URL: https://freetime.click/
Submission: On November 03 via manual from TN — Scanned from FR

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 53 HTTP transactions. The main IP is 193.70.39.206, located in France and belongs to OVH, FR. The main domain is freetime.click.
TLS certificate: Issued by R3 on October 14th 2023. Valid for: 3 months.
This is the only time freetime.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
32 freetime.click
freetime.click
2 MB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
225 KB
5 gstatic.com
fonts.gstatic.com
61 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
2 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
5 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 cloudinary.com
res.cloudinary.com — Cisco Umbrella Rank: 2450
780 B
53 7
Domain Requested by
32 freetime.click freetime.click
6 pagead2.googlesyndication.com freetime.click
pagead2.googlesyndication.com
tpc.googlesyndication.com
5 fonts.gstatic.com fonts.googleapis.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 fonts.googleapis.com freetime.click
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 www.google.com tpc.googlesyndication.com
1 res.cloudinary.com freetime.click
53 8

This site contains links to these domains. Also see Links.

Domain
play.google.com
www.facebook.com
Subject Issuer Validity Valid
freetime.click
R3
2023-10-14 -
2024-01-12
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-10-16 -
2024-01-08
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-10-16 -
2024-01-08
3 months crt.sh
*.cloudinary.com
Go Daddy Secure Certificate Authority - G2
2022-12-05 -
2023-12-30
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-10-16 -
2024-01-08
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-10-16 -
2024-01-08
3 months crt.sh
www.google.com
GTS CA 1C3
2023-10-16 -
2024-01-08
3 months crt.sh

This page contains 5 frames:

Primary Page: https://freetime.click/
Frame ID: A48BA87928B96557E29203C122204BF7
Requests: 46 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/zrt_lookup_fy2021.html?hello=world
Frame ID: F327E6B41E16116F346B656EB617FED1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2607324491497543&output=html&adk=1812271804&adf=3025194257&lmt=1699038025&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ffreetime.click%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699038025431&bpp=6&bdt=234&idt=313&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4807129713916&frm=20&pv=2&ga_vid=1793498884.1699038026&ga_sid=1699038026&ga_hid=179959379&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079190%2C31079232%2C44785293%2C44804684%2C44807047%2C44807334%2C44807455%2C31078297%2C44807754&oid=2&pvsid=2434936549727824&tmod=962307623&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=351
Frame ID: 21F8924F59E8E89A020421380D0A098D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C4E3E20F3AAA4750C6E09740CB9C1F2A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DD8F9C8851D451C32C808582242DFED4
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

FreeTime

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

53
Requests

100 %
HTTPS

88 %
IPv6

7
Domains

8
Subdomains

8
IPs

2
Countries

2007 kB
Transfer

2613 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

53 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
freetime.click/
11 KB
3 KB
Document
General
Full URL
https://freetime.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.70.39.206 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ae56ed72.vps.ovh.net
Software
LiteSpeed /
Resource Hash
18c6623187882c58a279364cd291a5fe63b7c5768cdeaec7f7e07977fb57d38e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
gzip
content-length
3246
content-type
text/html; charset=UTF-8
date
Fri, 03 Nov 2023 19:00:25 GMT
server
LiteSpeed
vary
Accept-Encoding
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
147 KB
51 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2607324491497543
Requested by
Host: freetime.click
URL: https://freetime.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0a9ecaf4d31f9040181559ce93cb019e4b5b8436e414335f6ba25564fccb363a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://freetime.click/
Origin
https://freetime.click
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 19:00:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51882
x-xss-protection
0
server
cafe
etag
165463018358467760
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 03 Nov 2023 19:00:25 GMT
css2
fonts.googleapis.com/
7 KB
991 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700;800&display=swap
Requested by
Host: freetime.click
URL: https://freetime.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
83ac7e6ff86bc619881d5afba113b6cc42c02d52987e8d4c6bc6d4fb07ab018a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://freetime.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 03 Nov 2023 19:00:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 03 Nov 2023 18:40:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 03 Nov 2023 19:00:25 GMT
bootstrap.min.css
freetime.click/css/
157 KB
21 KB
Stylesheet
General
Full URL
https://freetime.click/css/bootstrap.min.css
Requested by
Host: freetime.click
URL: https://freetime.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.70.39.206 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ae56ed72.vps.ovh.net
Software
LiteSpeed /
Resource Hash
9f3b0d48e1d4e84a3bfc7a70aa59118d24e66af18ffa5e023c7d49688a7af724

