URL: https://freeutka.xyz/
Submission: On November 10 via api from US — Scanned from CA

Summary

This website contacted 9 IPs in 1 countries across 7 domains to perform 17 HTTP transactions. The main IP is 2606:4700:3031::ac43:c1ea, located in United States and belongs to CLOUDFLARENET, US. The main domain is freeutka.xyz.
TLS certificate: Issued by WE1 on November 3rd 2024. Valid for: 3 months.
This is the only time freeutka.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
5 freeutka.xyz
freeutka.xyz
2 MB
3 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 233245
ep2.adtrafficquality.google — Cisco Umbrella Rank: 204383
19 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 220
119 KB
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
197 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 3
1 workers.dev
api.desingfreeutka.workers.dev
634 B
17 7
Domain Requested by
5 freeutka.xyz freeutka.xyz
2 ep2.adtrafficquality.google pagead2.googlesyndication.com
ep2.adtrafficquality.google
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 cdnjs.cloudflare.com freeutka.xyz
cdnjs.cloudflare.com
2 pagead2.googlesyndication.com freeutka.xyz
pagead2.googlesyndication.com
1 www.google.com ep2.adtrafficquality.google
1 ep1.adtrafficquality.google pagead2.googlesyndication.com
1 api.desingfreeutka.workers.dev freeutka.xyz
17 8
Subject Issuer Validity Valid
freeutka.xyz
WE1
2024-11-03 -
2025-02-01
3 months crt.sh
*.g.doubleclick.net
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
cdnjs.cloudflare.com
WE1
2024-09-28 -
2024-12-27
3 months crt.sh
desingfreeutka.workers.dev
WE1
2024-10-24 -
2025-01-22
3 months crt.sh
adtrafficquality.google
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
*.google.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh

This page contains 5 frames:

Primary Page: https://freeutka.xyz/
Frame ID: 74554889ED38B7BE7B40519D31EB3873
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241106/r20190131/zrt_lookup_fy2021.html
Frame ID: 460B68ACB06F823A26EAF9F16EBDC823
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6821702018706373&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1731156260&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x1080_l%7C500x1080_r&format=0x0&url=https%3A%2F%2Ffreeutka.xyz%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aiapm=0.20295&aiapmi=0.24446&aiombap=1&aiopts=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1731233622707&bpp=4&bdt=346&idt=338&shv=r20241106&mjsv=m202410300101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=7796765206071&frm=20&pv=2&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31088716%2C31088724%2C95331833%2C95343682%2C95344189%2C95346759%2C31088653%2C95345966&oid=2&pvsid=3189377590233605&tmod=1067430421&uas=0&nvt=1&fsapi=1&fc=1920&brdim=900%2C900%2C900%2C900%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=366
Frame ID: D3FAFE06A3421CC08135632C435510E3
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: 26A352EC31D6CC4A84E98D1D5879E2C0
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C2D3EB7F51699DD9603F4CB45C3A8656
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

CloudQuack

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

17
Requests

94 %
HTTPS

100 %
IPv6

7
Domains

8
Subdomains

9
IPs

1
Countries

2387 kB
Transfer

2956 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
freeutka.xyz/
9 KB
4 KB
Document
General
Full URL
https://freeutka.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c1ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a52488e4e9af5bd68d76b9c43cd57e8b931813a26fcc94ac8bb4aa82307a91dd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
age
0
alt-svc
h3=":443"; ma=86400
cache-control
max-age=600
cf-cache-status
DYNAMIC
cf-ray
8e05457b5c4f18ea-EWR
content-encoding
zstd
content-type
text/html; charset=utf-8
date
Sun, 10 Nov 2024 10:13:42 GMT
expires
Sun, 10 Nov 2024 10:23:42 GMT
last-modified
Sat, 09 Nov 2024 12:44:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FULr0JRdTjOTFJGqAaplJ%2F6%2FiWbx3oEK%2BvduhxltmUfDQ67VwJM3C7vSIAfh4tP7Z1Y0NqTL264Zwx%2FPrDV8XZuA4%2FaFxrbsh%2F0taOTFT6arQruUd0xueENpfzI%2B2Rfb2H11Mfn8wcl6RGM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=39854&sent=12&recv=7&lost=0&retrans=0&sent_bytes=4165&recv_bytes=4289&delivery_rate=77921&cwnd=12000&unsent_bytes=0&cid=00b9f4009b603e27&ts=83&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-fastly-request-id
cccd2d2a72bda3917716cc099b6b4afea725344b
x-github-request-id
20F2:4F1F7:139607D:1640E54:67308756
x-proxy-cache
MISS
x-served-by
cache-lga21990-LGA
x-timer
S1731233622.310535,VS0,VE22
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
158 KB
53 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6821702018706373
Requested by
Host: freeutka.xyz
URL: https://freeutka.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
016d8129a8d3c1138b90b784bc45e407c78b7ce023a2aded678b6d8ea712fe1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://freeutka.xyz
Referer
https://freeutka.xyz/

