www.hotfreelist.com Open in urlscan Pro
66.45.231.19 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.hotfreelist.com/3/posts/5/56/1699495.html
Submission: On April 08 via manual (April 8th 2021, 10:20:43 am UTC) from IN

Summary HTTP 37 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 10 domains to perform 37 HTTP transactions. The main IP is 66.45.231.19, located in United States and belongs to IS-AS-1, US. The main domain is www.hotfreelist.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on March 13th 2021. Valid for: 3 months.

This is the only time www.hotfreelist.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	66.45.231.19 66.45.231.19	19318 (IS-AS-1) (IS-AS-1)
8	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
3	23.210.248.44 23.210.248.44	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
37	10

9 66.45.231.19 (United States)

ASN19318 (IS-AS-1, US)

www.hotfreelist.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.210.248.44 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-44.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	155 KB
9	hotfreelist.com www.hotfreelist.com	30 KB
7	google.com fundingchoicesmessages.google.com adservice.google.com	80 KB
5	doubleclick.net googleads.g.doubleclick.net	7 KB
2	addthis.com s7.addthis.com	114 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	google.de adservice.google.de	799 B
1	googleadservices.com partner.googleadservices.com	642 B
1	addthisedge.com v1.addthisedge.com	207 B
1	moatads.com z.moatads.com	1 KB
37	10

	Domain	Requested by
9	www.hotfreelist.com	www.hotfreelist.com
7	pagead2.googlesyndication.com	www.hotfreelist.com pagead2.googlesyndication.com tpc.googlesyndication.com
6	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	s7.addthis.com	www.hotfreelist.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
37	12

This site contains links to these domains. Also see Links.

Domain
www.addthis.com
www.repaircontact.com

Subject Issuer	Validity	Valid
hotfreelist.com cPanel, Inc. Certification Authority	`2021-03-13` - `2021-06-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
odc-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-06` - `2022-04-11`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://www.hotfreelist.com/3/posts/5/56/1699495.html
Frame ID: 8BAB49E020B49180B750EADFD7EE80D1
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210406/r20190131/zrt_lookup.html
Frame ID: 8B1C1394CB58506A5A6336720BBBB8D2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3146401054668066&output=html&adk=1812271804&adf=3025194257&lmt=1617877226&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.hotfreelist.com%2F3%2Fposts%2F5%2F56%2F1699495.html&ea=0&flash=0&pra=5&wgl=1&dt=1617877226262&bpp=20&bdt=429&idt=-M&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8264558176179&frm=20&pv=2&ga_vid=257196039.1617877227&ga_sid=1617877227&ga_hid=421553139&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387%2C21065724&oid=3&pvsid=4222596977022664&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=492
Frame ID: 3117C1D42FFB2F1DC12ABD88D42B5BD4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3146401054668066&output=html&h=280&slotname=3272906692&adk=3979533568&adf=1952545992&pi=t.ma~as.3272906692&w=930&fwrn=4&fwrnh=100&lmt=1617877226&rafmt=1&psa=0&format=930x280&url=https%3A%2F%2Fwww.hotfreelist.com%2F3%2Fposts%2F5%2F56%2F1699495.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1617877226262&bpp=45&bdt=429&idt=-M&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8264558176179&frm=20&pv=1&ga_vid=257196039.1617877227&ga_sid=1617877227&ga_hid=421553139&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=69&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387%2C21065724&oid=3&pvsid=4222596977022664&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=cKjzRJDq5t&p=https%3A//www.hotfreelist.com&dtd=521
Frame ID: 6E4C6EC8D83D0D7DC948CCE25F0397D3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3146401054668066&output=html&h=240&slotname=8902464326&adk=3419311637&adf=2350897650&pi=t.ma~as.8902464326&w=120&lmt=1617877226&psa=0&format=120x240&url=https%3A%2F%2Fwww.hotfreelist.com%2F3%2Fposts%2F5%2F56%2F1699495.html&flash=0&wgl=1&dt=1617877226262&bpp=12&bdt=429&idt=-M&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C930x280&nras=1&correlator=8264558176179&frm=20&pv=1&ga_vid=257196039.1617877227&ga_sid=1617877227&ga_hid=421553139&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=335&ady=399&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387%2C21065724&oid=3&pvsid=4222596977022664&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=QAOYU8uqLd&p=https%3A//www.hotfreelist.com&dtd=542
Frame ID: B9BB14CFEF9350AD244FFC2FF0B3CF93
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3146401054668066&output=html&h=600&slotname=9866355346&adk=1139104167&adf=3896602186&pi=t.ma~as.9866355346&w=120&lmt=1617877226&psa=0&format=120x600&url=https%3A%2F%2Fwww.hotfreelist.com%2F3%2Fposts%2F5%2F56%2F1699495.html&flash=0&wgl=1&dt=1617877226262&bpp=1&bdt=429&idt=2&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C930x280%2C120x240&nras=1&correlator=8264558176179&frm=20&pv=1&ga_vid=257196039.1617877227&ga_sid=1617877227&ga_hid=421553139&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=311&ady=1087&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387%2C21065724&oid=3&pvsid=4222596977022664&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=FqYCJXCa1z&p=https%3A//www.hotfreelist.com&dtd=549
Frame ID: 3D8B919F5736879F7B9636606EE2CADC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: FAB63D3B6F3A1FD4243D39F6DA5AC0D2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