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://freetime.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 19:00:25 GMT
content-encoding
br
last-modified
Wed, 20 Sep 2023 12:31:26 GMT
server
LiteSpeed
etag
"27293-650ae61e-17eb10;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
20916
expires
Fri, 10 Nov 2023 19:00:25 GMT
style.css
freetime.click/css/
44 KB
11 KB
Stylesheet
General
Full URL
https://freetime.click/css/style.css
Requested by
Host: freetime.click
URL: https://freetime.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.70.39.206 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ae56ed72.vps.ovh.net
Software
LiteSpeed /
Resource Hash
a9f063f888ca5c289fe648db8f2b9d2014fbd13d56aaef0d976a886b2c19c844

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://freetime.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 19:00:25 GMT
content-encoding
br
last-modified
Wed, 20 Sep 2023 12:31:26 GMT
server
LiteSpeed
etag
"ae76-650ae61e-17eb11;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
11489
expires
Fri, 10 Nov 2023 19:00:25 GMT
jquery.min.js
freetime.click/ajax.googleapis.com/ajax/libs/jquery/1.7.1/
0
0
Script
General
Full URL
https://freetime.click/ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
Requested by
Host: freetime.click
URL: https://freetime.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.70.39.206 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ae56ed72.vps.ovh.net
Software
LiteSpeed /
Resource Hash

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://freetime.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 19:00:25 GMT
content-encoding
gzip
server
LiteSpeed
vary
Accept-Encoding
content-type
text/html
cache-control
private, no-cache, max-age=0
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
time.png
freetime.click/img/
41 KB
41 KB
Image
General
Full URL
https://freetime.click/img/time.png
Requested by
Host: freetime.click
URL: https://freetime.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.70.39.206 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ae56ed72.vps.ovh.net
Software
LiteSpeed /
Resource Hash
b860963f770d9f89b000c287003b46ef27866dc5a2e0ad1a86de676466891dc7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://freetime.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 19:00:25 GMT
last-modified
Wed, 20 Sep 2023 12:31:26 GMT
server
LiteSpeed
etag
"a416-650ae61e-17eb33;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
42006
expires
Fri, 10 Nov 2023 19:00:25 GMT
appstore.png
freetime.click/img/
3 KB
3 KB
Image
General
Full URL
https://freetime.click/img/appstore.png
Requested by
Host: freetime.click
URL: https://freetime.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.70.39.206 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ae56ed72.vps.ovh.net
Software
LiteSpeed /
Resource Hash
568b3da6cb2e75916a89b617fb172effabb2f42ad3c908a8e40656e24bcfa78e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://freetime.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 19:00:25 GMT
last-modified
Wed, 20 Sep 2023 12:31:26 GMT
server
LiteSpeed
etag
"ce3-650ae61e-17eb13;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
3299
expires
Fri, 10 Nov 2023 19:00:25 GMT
google_play.png
freetime.click/img/
4 KB
4 KB
Image
General
Full URL
https://freetime.click/img/google_play.png
Requested by
Host: freetime.click
URL: https://freetime.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.70.39.206 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ae56ed72.vps.ovh.net
Software
LiteSpeed /
Resource Hash
aff3cc08d0af1d6bb1312efd2aa636f3d9eccde087e181ff4b1c73024bde010a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://freetime.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 19:00:25 GMT
last-modified
Wed, 20 Sep 2023 12:31:26 GMT
server
LiteSpeed
etag
"10cc-650ae61e-17eb28;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
4300
expires
Fri, 10 Nov 2023 19:00:25 GMT
click_tracking.js
freetime.click/
888 B
468 B
Script
General
Full URL
https://freetime.click/click_tracking.js
Requested by
Host: freetime.click
URL: https://freetime.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.70.39.206 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ae56ed72.vps.ovh.net
Software
LiteSpeed /
Resource Hash
10345f0f5df2344de16a36e855396df55bfc4a4b03c32f8072c570a26ca9b72b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://freetime.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 19:00:25 GMT
content-encoding
br
last-modified
Wed, 20 Sep 2023 13:38:06 GMT
server
LiteSpeed
etag
"378-650af5be-14c867;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
359
expires
Fri, 10 Nov 2023 19:00:25 GMT
banner-img.png
freetime.click/img/
421 KB
421 KB
Image
General
Full URL
https://freetime.click/img/banner-img.png
Requested by
Host: freetime.click
URL: https://freetime.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.70.39.206 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ae56ed72.vps.ovh.net
Software
LiteSpeed /
Resource Hash
ecad93aeaf58be3206b23dbca72bd881a7b2534589650193c55bd992028f4432