Response headers

content-encoding
br
etag
15034816986050463482
x-content-type-options
nosniff
expires
Sun, 10 Nov 2024 10:13:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sun, 10 Nov 2024 10:13:42 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53891
x-xss-protection
0
server
cafe
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/
82 KB
15 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css
Requested by
Host: freeutka.xyz
URL: https://freeutka.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a361e7885c36bacb3fd9cb068da207c3b9329962cac022d06e28923939f575e8
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://freeutka.xyz/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"619c057b-3a02"
age
397704
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xevd3YdkSLtleVox2oJyuW0AAu4OAgWnlITlCMgvdqUaHaCOBwn540Id4fCk%2BLQUjKVlib7oYheCUxCOAaMxGSspG7g3%2BAmvvA4oP%2Bh0uIxvY5rbl5%2B0ngsNOojQZZ7cePOrQRw5NVQdLHJOc2UdodeQ"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Fri, 31 Oct 2025 10:13:42 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 10 Nov 2024 10:13:42 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 22 Nov 2021 21:02:51 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e05457cdf3f7cfa-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
14850
server
cloudflare
1.jpg
freeutka.xyz/
53 KB
54 KB
Image
General
Full URL
https://freeutka.xyz/1.jpg
Requested by
Host: freeutka.xyz
URL: https://freeutka.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c1ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b77ce0609dea11923851e2bb407865348257e7b0400755cc06cd0c04fc13c5f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://freeutka.xyz/

Response headers

x-fastly-request-id
7733b228ae23099c983a1eb978c7fe1a5b63f740
cf-cache-status
MISS
etag
"672f5924-d4ae"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IXip0OpI%2B2nCFJUs%2B1VLTJsTHm07OfWf00mnGbYVMJRgOOqfwm5jjwFDRAcdhukyh9H8rHM3A8aUeVH8moMhhzyFVFKTawOpkdqVKeYLLyDGAzYFk0d4BJk%2BpNfIo5IcKYUaEwWzRZk9FLQ%3D"}],"group":"cf-nel","max_age":604800}
x-github-request-id
4923:2DA996:13DBD9A:168357A:67308755
expires
Sun, 10 Nov 2024 10:23:42 GMT
x-proxy-cache
MISS
alt-svc
h3=":443"; ma=86400
x-cache
MISS
server-timing
cfL4;desc="?proto=QUIC&rtt=41369&sent=20&recv=15&lost=0&retrans=0&sent_bytes=8124&recv_bytes=5518&delivery_rate=100150&cwnd=12000&unsent_bytes=0&cid=00b9f4009b603e27&ts=175&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 10 Nov 2024 10:13:42 GMT
content-type
image/jpeg
last-modified
Sat, 09 Nov 2024 12:44:20 GMT
x-served-by
cache-lga21934-LGA
x-cache-hits
0
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer
S1731233622.407321,VS0,VE16
via
1.1 varnish
cf-ray
8e05457bfc7d18ea-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
54446
server
cloudflare
2.jpg
freeutka.xyz/
2 MB
2 MB
Image
General
Full URL
https://freeutka.xyz/2.jpg
Requested by
Host: freeutka.xyz
URL: https://freeutka.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c1ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7e3a7e370a264db3a0671b409d68559bd7b77b41ef97002063fb3b4c01b579d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://freeutka.xyz/