LiteSpeed (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^LiteSpeed$/i

Page Statistics

37
Requests

100 %
HTTPS

60 %
IPv6

10
Domains

12
Subdomains

10
IPs

2
Countries

417 kB
Transfer

1100 kB
Size

9
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.addthis.com/bookmark.php?v=20
Title: Share

Search URL Search Domain Scan URL

URL: https://www.repaircontact.com/quickbooks-2021-not-printing.php
Title: https://www.repaircontact.com/quickbooks-2021-not-printing.php

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 1699495.html Show response
www.hotfreelist.com/3/posts/5/56/ 15 KB
6 KB 343ms
123ms Document
text/html 66.45.231.19
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hotfreelist.com/3/posts/5/56/1699495.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.45.231.19 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: ccddf92adbd03829ce4617c472219a63969324aff461584366ac096a952e37f5

Request headers

:method: GET
:authority: www.hotfreelist.com
:scheme: https
:path: /3/posts/5/56/1699495.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

set-cookie: PHPSESSID=i2ts4u1ho2aiek41d55j7h06b2; path=/; secure xzclf_cityid=3; expires=Mon, 07-Jun-2021 10:20:25 GMT; Max-Age=5184000; path=/; secure hits=%3BA1699495; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
content-type: text/html; charset=UTF-8
content-length: 5192
content-encoding: br
vary: Accept-Encoding
date: Thu, 08 Apr 2021 10:20:25 GMT
server: LiteSpeed
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 135 KB
48 KB 58ms
24ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.hotfreelist.com
URL: https://www.hotfreelist.com/3/posts/5/56/1699495.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5e4bcbd0115f13554979bfc01b347125139ed54f7e8e05f59ba0b785d34f546

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hotfreelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 10:20:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48221
x-xss-protection: 0
server: cafe
etag: 15771468893096115367
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 08 Apr 2021 10:20:25 GMT

GET
H3-Q050 200 style.css
www.hotfreelist.com/ 9 KB
3 KB 235ms
113ms Stylesheet
text/css 66.45.231.19
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hotfreelist.com/style.css
Requested by: Host: www.hotfreelist.com
URL: https://www.hotfreelist.com/3/posts/5/56/1699495.html
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 66.45.231.19 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: bd330a46009005649c06122eefc533c2ab0dea2509fdb9a3ae3de649cec69df8

Request headers

Referer: https://www.hotfreelist.com/3/posts/5/56/1699495.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 10:20:26 GMT
content-encoding: br
last-modified: Thu, 01 Nov 2018 21:49:38 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2697
expires: Thu, 15 Apr 2021 10:20:26 GMT