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://freetime.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 19:00:25 GMT
last-modified
Wed, 20 Sep 2023 12:31:26 GMT
server
LiteSpeed
etag
"6940b-650ae61e-17eb1a;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
431115
expires
Fri, 10 Nov 2023 19:00:25 GMT
our-mission.png
freetime.click/img/
109 KB
109 KB
Image
General
Full URL
https://freetime.click/img/our-mission.png
Requested by
Host: freetime.click
URL: https://freetime.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.70.39.206 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ae56ed72.vps.ovh.net
Software
LiteSpeed /
Resource Hash
44e967664d6a1725abaf2ba24e11eafb37903c93db8997d4df2927b86eed541b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://freetime.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 19:00:25 GMT
last-modified
Wed, 20 Sep 2023 12:31:26 GMT
server
LiteSpeed
etag
"1b4e1-650ae61e-17eb2e;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
111841
expires
Fri, 10 Nov 2023 19:00:25 GMT
surge-free.png
freetime.click/img/
4 KB
4 KB
Image
General
Full URL
https://freetime.click/img/surge-free.png
Requested by
Host: freetime.click
URL: https://freetime.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.70.39.206 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ae56ed72.vps.ovh.net
Software
LiteSpeed /
Resource Hash
ac5c5d049816bc730347ee583cb4794f2bd550128c76b67dbeca10499f2e918b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://freetime.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 19:00:25 GMT
last-modified
Wed, 20 Sep 2023 12:31:26 GMT
server
LiteSpeed
etag
"ea1-650ae61e-17eb31;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
3745
expires
Fri, 10 Nov 2023 19:00:25 GMT
book-now-latter.png
freetime.click/img/
3 KB
3 KB
Image
General
Full URL
https://freetime.click/img/book-now-latter.png
Requested by
Host: freetime.click
URL: https://freetime.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.70.39.206 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ae56ed72.vps.ovh.net
Software
LiteSpeed /
Resource Hash
0e345f75d561b8d681ecb52b91ef484587a00aab66b9a256d8a8566eeb52ada2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://freetime.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 19:00:25 GMT
last-modified
Wed, 20 Sep 2023 12:31:26 GMT
server
LiteSpeed
etag
"b15-650ae61e-17eb1d;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
2837
expires
Fri, 10 Nov 2023 19:00:25 GMT
cashless.png
freetime.click/img/
5 KB
5 KB
Image
General
Full URL
https://freetime.click/img/cashless.png
Requested by
Host: freetime.click
URL: https://freetime.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.70.39.206 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ae56ed72.vps.ovh.net
Software
LiteSpeed /
Resource Hash
abba194812943ec3a127cdc4e99aef96285a52ed2b6f9f9af633497b63116ebd

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://freetime.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 19:00:25 GMT
last-modified
Wed, 20 Sep 2023 12:31:26 GMT
server
LiteSpeed
etag
"1274-650ae61e-17eb1f;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
4724
expires
Fri, 10 Nov 2023 19:00:25 GMT
how-it-icon.png
freetime.click/img/
3 KB
3 KB
Image
General
Full URL
https://freetime.click/img/how-it-icon.png
Requested by
Host: freetime.click
URL: https://freetime.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.70.39.206 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ae56ed72.vps.ovh.net
Software
LiteSpeed /
Resource Hash
1042b6dbf00a36a31ef3bb9c1e20e5e2dcfbba3e595bb7f65ba0a31ca9164ebb

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://freetime.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 19:00:25 GMT
last-modified
Wed, 20 Sep 2023 12:31:26 GMT
server
LiteSpeed
etag
"ab9-650ae61e-17eb2a;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
2745
expires
Fri, 10 Nov 2023 19:00:25 GMT
get_driver.png
freetime.click/img/
1 KB
1 KB
Image
General
Full URL
https://freetime.click/img/get_driver.png
Requested by
Host: freetime.click
URL: https://freetime.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.70.39.206 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ae56ed72.vps.ovh.net
Software
LiteSpeed /
Resource Hash
05961c0e78e8906c35f9671fd73ae5fb5e6e053ec13c805e7820434418772723

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://freetime.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 19:00:25 GMT
last-modified
Wed, 20 Sep 2023 12:31:26 GMT
server
LiteSpeed
etag
"4af-650ae61e-17eb27;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
1199
expires
Fri, 10 Nov 2023 19:00:25 GMT
track_driver.png
freetime.click/img/
1 KB
1 KB
Image
General
Full URL
https://freetime.click/img/track_driver.png
Requested by
Host: freetime.click
URL: https://freetime.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.70.39.206 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ae56ed72.vps.ovh.net
Software
LiteSpeed /
Resource Hash
4842d8c67d9d20344a783940236d352701f154ae9a9c22dfbe5fb1bccd13c160