Response headers

x-fastly-request-id
257f2bbafd4b08e4b1a08535d314ab4849490779
cf-cache-status
MISS
etag
"672f5924-1db739"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y9NNwgDFpBWRbnjBc7pZmlprOF1bz0notfgthw%2BkkNwbDZux6jrdeFUNALA2nWDBFMozZEsZphxSMe2vuWXZlcNAhAhOWWQgok%2Bv6NoetG6a3hTgK5ui8cWqVVsJROQhIVHbFGUWFpJLuos%3D"}],"group":"cf-nel","max_age":604800}
x-github-request-id
3986:3AD24F:1427B1C:16CFD56:67308755
expires
Sun, 10 Nov 2024 10:23:42 GMT
x-proxy-cache
MISS
alt-svc
h3=":443"; ma=86400
x-cache
MISS
server-timing
cfL4;desc="?proto=QUIC&rtt=41369&sent=30&recv=15&lost=0&retrans=0&sent_bytes=20124&recv_bytes=5518&delivery_rate=100150&cwnd=12000&unsent_bytes=0&cid=00b9f4009b603e27&ts=208&x=1", cfExtPri, cfHdrFlush;dur=8
date
Sun, 10 Nov 2024 10:13:42 GMT
content-type
image/jpeg
x-served-by
cache-lga21937-LGA
x-cache-hits
0
last-modified
Sat, 09 Nov 2024 12:44:20 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer
S1731233622.406224,VS0,VE50
via
1.1 varnish
cf-ray
8e05457bfc7e18ea-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
1947449
x-origin-cache
HIT
server
cloudflare
3.jpg
freeutka.xyz/
77 KB
78 KB
Image
General
Full URL
https://freeutka.xyz/3.jpg
Requested by
Host: freeutka.xyz
URL: https://freeutka.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c1ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08d72796de56c66ee59c7c1ca47b9c48c51cbecc38fb49b0424a1f6ca3580550

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://freeutka.xyz/

Response headers

x-fastly-request-id
0b27b9bd7f1e57c8390c00b68e6c13d004aae32f
cf-cache-status
MISS
etag
"672f5924-13361"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BpT65EarqzW0vlcccyqkOAkqSx%2FK9ksBu86tTerY%2B4uddw0nCzRYaIgD0GbhlTkykAUZIL80mfIaL3EsfYCHwxL6paufNMPZJMYsZKgOwEyXvjnxIJVQjdLehtExf6sw%2B79SFOOhuvmHlJ0%3D"}],"group":"cf-nel","max_age":604800}
x-github-request-id
BE7A:410F5:141AC97:16C5314:67308756
expires
Sun, 10 Nov 2024 10:23:42 GMT
x-proxy-cache
MISS
alt-svc
h3=":443"; ma=86400
x-cache
MISS
server-timing
cfL4;desc="?proto=QUIC&rtt=41772&sent=55&recv=20&lost=0&retrans=0&sent_bytes=44124&recv_bytes=5733&delivery_rate=159519&cwnd=24000&unsent_bytes=0&cid=00b9f4009b603e27&ts=238&x=1", cfExtPri, cfHdrFlush;dur=21
date
Sun, 10 Nov 2024 10:13:42 GMT
content-type
image/jpeg
last-modified
Sat, 09 Nov 2024 12:44:20 GMT
x-served-by
cache-lga21963-LGA
x-cache-hits
0
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer
S1731233622.429950,VS0,VE55
via
1.1 varnish
cf-ray
8e05457c1c9118ea-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
78689
server
cloudflare
fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/webfonts/
103 KB
103 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/webfonts/fa-brands-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33a252d6393cbd6debe0ac517229c7aa258a0ee68fc0253f8be6a7cee8b65ee9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://freeutka.xyz
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css

Response headers

cf-cdnjs-via
cfworker/kv
cf-cache-status
HIT
etag
"619c057b-19af4"
age
406254
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9uiqCF7fOvn2WbIiaUkcKxJ%2FXyYQ24S6oSVZtt7nNQkjQTiEECbppNfwmxNmyJTzBBC6uygC8NtFFBywXBR5xZ%2F87NkKyyAMOvonr6fsyXCQDf5Mo%2FfRjDJdbUD9aahac116k%2F9wNlNQgyd1IiMeWYP9"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Fri, 31 Oct 2025 10:13:42 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 10 Nov 2024 10:13:42 GMT
content-type
application/octet-stream; charset=utf-8
last-modified
Mon, 22 Nov 2021 21:02:51 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e05457e58372365-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
105204
server
cloudflare
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410300101/
434 KB
144 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410300101/show_ads_impl_fy2021.js?bust=31088653
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6821702018706373
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
25667618a3a21ec155cc3c4c8e0e874fddb040bfb7fd19b3971ce7f592cd54fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://freeutka.xyz/