GET
H3-Q050 200 pager.css
www.hotfreelist.com/ 965 B
393 B 235ms
113ms Stylesheet
text/css 66.45.231.19
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hotfreelist.com/pager.css
Requested by: Host: www.hotfreelist.com
URL: https://www.hotfreelist.com/3/posts/5/56/1699495.html
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 66.45.231.19 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 8a18c6cf371902cb4f0ba1e085daba40066bf6f2711280201578e08d231142b8

Request headers

Referer: https://www.hotfreelist.com/3/posts/5/56/1699495.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 10:20:26 GMT
content-encoding: br
last-modified: Tue, 08 Apr 2014 21:33:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 346
expires: Thu, 15 Apr 2021 10:20:26 GMT

GET
H3-Q050 200 cal.css
www.hotfreelist.com/ 474 B
281 B 236ms
114ms Stylesheet
text/css 66.45.231.19
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hotfreelist.com/cal.css
Requested by: Host: www.hotfreelist.com
URL: https://www.hotfreelist.com/3/posts/5/56/1699495.html
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 66.45.231.19 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: fab744b4d3af481417084ece049be0ce196a646abd6204bdba5602e093635e2f

Request headers

Referer: https://www.hotfreelist.com/3/posts/5/56/1699495.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 10:20:26 GMT
content-encoding: br
last-modified: Tue, 08 Apr 2014 21:32:33 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 234
expires: Thu, 15 Apr 2021 10:20:26 GMT

GET
H3-Q050 200 logo.gif
www.hotfreelist.com/images/ 8 KB
8 KB 234ms
114ms Image
image/gif 66.45.231.19
IS-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hotfreelist.com/images/logo.gif
Requested by: Host: www.hotfreelist.com
URL: https://www.hotfreelist.com/3/posts/5/56/1699495.html
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 66.45.231.19 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 5126d0f2d1927a334ab3e40505248ab72af82210d74d8d3955567385d24a6733

Request headers

Referer: https://www.hotfreelist.com/3/posts/5/56/1699495.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 10:20:26 GMT
last-modified: Tue, 08 Apr 2014 21:34:24 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 8421
expires: Thu, 15 Apr 2021 10:20:26 GMT

GET
H3-Q050 200 spacer.gif
www.hotfreelist.com/images/ 43 B
95 B 234ms
114ms Image
image/gif 66.45.231.19
IS-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hotfreelist.com/images/spacer.gif
Requested by: Host: www.hotfreelist.com
URL: https://www.hotfreelist.com/3/posts/5/56/1699495.html
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 66.45.231.19 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.hotfreelist.com/3/posts/5/56/1699495.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 10:20:26 GMT
last-modified: Tue, 08 Apr 2014 21:34:25 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 43
expires: Thu, 15 Apr 2021 10:20:26 GMT

GET
H3-Q050 200 bullet.gif
www.hotfreelist.com/images/ 57 B
103 B 234ms
114ms Image
image/gif 66.45.231.19
IS-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hotfreelist.com/images/bullet.gif
Requested by: Host: www.hotfreelist.com
URL: https://www.hotfreelist.com/3/posts/5/56/1699495.html
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 66.45.231.19 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: f27bcd5609939317883815c1471258eb73fd8001f1aae3d9cd0efbb5c3b3259e

Request headers

Referer: https://www.hotfreelist.com/3/posts/5/56/1699495.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 10:20:26 GMT
last-modified: Tue, 08 Apr 2014 21:34:23 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 57
expires: Thu, 15 Apr 2021 10:20:26 GMT

GET
H2 200 sm-plus.gif
s7.addthis.com/static/btn/ 79 B
294 B 152ms
77ms Image
image/gif 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s7.addthis.com/static/btn/sm-plus.gif

Requested by

Host: www.hotfreelist.com
URL: https://www.hotfreelist.com/3/posts/5/56/1699495.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

8eb9e2b352509e84dd54890cec75f6429660d1d5a2dd88422297611adaa4ab57

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.hotfreelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
server: nginx/1.15.8
etag: "5ed917ff-4f"
content-type: image/gif
cache-control: public, max-age=86313600
date: Thu, 08 Apr 2021 10:20:25 GMT
x-host: s7.addthis.com
accept-ranges: bytes
timing-allow-origin: *
content-length: 79