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://freetime.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 19:00:25 GMT
last-modified
Wed, 20 Sep 2023 12:31:26 GMT
server
LiteSpeed
etag
"583-650ae61e-17eb34;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
1411
expires
Fri, 10 Nov 2023 19:00:25 GMT
arrive_safely.png
freetime.click/img/
1 KB
2 KB
Image
General
Full URL
https://freetime.click/img/arrive_safely.png
Requested by
Host: freetime.click
URL: https://freetime.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.70.39.206 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ae56ed72.vps.ovh.net
Software
LiteSpeed /
Resource Hash
b1b70b4fb6701b66cb36027814d15dee18320399a36abd97b108aaaa815f055b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://freetime.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 19:00:25 GMT
last-modified
Wed, 20 Sep 2023 12:31:26 GMT
server
LiteSpeed
etag
"5ef-650ae61e-17eb15;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
1519
expires
Fri, 10 Nov 2023 19:00:25 GMT
clean_car.png
freetime.click/img/
765 B
829 B
Image
General
Full URL
https://freetime.click/img/clean_car.png
Requested by
Host: freetime.click
URL: https://freetime.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.70.39.206 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ae56ed72.vps.ovh.net
Software
LiteSpeed /
Resource Hash
b6d1d79825448c3a78d40af364baa0e12ff5ece5656e03cea239c521dbf721c9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://freetime.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 19:00:25 GMT
last-modified
Wed, 20 Sep 2023 12:31:26 GMT
server
LiteSpeed
etag
"2fd-650ae61e-17eb20;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
765
expires
Fri, 10 Nov 2023 19:00:25 GMT
transp_billing.png
freetime.click/img/
431 B
495 B
Image
General
Full URL
https://freetime.click/img/transp_billing.png
Requested by
Host: freetime.click
URL: https://freetime.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.70.39.206 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ae56ed72.vps.ovh.net
Software
LiteSpeed /
Resource Hash
2073d0ae061cc163f6870ab12d5362a49d182f39c79e123e13ad9f20d83a71d7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://freetime.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 19:00:25 GMT
last-modified
Wed, 20 Sep 2023 12:31:26 GMT
server
LiteSpeed
etag
"1af-650ae61e-17eb35;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
431
expires
Fri, 10 Nov 2023 19:00:25 GMT
rerliable_service.png
freetime.click/img/
848 B
912 B
Image
General
Full URL
https://freetime.click/img/rerliable_service.png
Requested by
Host: freetime.click
URL: https://freetime.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.70.39.206 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ae56ed72.vps.ovh.net
Software
LiteSpeed /
Resource Hash
8233718d28c0f1a7c0d52605b119687fbfbcbe33fb19e50701e2b74a105027ff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://freetime.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 19:00:25 GMT
last-modified
Wed, 20 Sep 2023 12:31:26 GMT
server
LiteSpeed
etag
"350-650ae61e-17eb30;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
848
expires
Fri, 10 Nov 2023 19:00:25 GMT
courteous_drivers.png
freetime.click/img/
738 B
802 B
Image
General
Full URL
https://freetime.click/img/courteous_drivers.png
Requested by
Host: freetime.click
URL: https://freetime.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.70.39.206 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ae56ed72.vps.ovh.net
Software
LiteSpeed /
Resource Hash
e1ae3df989d66d936df2fcfca115ff96965b5c2d3aefb9b1b7f52b32a553a072

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://freetime.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 19:00:25 GMT
last-modified
Wed, 20 Sep 2023 12:31:26 GMT
server
LiteSpeed
etag
"2e2-650ae61e-17eb21;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
738
expires
Fri, 10 Nov 2023 19:00:25 GMT
get-mobile-rg.png
freetime.click/img/
647 KB
647 KB
Image
General
Full URL
https://freetime.click/img/get-mobile-rg.png
Requested by
Host: freetime.click
URL: https://freetime.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.70.39.206 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ae56ed72.vps.ovh.net
Software
LiteSpeed /
Resource Hash
353b2018e6a7ef23570e6a38db7b88cb491ea311eb746b89766dc06fae3169c1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://freetime.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 19:00:25 GMT
last-modified
Wed, 20 Sep 2023 12:31:26 GMT
server
LiteSpeed
etag
"a1b5b-650ae61e-17eb26;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
662363
expires
Fri, 10 Nov 2023 19:00:25 GMT
fb_footer.png
freetime.click/img/
568 B
632 B
Image
General
Full URL
https://freetime.click/img/fb_footer.png
Requested by
Host: freetime.click
URL: https://freetime.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.70.39.206 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ae56ed72.vps.ovh.net
Software
LiteSpeed /
Resource Hash
6a9061232feef74a00bd68f8ad02535ed4348934f95fa7d490ee7cb30cbe6a85