Response headers

content-encoding
br
etag
18255118441574510074
x-content-type-options
nosniff
expires
Sun, 10 Nov 2024 10:13:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sun, 10 Nov 2024 10:13:42 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
147806
x-xss-protection
0
server
cafe
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241106/r20190131/ Frame 460B
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241106/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410300101/show_ads_impl_fy2021.js?bust=31088653
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://freeutka.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
77548
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4134
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Nov 2024 12:41:15 GMT
etag
4475648825157136472
expires
Sat, 23 Nov 2024 12:41:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D3FA
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6821702018706373&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1731156260&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x1080_l%7C500x1080_r&format=0x0&url=https%3A%2F%2Ffreeutka.xyz%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aiapm=0.20295&aiapmi=0.24446&aiombap=1&aiopts=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1731233622707&bpp=4&bdt=346&idt=338&shv=r20241106&mjsv=m202410300101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=7796765206071&frm=20&pv=2&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31088716%2C31088724%2C95331833%2C95343682%2C95344189%2C95346759%2C31088653%2C95345966&oid=2&pvsid=3189377590233605&tmod=1067430421&uas=0&nvt=1&fsapi=1&fc=1920&brdim=900%2C900%2C900%2C900%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=366
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410300101/show_ads_impl_fy2021.js?bust=31088653
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://freeutka.xyz/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 10 Nov 2024 10:13:43 GMT
expires
Sun, 10 Nov 2024 10:13:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
api.desingfreeutka.workers.dev/
21 B
634 B
Fetch
General
Full URL
https://api.desingfreeutka.workers.dev/
Requested by
Host: freeutka.xyz
URL: https://freeutka.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:385f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0587694d437b2079ff3aa2a258fec1436c9bf404b4161d29f84c39f3ba9fdd01

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://freeutka.xyz/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eQx1Yx8s5te2TpHiEdax43yyL6%2F4CTa4U0SZCeRwcqhstNzn0R830dGja4YU9Zwn0lFlYiZBm%2BWDBTY0oe8GITfMnBMQlHd61eK04vB%2FLnGU9knYt%2FzY8zWNAqvSA3DZGoRm9IOJqZsED%2FALCFhUKsWKsedgudHdwFgE4gA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e054584b89841d5-EWR
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
21
server-timing
cfL4;desc="?proto=QUIC&rtt=40859&sent=12&recv=8&lost=0&retrans=0&sent_bytes=4202&recv_bytes=4263&delivery_rate=72885&cwnd=12000&unsent_bytes=0&cid=625e8c7ed4a6d7c7&ts=169&x=1", cfHdrFlush;dur=0
date
Sun, 10 Nov 2024 10:13:43 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
sodar
ep1.adtrafficquality.google/getconfig/
17 KB
13 KB
XHR
General
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20241106&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410300101/show_ads_impl_fy2021.js?bust=31088653
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3cd56fc43a56fefedb5620796338ac72c23d8fdf858f32208cb605d694f015bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://freeutka.xyz/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
12876
date
Sun, 10 Nov 2024 10:13:43 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
favicon.ico
freeutka.xyz/
103 KB
13 KB
Other
General
Full URL
https://freeutka.xyz/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c1ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2a7ddc973fbe60c0bc739ca23d0e7a0e53dab2e1b4052df07031f7b67584e13