GET
H3-Q050 200 606ed82f995701fe8b4e19855.jpg
www.hotfreelist.com/adpics/ 12 KB
12 KB 233ms
114ms Image
image/jpeg 66.45.231.19
IS-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hotfreelist.com/adpics/606ed82f995701fe8b4e19855.jpg
Requested by: Host: www.hotfreelist.com
URL: https://www.hotfreelist.com/3/posts/5/56/1699495.html
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 66.45.231.19 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: ce6f84f0ff1787d55624d5b575a7ec082228192e7ec23c87baad998305d4fae5

Request headers

Referer: https://www.hotfreelist.com/3/posts/5/56/1699495.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 10:20:26 GMT
last-modified: Thu, 08 Apr 2021 10:17:19 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 12523
expires: Thu, 15 Apr 2021 10:20:26 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/200/ 353 KB
114 KB 109ms
35ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/200/addthis_widget.js

Requested by

Host: www.hotfreelist.com
URL: https://www.hotfreelist.com/3/posts/5/56/1699495.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.hotfreelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Thu, 08 Apr 2021 10:20:25 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H3-Q050 200 captcha.png.php
www.hotfreelist.com/ 267 B
498 B 245ms
127ms Image
image/png 66.45.231.19
IS-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hotfreelist.com/captcha.png.php?753
Requested by: Host: www.hotfreelist.com
URL: https://www.hotfreelist.com/3/posts/5/56/1699495.html
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 66.45.231.19 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 538eac1ba4b4b00ccd7165c3a019371bedb138eba06923dc05738e2c4f286d6e

Request headers

Referer: https://www.hotfreelist.com/3/posts/5/56/1699495.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Apr 2021 10:20:26 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: LiteSpeed
content-type: image/png
content-length: 267
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210406/r20190131/ 219 KB
82 KB 61ms
45ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210406/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3146401054668066&plah=www.hotfreelist.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4bde6be5b8578944bac32794ff4c3b588c0769e535cab938a5d172a99a85b28e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hotfreelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 10:20:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83934
x-xss-protection: 0
server: cafe
etag: 11485549009503256300
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 08 Apr 2021 10:20:25 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210406/r20190131/ Frame 8B1C 10 KB
5 KB 36ms
6ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210406/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210406/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hotfreelist.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.hotfreelist.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 07 Apr 2021 14:06:23 GMT
expires: Wed, 21 Apr 2021 14:06:23 GMT
content-type: text/html; charset=UTF-8
etag: 10446291943670460780
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4644
x-xss-protection: 0
age: 72842
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ca-pub-3146401054668066 Show response
fundingchoicesmessages.google.com/i/ 83 KB
32 KB 67ms
41ms Script
application/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-3146401054668066?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210406/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3146401054668066&plah=www.hotfreelist.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

318046ab8bdc103407f01de38c5b4cf661bbd352a57446b22ffccadb8b1a2a95

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ri4yn4uGQHXPwp7B5dLcHQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-ri4yn4uGQHXPwp7B5dLcHQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.hotfreelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Apr 2021 10:20:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorServingWebSwitchboardHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorServingWebSwitchboardHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingWebSwitchboardHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-ri4yn4uGQHXPwp7B5dLcHQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-ri4yn4uGQHXPwp7B5dLcHQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 98ms
31ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/200/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://www.hotfreelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 10:20:26 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=60511
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/4a1806ae49a62752/ 27 B
207 B 208ms
199ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/4a1806ae49a62752/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/200/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-44.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 19a26d6046c4fcfe9e3efbc1fb7532f424c6b0b7590b9e193788e30bce8b9836

Request headers

Referer: https://www.hotfreelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 10:20:26 GMT
content-encoding: gzip
content-disposition: attachment; filename=1.txt
cache-control: public, max-age=49, s-maxage=86400
content-length: 47
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8

POST
H3-Q050 204 AGSKWxXAhvCrIO5WSDzKB2TmPGNJUnv9zmXA20CKaAzkZ3qXKp8Ac_eQI63J0RUQYzHPL1TVrmbDIiM3A4KCNodFug== Show response
fundingchoicesmessages.google.com/l/ 0
837 B 85ms
23ms XHR
text/html 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/l/AGSKWxXAhvCrIO5WSDzKB2TmPGNJUnv9zmXA20CKaAzkZ3qXKp8Ac_eQI63J0RUQYzHPL1TVrmbDIiM3A4KCNodFug==?pvid=9A87E3F4-CDF4-44B4-A5E9-31597962B661&anonid=59EE12B3-A721-488F-9978-25C55E2F3B2B

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.en_US.DyXAm5XV9lU.es5.O/d=1/ct=zgms/rs=AJlcJMxcp6nri3PooARv5uEGl_brmIat9g/m=loader_js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8WDHSBfvaLjkIsmW3CwAug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-8WDHSBfvaLjkIsmW3CwAug' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.hotfreelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 08 Apr 2021 10:20:26 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.hotfreelist.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-8WDHSBfvaLjkIsmW3CwAug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-8WDHSBfvaLjkIsmW3CwAug' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 AGSKWxXc4C_5D0ijAqKiQhjcodcrwXjZ2FRY9aqUpMHQ-5bdN3jlmycmn3U6O8cc66WgY-nKi_WTTsv7rPuN2-X85g== Show response
fundingchoicesmessages.google.com/f/ 57 KB
23 KB 69ms
55ms Script
application/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXc4C_5D0ijAqKiQhjcodcrwXjZ2FRY9aqUpMHQ-5bdN3jlmycmn3U6O8cc66WgY-nKi_WTTsv7rPuN2-X85g==?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjE3ODc3MjI2LDY4NDAwMDAwMF0sIjlBODdFM0Y0LUNERjQtNDRCNC1BNUU5LTMxNTk3OTYyQjY2MSIsIjU5RUUxMkIzLUE3MjEtNDg4Ri05OTc4LTI1QzU1RTJGM0IyQiIsbnVsbCxbbnVsbCxbN11dXQ

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9bed3041058559364049a7b35b5923de0b676074884f16f24d950f07e4eb03a4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XRV8MPjwQaXyX+EZolUU+A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-XRV8MPjwQaXyX+EZolUU+A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.hotfreelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Apr 2021 10:20:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-XRV8MPjwQaXyX+EZolUU+A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-XRV8MPjwQaXyX+EZolUU+A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 205 B
642 B 111ms
47ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.hotfreelist.com&callback=_gfp_s_&client=ca-pub-3146401054668066

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

297cc0b8b1face50baf3ee4409eff881abcbfb5b77526224d590c2a72aa9cf8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hotfreelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 10:20:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 46ms
14ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.hotfreelist.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hotfreelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Apr 2021 10:20:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 47ms
16ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.hotfreelist.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hotfreelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Apr 2021 10:20:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3117 5 KB
1 KB 134ms
114ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3146401054668066&output=html&adk=1812271804&adf=3025194257&lmt=1617877226&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.hotfreelist.com%2F3%2Fposts%2F5%2F56%2F1699495.html&ea=0&flash=0&pra=5&wgl=1&dt=1617877226262&bpp=20&bdt=429&idt=-M&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8264558176179&frm=20&pv=2&ga_vid=257196039.1617877227&ga_sid=1617877227&ga_hid=421553139&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387%2C21065724&oid=3&pvsid=4222596977022664&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=492

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfabf589b450580a0752009d74a6c2bea851879b7f6172770c659a0dc287990a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?us_privacy=1---&client=ca-pub-3146401054668066&output=html&adk=1812271804&adf=3025194257&lmt=1617877226&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.hotfreelist.com%2F3%2Fposts%2F5%2F56%2F1699495.html&ea=0&flash=0&pra=5&wgl=1&dt=1617877226262&bpp=20&bdt=429&idt=-M&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8264558176179&frm=20&pv=2&ga_vid=257196039.1617877227&ga_sid=1617877227&ga_hid=421553139&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387%2C21065724&oid=3&pvsid=4222596977022664&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=492
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hotfreelist.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.hotfreelist.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 08 Apr 2021 10:20:26 GMT
server: cafe
content-length: 581
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 08-Apr-2021 10:35:26 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 08 Apr 2021 10:20:26 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6E4C 405 B
231 B 128ms
126ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3146401054668066&output=html&h=280&slotname=3272906692&adk=3979533568&adf=1952545992&pi=t.ma~as.3272906692&w=930&fwrn=4&fwrnh=100&lmt=1617877226&rafmt=1&psa=0&format=930x280&url=https%3A%2F%2Fwww.hotfreelist.com%2F3%2Fposts%2F5%2F56%2F1699495.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1617877226262&bpp=45&bdt=429&idt=-M&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8264558176179&frm=20&pv=1&ga_vid=257196039.1617877227&ga_sid=1617877227&ga_hid=421553139&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=69&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387%2C21065724&oid=3&pvsid=4222596977022664&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=cKjzRJDq5t&p=https%3A//www.hotfreelist.com&dtd=521

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7622be96517a8440749d21c6d524f2d1c82adbf2ba789c4859bbe29197faa741

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?us_privacy=1---&client=ca-pub-3146401054668066&output=html&h=280&slotname=3272906692&adk=3979533568&adf=1952545992&pi=t.ma~as.3272906692&w=930&fwrn=4&fwrnh=100&lmt=1617877226&rafmt=1&psa=0&format=930x280&url=https%3A%2F%2Fwww.hotfreelist.com%2F3%2Fposts%2F5%2F56%2F1699495.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1617877226262&bpp=45&bdt=429&idt=-M&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8264558176179&frm=20&pv=1&ga_vid=257196039.1617877227&ga_sid=1617877227&ga_hid=421553139&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=69&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387%2C21065724&oid=3&pvsid=4222596977022664&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=cKjzRJDq5t&p=https%3A//www.hotfreelist.com&dtd=521
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hotfreelist.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.hotfreelist.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 08 Apr 2021 10:20:26 GMT
server: cafe
content-length: 204
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 08-Apr-2021 10:35:26 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 08 Apr 2021 10:20:26 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B9BB 405 B
230 B 103ms
103ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3146401054668066&output=html&h=240&slotname=8902464326&adk=3419311637&adf=2350897650&pi=t.ma~as.8902464326&w=120&lmt=1617877226&psa=0&format=120x240&url=https%3A%2F%2Fwww.hotfreelist.com%2F3%2Fposts%2F5%2F56%2F1699495.html&flash=0&wgl=1&dt=1617877226262&bpp=12&bdt=429&idt=-M&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C930x280&nras=1&correlator=8264558176179&frm=20&pv=1&ga_vid=257196039.1617877227&ga_sid=1617877227&ga_hid=421553139&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=335&ady=399&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387%2C21065724&oid=3&pvsid=4222596977022664&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=QAOYU8uqLd&p=https%3A//www.hotfreelist.com&dtd=542

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df899ea73be0b55ebdf4fb4eee19337f8ead6427bd82692796e5304de67ac296

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?us_privacy=1---&client=ca-pub-3146401054668066&output=html&h=240&slotname=8902464326&adk=3419311637&adf=2350897650&pi=t.ma~as.8902464326&w=120&lmt=1617877226&psa=0&format=120x240&url=https%3A%2F%2Fwww.hotfreelist.com%2F3%2Fposts%2F5%2F56%2F1699495.html&flash=0&wgl=1&dt=1617877226262&bpp=12&bdt=429&idt=-M&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C930x280&nras=1&correlator=8264558176179&frm=20&pv=1&ga_vid=257196039.1617877227&ga_sid=1617877227&ga_hid=421553139&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=335&ady=399&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387%2C21065724&oid=3&pvsid=4222596977022664&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=QAOYU8uqLd&p=https%3A//www.hotfreelist.com&dtd=542
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hotfreelist.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.hotfreelist.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 08 Apr 2021 10:20:26 GMT
server: cafe
content-length: 203
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 08-Apr-2021 10:35:26 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 08 Apr 2021 10:20:26 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3D8B 405 B
228 B 121ms
120ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3146401054668066&output=html&h=600&slotname=9866355346&adk=1139104167&adf=3896602186&pi=t.ma~as.9866355346&w=120&lmt=1617877226&psa=0&format=120x600&url=https%3A%2F%2Fwww.hotfreelist.com%2F3%2Fposts%2F5%2F56%2F1699495.html&flash=0&wgl=1&dt=1617877226262&bpp=1&bdt=429&idt=2&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C930x280%2C120x240&nras=1&correlator=8264558176179&frm=20&pv=1&ga_vid=257196039.1617877227&ga_sid=1617877227&ga_hid=421553139&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=311&ady=1087&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387%2C21065724&oid=3&pvsid=4222596977022664&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=FqYCJXCa1z&p=https%3A//www.hotfreelist.com&dtd=549