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://freetime.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 19:00:25 GMT
last-modified
Wed, 20 Sep 2023 12:31:26 GMT
server
LiteSpeed
etag
"238-650ae61e-17eb23;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
568
expires
Fri, 10 Nov 2023 19:00:25 GMT
g%2b_footer.png
freetime.click/img/
612 B
675 B
Image
General
Full URL
https://freetime.click/img/g%2b_footer.png
Requested by
Host: freetime.click
URL: https://freetime.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.70.39.206 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ae56ed72.vps.ovh.net
Software
LiteSpeed /
Resource Hash
806a91666cdafb4dd3f7c2b32dc86143e7d0eda778ae72e8d187c8655df57868

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://freetime.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 19:00:25 GMT
last-modified
Wed, 20 Sep 2023 12:31:26 GMT
server
LiteSpeed
etag
"264-650ae61e-17eb25;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
612
expires
Fri, 10 Nov 2023 19:00:25 GMT
appstore_footer.png
freetime.click/img/
3 KB
3 KB
Image
General
Full URL
https://freetime.click/img/appstore_footer.png
Requested by
Host: freetime.click
URL: https://freetime.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.70.39.206 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ae56ed72.vps.ovh.net
Software
LiteSpeed /
Resource Hash
e26a161552c0354f885caa6d79d2af584917c7d4e74b03dbf2b1c9ab313b37d2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://freetime.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 19:00:25 GMT
last-modified
Wed, 20 Sep 2023 12:31:26 GMT
server
LiteSpeed
etag
"ad0-650ae61e-17eb14;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
2768
expires
Fri, 10 Nov 2023 19:00:25 GMT
google_play_footer.png
freetime.click/img/
4 KB
4 KB
Image
General
Full URL
https://freetime.click/img/google_play_footer.png
Requested by
Host: freetime.click
URL: https://freetime.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.70.39.206 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ae56ed72.vps.ovh.net
Software
LiteSpeed /
Resource Hash
dce650f5b8ae94a259ea52c47d686c8fd429dfa3b5417ded3892b2c342f75915

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://freetime.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 19:00:25 GMT
last-modified
Wed, 20 Sep 2023 12:31:26 GMT
server
LiteSpeed
etag
"e07-650ae61e-17eb29;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
3591
expires
Fri, 10 Nov 2023 19:00:25 GMT
call.png
freetime.click/img/
354 B
418 B
Image
General
Full URL
https://freetime.click/img/call.png
Requested by
Host: freetime.click
URL: https://freetime.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.70.39.206 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ae56ed72.vps.ovh.net
Software
LiteSpeed /
Resource Hash
e249c99b1ba71f1fc4ae9f2dcc75ab81819444e4b0418ec695a66ebed7c1e14c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://freetime.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 19:00:25 GMT
last-modified
Wed, 20 Sep 2023 12:31:26 GMT
server
LiteSpeed
etag
"162-650ae61e-17eb1e;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
354
expires
Fri, 10 Nov 2023 19:00:25 GMT
mail.png
freetime.click/img/
394 B
458 B
Image
General
Full URL
https://freetime.click/img/mail.png
Requested by
Host: freetime.click
URL: https://freetime.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.70.39.206 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ae56ed72.vps.ovh.net
Software
LiteSpeed /
Resource Hash
75a5c42ed10a29038980d530c50ee103744b84f2781793989ec8d28790c7ce2c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://freetime.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 19:00:25 GMT
last-modified
Wed, 20 Sep 2023 12:31:26 GMT
server
LiteSpeed
etag
"18a-650ae61e-17eb2c;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
394
expires
Fri, 10 Nov 2023 19:00:25 GMT
css2
fonts.googleapis.com/
13 KB
796 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Mulish:wght@200;300;400;500;600;700;800;900&amp;display=swap
Requested by
Host: freetime.click
URL: https://freetime.click/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b0c4498b6639140d97adfc3e509f405c26f029e5d4e1188f2a89558669d86e16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://freetime.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 03 Nov 2023 19:00:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 03 Nov 2023 17:08:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 03 Nov 2023 19:00:25 GMT
css2
fonts.googleapis.com/
6 KB
643 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700;800&amp;display=swap
Requested by
Host: freetime.click
URL: https://freetime.click/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c494110e91f6351efc802e75a08abd4ccfdaaae74a6bd1f7cee2b648f8d553d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://freetime.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 03 Nov 2023 19:00:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 03 Nov 2023 19:00:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 03 Nov 2023 19:00:25 GMT
banner-bg.png
freetime.click/img/
410 KB
411 KB
Image
General
Full URL
https://freetime.click/img/banner-bg.png
Requested by
Host: freetime.click
URL: https://freetime.click/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
193.70.39.206 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ae56ed72.vps.ovh.net
Software
LiteSpeed /
Resource Hash
3c83f17259b164a84b3062a203dddcc06e51067daadaaac86bf6398dcf2d7113

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://freetime.click/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 19:00:25 GMT
last-modified
Wed, 20 Sep 2023 12:31:26 GMT
server
LiteSpeed
etag
"66971-650ae61e-17eb18;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
420209
expires
Fri, 10 Nov 2023 19:00:25 GMT
banner-top-bg.png
freetime.click/img/
5 KB
5 KB
Image
General
Full URL
https://freetime.click/img/banner-top-bg.png
Requested by
Host: freetime.click
URL: https://freetime.click/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
193.70.39.206 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ae56ed72.vps.ovh.net
Software
LiteSpeed /
Resource Hash
8c791d6bdbfd59afde13dec2a888002d7ef32c33a238467e47e2f9ddb38be739

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://freetime.click/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 19:00:25 GMT
last-modified
Wed, 20 Sep 2023 12:31:26 GMT
server
LiteSpeed
etag
"133b-650ae61e-17eb1c;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
4923
expires
Fri, 10 Nov 2023 19:00:25 GMT
arrow_1.png
freetime.click/img/
2 KB
2 KB
Image
General
Full URL
https://freetime.click/img/arrow_1.png
Requested by
Host: freetime.click
URL: https://freetime.click/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
193.70.39.206 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ae56ed72.vps.ovh.net
Software
LiteSpeed /
Resource Hash
7ca724417eaefdd845394567283ec7f3c34c775daf63a91987612c4ecbb2160c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://freetime.click/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 19:00:25 GMT
last-modified
Wed, 20 Sep 2023 12:31:26 GMT
server
LiteSpeed
etag
"8e0-650ae61e-17eb16;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
2272
expires
Fri, 10 Nov 2023 19:00:25 GMT
arrow_2.png
freetime.click/img/
2 KB
2 KB
Image
General
Full URL
https://freetime.click/img/arrow_2.png
Requested by
Host: freetime.click
URL: https://freetime.click/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
193.70.39.206 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ae56ed72.vps.ovh.net
Software
LiteSpeed /
Resource Hash
16039882482168bc4ac6af9cea52a7047aa32ee1abc08d9b10d10280ee3309d4

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://freetime.click/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 19:00:25 GMT
last-modified
Wed, 20 Sep 2023 12:31:26 GMT
server
LiteSpeed
etag
"8d9-650ae61e-17eb17;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
2265
expires
Fri, 10 Nov 2023 19:00:25 GMT
cd-top-arrow.svg
res.cloudinary.com/dxfq3iotg/image/upload/v1571057658/
562 B
780 B
Image
General
Full URL
https://res.cloudinary.com/dxfq3iotg/image/upload/v1571057658/cd-top-arrow.svg
Requested by
Host: freetime.click
URL: https://freetime.click/css/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:7100:885::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
3d1aa143071e7a7c055e6cc817b05f9f3732febf298008634da840bd3318f552
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://freetime.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 19:00:25 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=604800
content-disposition
attachment; filename="cd-top-arrow.svg"
server-timing
cld-akam;dur=190;cpu=30;start=2023-11-03T19:00:25.485Z;desc=hit,rtt;dur=26
content-length
335
last-modified
Mon, 14 Oct 2019 12:54:20 GMT
server
Cloudinary
etag
W/"e8ffcff1b2d29a2d6209835f6254dbde"
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://freetime.click
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 19:33:17 GMT
x-content-type-options
nosniff
age
602828
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Oct 2024 19:33:17 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://freetime.click
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 17:18:52 GMT
x-content-type-options
nosniff
age
6093
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Nov 2024 17:18:52 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://freetime.click
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 00:14:41 GMT
x-content-type-options
nosniff
age
499544
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8000
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:59:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 28 Oct 2024 00:14:41 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://freetime.click
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 05:30:43 GMT
x-content-type-options
nosniff
age
566982
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:21:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Oct 2024 05:30:43 GMT
1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/
29 KB
30 KB
Font
General
Full URL
https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Mulish:wght@200;300;400;500;600;700;800;900&amp;display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://freetime.click
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 18:52:38 GMT
x-content-type-options
nosniff
age
86867
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30096
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:18:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Nov 2024 18:52:38 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/
399 KB
135 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2607324491497543&plah=freetime.click
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2607324491497543
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e94dcf0fddda753c99a375aefa005f52a9a479386c737f9265e47c7d0c1225a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://freetime.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 19:00:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138245
x-xss-protection
0
server
cafe
etag
3435652139870269964
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 03 Nov 2023 19:00:25 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/ Frame F327
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/zrt_lookup_fy2021.html?hello=world
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2607324491497543
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://freetime.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
79600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4118
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 02 Nov 2023 20:53:45 GMT
etag
16674218716276178799
expires
Thu, 16 Nov 2023 20:53:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 21F8
603 B
245 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2607324491497543&output=html&adk=1812271804&adf=3025194257&lmt=1699038025&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ffreetime.click%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699038025431&bpp=6&bdt=234&idt=313&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4807129713916&frm=20&pv=2&ga_vid=1793498884.1699038026&ga_sid=1699038026&ga_hid=179959379&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079190%2C31079232%2C44785293%2C44804684%2C44807047%2C44807334%2C44807455%2C31078297%2C44807754&oid=2&pvsid=2434936549727824&tmod=962307623&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=351
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2607324491497543&plah=freetime.click
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://freetime.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 19:00:25 GMT
expires
Fri, 03 Nov 2023 19:00:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231101&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2607324491497543&plah=freetime.click
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
80d12d271d6f9dc58e0de807eb1d31f1380a2ba2dd1cfad1359ce4aac41c55d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://freetime.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 19:00:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12344
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2607324491497543&plah=freetime.click
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://freetime.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 19:00:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 03 Nov 2023 19:00:26 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C4E3
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://freetime.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
15137
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 14:48:09 GMT
expires
Sat, 02 Nov 2024 14:48:09 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame DD8F
829 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d642da7e712cb3f55721de93b135feebf24ead489dd67b22df0c54a156a64d5f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-HPDqwIFae_Xss1uBcfvfmQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://freetime.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-HPDqwIFae_Xss1uBcfvfmQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 19:00:26 GMT
expires
Fri, 03 Nov 2023 19:00:26 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame C4E3
38 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 14:48:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
15137
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Nov 2024 14:48:09 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame DD8F
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231101&jk=2434936549727824&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame C4E3
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?D2H2uA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 19:00:26 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231101&jk=2434936549727824&bg=!JiWlJWrNAAb4oU7C2KE7ADQBe5WfOBEl6ZJfIMkDqnUIQT3QqeOOQAKQa3oOeiIv1epJ_Nzp1DXCHNbhh5fcpfcdyILyAgAAAGNSAAAACWgBB5kC4a7xnaeeaIfOA2eYpQhHjRvUT1ynTs29Pcqmyh7qX_tlQBUOkI4Tr5p4ox8wIWOj8YsD1BYXpfU6yh92xeQt-z2Y6MLMyKMCtQ_pW-JSjfwcdHXJx3CiIg0pOn9zmtKTPMVw1N0j380AvzwJyA9KnKFx81XsOK3xN3HemX1grilQZCI2PYd3w-G6LFfbfpEZ46664zvwICGqEmXrY--PsmbfgK--DuvpbzSZzaOAvK56-RpE2VWMOB0zTB6kgCgRsc7-8prKxa-P8wOv_Hm17flJKIGY2bTiO1b34XTg-dv0BDVjCvisQwPQKhgrPV2kKrkUH2Zu9B3IboDfYu8_Z3Nt5nMXweYTkYTC4EI0MTeAgeHhAS3ce7uRjl0MZEbXqaykVocNdxm8ssgMBZCiZIZ7IcbO7PsUQpNXdDrifGrpoUMlmg-Zml5xDMvU_7Xdi-ikggs4nhJg5xdLrpkpmK7o6F6eZvLWNHI0Ft2eKQFATamdt4kFEuvIXZH1pxOaJVnQhZ0sw7ZEnG0-9EB1JorGM4LboWLJrf9YcMd_1aSAtlMbc3P1ebZzfzvNZF5AbZbC6CoiPej2XAqRmCYInWjL8TYJKazp8qrdxW-cNHS4qNwzRNLltSrmiBdugpgjIC9G5ulhHo0sB-SMFwcjhB8E1kvuAOpkiFDjjwybt_XwXesHdWYIT8FWRhpoSzst6mCS-AMsnytZll0vDeGLBVJe1vweS5jFK6o4IgoTvr0y9bPdk6N7xWxFAOwFRamR5CL8gV6LSSPysmP_vQwj15Ta7hVfnYrdpGG7T_cpbyy8Br93K3pBGmlNALyx1cJl3pQMGySkM6Bx2RvLau2sx9BAYjjDAZgGwqiWqyMIqN4IJraIt4_mf3ugjUyNPKdYiiRF07lNKoo7PCx1hlQJfRjvf10Mi4sLbLG7Fs7R73zVU9uT0vcow1wGKTVsjWR9tPTc8eZP-kr1ll7eV6CT4_xC
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://freetime.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| documentPictureInPicture object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