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://freeutka.xyz/

Response headers

x-fastly-request-id
46e3321732c297eb3305429056815d9520bd3850
content-encoding
gzip
cf-cache-status
EXPIRED
etag
W/"672f5924-19d19"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lRQEwv5ilhsameadny31iTHsPlgi4akPZ8QmGQpb27MqwtGIavIgwjmI%2FCxavg5trE8aAaO%2BWhGsOPb5wZTmnY9RKHf%2FncWWSba1kNQneWnrFqU5ggFDSsPTz70weOkSO3j611tQ%2Bno75Mg%3D"}],"group":"cf-nel","max_age":604800}
x-github-request-id
67DC:2FFD76:1380677:162850D:67308757
expires
Sun, 10 Nov 2024 10:23:43 GMT
x-proxy-cache
MISS
alt-svc
h3=":443"; ma=86400
x-cache
MISS
server-timing
cfL4;desc="?proto=QUIC&rtt=47457&sent=2105&recv=270&lost=223&retrans=223&sent_bytes=2404284&recv_bytes=18410&delivery_rate=6961308&cwnd=342390&unsent_bytes=0&cid=00b9f4009b603e27&ts=1402&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 10 Nov 2024 10:13:43 GMT
content-type
image/vnd.microsoft.icon
last-modified
Sat, 09 Nov 2024 12:44:20 GMT
x-served-by
cache-lga21941-LGA
x-cache-hits
0
vary
Accept-Encoding
priority
u=1,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer
S1731233624.586950,VS0,VE63
via
1.1 varnish
cf-ray
8e0545835fac18ea-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
12169
server
cloudflare
sodar2.js
ep2.adtrafficquality.google/sodar/
18 KB
7 KB
Script
General
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410300101/show_ads_impl_fy2021.js?bust=31088653
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://freeutka.xyz/

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Sun, 10 Nov 2024 10:13:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 10 Nov 2024 10:13:44 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 26A3
0
0
Document
General
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://freeutka.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
2931
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 10 Nov 2024 09:24:53 GMT
expires
Sun, 10 Nov 2024 10:14:53 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C2D3
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-TCPD2q51iSslFNPt22DCOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://freeutka.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-TCPD2q51iSslFNPt22DCOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Sun, 10 Nov 2024 10:13:44 GMT
expires
Sun, 10 Nov 2024 10:13:44 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
sodar
ep1.adtrafficquality.google/pagead/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ep1.adtrafficquality.google
URL
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241106&jk=3189377590233605&bg=!AQKlAk3NAAYQZ9WPMGc7ADQBe5WfONgt9kzni6VxS14WyfkCsKlyKAYz_Agv43E20-ZP8uoOfO9gkpSiR3NykiSFrYL4AgAAAHtSAAAAA2gBB34ANpAACPgI-ObpmJgbmfX9wd03TVnXEdhiMfDbIohv5mKXEa0iRNzxBbxMrjdvV4e5fXv0gANiG5kClFd74eY0DRupJ-o-XIrr3JhM6N9JOz_wfbFAXyHiLJDF5IV34J2gC157J8dupSTNRt7CIgtfovwfGWnGcYC8lv-SsRcsk2r22nN6f2bDF4Zv5379ZRx_JujAffjWmZig65KcvfhdYOmzTVyXLwZKLBzF6BMdpCgShnIPED8UNGzpMLxNW6wz44aydd9Ups16eTfEFLbrSmZjI0scv5K4s0ML5rbMgGbaZLYI460_S0hTFAiPzOANW4gw0ywB6-wkQmGKtfl9F5AJ71Xl5VcRlpqwIeqVSqrnpn635PZ4XLvGcU5wZgEOx4NXmzmHI2k341brIoAXfzt75cEkwqXVHf_sAyxLGFNSdy3_2sy9zzWQ0OOJjydcVoNF5JOQOUHUht7iBThbu8n5Fg_qjNg26BW2MxsTlVM8yY5O6ZaBDo6VsaYf2CnR1FcGiYJaCApEuVN6LdHCDIevuaxpRTz1UBzlMaR4iOCJQrUrOv6Ggs9ZUNQNYOqlNiJ_XMfpD19xkanYGVfcTiF4lxvOfdLi6ESSkl_04XFb2jlLqmg3i8pYWhxLGNvrlXrss6ZUpNb5tTd6qU-lUIUQ3llEjxLJVjpDVS1iFwlETt-PyxdAja_JCBvdBxuVd0cuSH3ZvECfO2mJ4j-mdYCmJqh2ghbqTkXEce-Z0v5f4d8nO5rGZr0P8xTU0mZ3R9pucUa5-yk3nHN2iHp8AKGi_fvbeaWMSTQPESfR9zWZYW9ZmHj6VeIvvjYWolYH6tUt0jDr6ZsFhMvN4mxeDOxudeAYViWsS-vXl4ppLnhrxmYkEV7iGytsFIDnHOMwTkVIVJ8gy9d44EqyVIpBRKeo0n5lFjm6BjhxwI-HeQJ71VH5xWuigp128P8NLA

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| checkServerAvailability object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| googPageScrollPreventerInfo boolean| googFloatingToolbarManagerAsyncPositionUpdate number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

1 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission