GMT
server
cloudflare
etag
W/"14e913-58199af9f8600-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602562685"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31536000
cf-ray
5e16412a481e05bf-FRA
cf-bgj
minify
logo.png
www.freehosting.com/client/assets/img/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.freehosting.com/client/assets/img/logo.png
Requested by
Host: www.freehosting.com
URL: https://www.freehosting.com/client/clientarea.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:c8f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f0cdf40db89cfbb626230e1632ac32c74892b09903f6ecd5db65dc6f2bbc308
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.freehosting.com/client/clientarea.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 13 Oct 2020 04:18:04 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
460122
status
200
strict-transport-security
max-age=31536000
content-length
8701
cf-request-id
05c1c70e81000005bf0b86c200000001
last-modified
Fri, 27 Jul 2018 09:52:33 GMT
server
cloudflare
etag
"21fd-571f8121b5c03"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602562685"}],"group":"cf-nel","max_age":604800}
content-type
image/png
x-xss-protection
1; mode=block
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
5e16412a684205bf-FRA
expires
Fri, 06 Nov 2020 20:29:22 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.freehosting.com
URL: https://www.freehosting.com/client/clientarea.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.freehosting.com/client/clientarea.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Sep 2020 01:50:37 GMT
server
Golfe2
age
6842
date
Tue, 13 Oct 2020 02:24:02 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Tue, 13 Oct 2020 04:24:02 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600|Raleway:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.freehosting.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600|Raleway:400,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 12 Oct 2020 09:05:23 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:28 GMT
server
sffe
age
69161
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9132
x-xss-protection
0
expires
Tue, 12 Oct 2021 09:05:23 GMT
fa-solid-900.woff2
www.freehosting.com/client/assets/webfonts/ 		81 KB
81 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.freehosting.com/client/assets/webfonts/fa-solid-900.woff2
Requested by
Host: www.freehosting.com
URL: https://www.freehosting.com/client/assets/css/fontawesome-all.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:c8f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a007d9ddd44ab3e1dd643c487884c254d24fb30beeea1260eabe70153d018523
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Origin
https://www.freehosting.com
Referer
https://www.freehosting.com/client/assets/css/fontawesome-all.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 13 Oct 2020 04:18:04 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
407881
status
200
strict-transport-security
max-age=31536000
content-length
83144
cf-request-id
05c1c70ec4000005bf0b86f200000001
last-modified
Mon, 11 Feb 2019 07:59:20 GMT
server
cloudflare
etag
"144c8-58199af9f8600"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602562685"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
5e16412ad8b705bf-FRA
expires
Thu, 15 Oct 2020 11:00:03 GMT
1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
fonts.gstatic.com/s/raleway/v18/ 		41 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v18/1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600|Raleway:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb0c201f0ca67e745869967d48db2e90bf01353d1f305959d487291cab6d0755
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.freehosting.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600|Raleway:400,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 12 Oct 2020 09:05:29 GMT
x-content-type-options
nosniff
last-modified
Wed, 30 Sep 2020 20:45:21 GMT
server
sffe
age
69155
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42444
x-xss-protection
0
expires
Tue, 12 Oct 2021 09:05:29 GMT
mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600|Raleway:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.freehosting.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600|Raleway:400,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 12 Oct 2020 09:05:23 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:49 GMT
server
sffe
age
69161
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9180
x-xss-protection
0
expires
Tue, 12 Oct 2021 09:05:23 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=840936255&utmhn=www.freehosting.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=C...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-12514117-10&cid=444803375.1602562685&jid=1716019836&_v=5.7.2&z=840936255
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12514117-10&cid=444803375.1602562685&jid=1716019836&_v=5.7.2&z=840936255
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12514117-10&cid=444803375.1602562685&jid=1716019836&_v=5.7.2&z=840936255&slf_rd=1&random=1942896683
42 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12514117-10&cid=444803375.1602562685&jid=1716019836&_v=5.7.2&z=840936255&slf_rd=1&random=1942896683
Requested by
Host: www.freehosting.com
URL: https://www.freehosting.com/client/clientarea.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.freehosting.com/client/clientarea.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Oct 2020 04:18:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 13 Oct 2020 04:18:04 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12514117-10&cid=444803375.1602562685&jid=1716019836&_v=5.7.2&z=840936255&slf_rd=1&random=1942896683
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
device.js
device.maxmind.com/js/ 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://device.maxmind.com/js/device.js
Requested by
Host: www.freehosting.com
URL: https://www.freehosting.com/client/clientarea.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:262f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f61c3d8f833546e85ce68401f7dbd8d022e003907a11d1cfc1b53829c5c7d02

Request headers

Referer
https://www.freehosting.com/client/clientarea.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 13 Oct 2020 04:18:04 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 12 Oct 2020 16:50:13 GMT
server
cloudflare
age
40940
etag
W/"5f848945-3c9a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=43200
cf-ray
5e16412c4ea90eb3-FRA
cf-request-id
05c1c70fac00000eb33712a200000001
expires
Tue, 13 Oct 2020 16:18:04 GMT
ant_squire
d-ipv6.mmapiws.com/ 		95 B
453 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d-ipv6.mmapiws.com/ant_squire
Requested by
Host: device.maxmind.com
URL: https://device.maxmind.com/js/device.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c47193316e6e3d3262cec3c3dad3664311d51e03dda4479e8655ba2eee916dba

Request headers

Referer
https://www.freehosting.com/client/clientarea.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 13 Oct 2020 04:18:05 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cf-ray
5e16412e7cb32b71-FRA
cf-request-id
05c1c7110e00002b71b3aef200000001
ant_squire
d-ipv4.mmapiws.com/ 		93 B
455 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d-ipv4.mmapiws.com/ant_squire
Requested by
Host: device.maxmind.com
URL: https://device.maxmind.com/js/device.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.146.54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3c691d79063eabe99eb9fca5b084462de4f9302726073d449f6fcdf24505ed9

Request headers

Referer
https://www.freehosting.com/client/clientarea.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 13 Oct 2020 04:18:06 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cf-ray
5e164131eb641ffc-AMS
cf-request-id
05c1c7133000001ffcc10ce200000001

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes function| $ function| jQuery object| mr_parallax object| smoothScroll object| mr function| mrFormsCaptchaInit number| second number| timerFunc function| redirect

7 Cookies

Domain/Path Name / Value
.www.freehosting.com/ Name: __utmb
Value: 71999765.1.10.1602562685
.www.freehosting.com/ Name: __utmt
Value: 1
.www.freehosting.com/ Name: __utmz
Value: 71999765.1602562685.1.1.utmcsr=paypal-confirm-account-information.com.preview.services|utmccn=(referral)|utmcmd=referral|utmcct=/Paypal90/get_started/billing.php
.www.freehosting.com/ Name: __utma
Value: 71999765.444803375.1602562685.1602562685.1602562685.1
.www.freehosting.com/ Name: __utmc
Value: 71999765
www.freehosting.com/ Name: WHMCSEtKrSd5FHLXJ
Value: tjlrt3imr64dbt0qbcgb66u53k
.freehosting.com/ Name: __cfduid
Value: d7c816743a1bde65246c4a5208c80e7711602562684

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d-ipv4.mmapiws.com
d-ipv6.mmapiws.com
device.maxmind.com
fonts.googleapis.com
fonts.gstatic.com
paypal-confirm-account-information.com.preview.services
ssl.google-analytics.com
stats.g.doubleclick.net
www.freehosting.com
www.google.com
www.google.de
104.19.146.54
195.201.179.80
2606:4700:3032::ac43:c8f7
2606:4700::6810:262f
2606:4700::6812:1a12
2a00:1450:4001:802::2003
2a00:1450:4001:806::2008
2a00:1450:4001:816::2003
2a00:1450:4001:81b::200a
2a00:1450:4001:81c::2004
2a00:1450:400c:c00::9a
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1f0cdf40db89cfbb626230e1632ac32c74892b09903f6ecd5db65dc6f2bbc308
38391d0c01d7fee8c61a80c9b507ef05d0cb76876a42feebded8b06905015d13
3f61c3d8f833546e85ce68401f7dbd8d022e003907a11d1cfc1b53829c5c7d02
50f092948f063a6cc3f72a9b4d6e8317bcbab06626d9a4178131b0542241c39c
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
55167ff2dba40b2eb3734d4653b6a3b25a33094cfce64ffb09a23205f33777f7
580645620fd71893e8d59820a85e3c69bad36cc10db7a29e1967c7f745071f27
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
65d0ca1b20bffc80f35a215319dd610a6567e1b71d51cd057ce8543f7ec62d99
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8a95b037598abab961da05d916e756e3d093fe3e8dd38343aab0a8478b6e4174
8be5c6301da1b9998a2eda72be2f3fa24ae903241e176be45031da127cb7f4ac
8d8901aa714a1f0f38642694c3a4cefdd299d4e952c94e299ddcc132c79e41be
8daef829c397c41e42a1f9faffc25aa4834334e5305805419933a1b44b6c1e30
8ea95775ae841839f16037b1068f6da01f83363ce0590e42398eee29b39f62b3
a007d9ddd44ab3e1dd643c487884c254d24fb30beeea1260eabe70153d018523
a794b06d853fa232b1db1713f3a141d725a54386595f80e4e80a654a3e77cf7b
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
bb0c201f0ca67e745869967d48db2e90bf01353d1f305959d487291cab6d0755
c3c691d79063eabe99eb9fca5b084462de4f9302726073d449f6fcdf24505ed9
c47193316e6e3d3262cec3c3dad3664311d51e03dda4479e8655ba2eee916dba
cf9d93f623f820aacebb7425ccef8ab9826df3b2e80cd9cf99e17c42fcef0e8a
d55e3385a8c2063d4b0f3a88c1acd01173f86009702067790613a08e55d7597f
dc3e1c7f25f8898edf9bba53c1cf0730271371e373bdd4dad4535cecedf85ba3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f14fdcd160c47660b3893eba48b0c473189d8a62ea5aa15d10410dd147ef201d
f73f452b5961dbe04bffdc40586dc8c689e172c2dcbfa90353d92acb7a08c444