1 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

1 Console Messages

Source Level URL
Text
network error URL: https://freetime.click/ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
freetime.click
googleads.g.doubleclick.net
pagead2.googlesyndication.com
res.cloudinary.com
tpc.googlesyndication.com
www.google.com
193.70.39.206
2a00:1450:4001:801::2001
2a00:1450:4001:806::2002
2a00:1450:4001:810::2003
2a00:1450:4001:829::2004
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
2a02:26f0:7100:885::523
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
05961c0e78e8906c35f9671fd73ae5fb5e6e053ec13c805e7820434418772723
0a9ecaf4d31f9040181559ce93cb019e4b5b8436e414335f6ba25564fccb363a
0e345f75d561b8d681ecb52b91ef484587a00aab66b9a256d8a8566eeb52ada2
10345f0f5df2344de16a36e855396df55bfc4a4b03c32f8072c570a26ca9b72b
1042b6dbf00a36a31ef3bb9c1e20e5e2dcfbba3e595bb7f65ba0a31ca9164ebb
16039882482168bc4ac6af9cea52a7047aa32ee1abc08d9b10d10280ee3309d4
18c6623187882c58a279364cd291a5fe63b7c5768cdeaec7f7e07977fb57d38e
2073d0ae061cc163f6870ab12d5362a49d182f39c79e123e13ad9f20d83a71d7
353b2018e6a7ef23570e6a38db7b88cb491ea311eb746b89766dc06fae3169c1
3c83f17259b164a84b3062a203dddcc06e51067daadaaac86bf6398dcf2d7113
3d1aa143071e7a7c055e6cc817b05f9f3732febf298008634da840bd3318f552
44e967664d6a1725abaf2ba24e11eafb37903c93db8997d4df2927b86eed541b
4842d8c67d9d20344a783940236d352701f154ae9a9c22dfbe5fb1bccd13c160
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
568b3da6cb2e75916a89b617fb172effabb2f42ad3c908a8e40656e24bcfa78e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
6a9061232feef74a00bd68f8ad02535ed4348934f95fa7d490ee7cb30cbe6a85
75a5c42ed10a29038980d530c50ee103744b84f2781793989ec8d28790c7ce2c
7ca724417eaefdd845394567283ec7f3c34c775daf63a91987612c4ecbb2160c
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d
806a91666cdafb4dd3f7c2b32dc86143e7d0eda778ae72e8d187c8655df57868
80d12d271d6f9dc58e0de807eb1d31f1380a2ba2dd1cfad1359ce4aac41c55d2
8233718d28c0f1a7c0d52605b119687fbfbcbe33fb19e50701e2b74a105027ff
83ac7e6ff86bc619881d5afba113b6cc42c02d52987e8d4c6bc6d4fb07ab018a
8c791d6bdbfd59afde13dec2a888002d7ef32c33a238467e47e2f9ddb38be739
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9f3b0d48e1d4e84a3bfc7a70aa59118d24e66af18ffa5e023c7d49688a7af724
a9f063f888ca5c289fe648db8f2b9d2014fbd13d56aaef0d976a886b2c19c844
abba194812943ec3a127cdc4e99aef96285a52ed2b6f9f9af633497b63116ebd
ac5c5d049816bc730347ee583cb4794f2bd550128c76b67dbeca10499f2e918b
aff3cc08d0af1d6bb1312efd2aa636f3d9eccde087e181ff4b1c73024bde010a
b0c4498b6639140d97adfc3e509f405c26f029e5d4e1188f2a89558669d86e16
b1b70b4fb6701b66cb36027814d15dee18320399a36abd97b108aaaa815f055b
b6d1d79825448c3a78d40af364baa0e12ff5ece5656e03cea239c521dbf721c9
b860963f770d9f89b000c287003b46ef27866dc5a2e0ad1a86de676466891dc7
c494110e91f6351efc802e75a08abd4ccfdaaae74a6bd1f7cee2b648f8d553d6
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d642da7e712cb3f55721de93b135feebf24ead489dd67b22df0c54a156a64d5f
dce650f5b8ae94a259ea52c47d686c8fd429dfa3b5417ded3892b2c342f75915
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
e1ae3df989d66d936df2fcfca115ff96965b5c2d3aefb9b1b7f52b32a553a072
e249c99b1ba71f1fc4ae9f2dcc75ab81819444e4b0418ec695a66ebed7c1e14c
e26a161552c0354f885caa6d79d2af584917c7d4e74b03dbf2b1c9ab313b37d2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e94dcf0fddda753c99a375aefa005f52a9a479386c737f9265e47c7d0c1225a7
ecad93aeaf58be3206b23dbca72bd881a7b2534589650193c55bd992028f4432
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149