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b99bd73c745a6e1ebebea405ead4590d43f26fd64bdcc5c0241a1f0f92e16113

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?us_privacy=1---&client=ca-pub-3146401054668066&output=html&h=600&slotname=9866355346&adk=1139104167&adf=3896602186&pi=t.ma~as.9866355346&w=120&lmt=1617877226&psa=0&format=120x600&url=https%3A%2F%2Fwww.hotfreelist.com%2F3%2Fposts%2F5%2F56%2F1699495.html&flash=0&wgl=1&dt=1617877226262&bpp=1&bdt=429&idt=2&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C930x280%2C120x240&nras=1&correlator=8264558176179&frm=20&pv=1&ga_vid=257196039.1617877227&ga_sid=1617877227&ga_hid=421553139&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=311&ady=1087&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387%2C21065724&oid=3&pvsid=4222596977022664&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=FqYCJXCa1z&p=https%3A//www.hotfreelist.com&dtd=549
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hotfreelist.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.hotfreelist.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 08 Apr 2021 10:20:26 GMT
server: cafe
content-length: 204
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 08-Apr-2021 10:35:26 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 08 Apr 2021 10:20:26 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 19ms
17ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d686acfc12a44fc472fb2a3c0ff9baa4638ced8f0da5b32f9ae5c15a2611def

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hotfreelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 10:20:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617795245888949"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28266
x-xss-protection: 0
expires: Thu, 08 Apr 2021 10:20:26 GMT

POST
H3-Q050 204 AGSKWxWeeMYsqPOhUc_LsF6V_bHKCwYDCD4dWzsEpQUMS9wbm9REXH7S7n1mBYqMk07OOV8Y_9tO6MsPjh2eC869yfSQj0bVQcvEL5ZuLDBzXhKP9rf_pS5y7wKjCsX5uBZpqtLq66HcE86j95I9XbWZ3vcndSb01TTHqgd9_hGQbr_e02rksZeQBZISqZU= Show response
fundingchoicesmessages.google.com/l/ 0
337 B 24ms
24ms XHR
text/html 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/l/AGSKWxWeeMYsqPOhUc_LsF6V_bHKCwYDCD4dWzsEpQUMS9wbm9REXH7S7n1mBYqMk07OOV8Y_9tO6MsPjh2eC869yfSQj0bVQcvEL5ZuLDBzXhKP9rf_pS5y7wKjCsX5uBZpqtLq66HcE86j95I9XbWZ3vcndSb01TTHqgd9_hGQbr_e02rksZeQBZISqZU=

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabCcpaWebSignalJs.en_US.wdjMEMCVEgc.es5.O/d=1/ct=zgms/rs=AJlcJMwID6BPue4wsEcKCUXw7gtQ0c7ZfQ/m=iabccpawebsignalscript

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CX95akWx2SSJHD9U2QQfDA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-CX95akWx2SSJHD9U2QQfDA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.hotfreelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 08 Apr 2021 10:20:26 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.hotfreelist.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-CX95akWx2SSJHD9U2QQfDA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-CX95akWx2SSJHD9U2QQfDA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 AGSKWxWeeMYsqPOhUc_LsF6V_bHKCwYDCD4dWzsEpQUMS9wbm9REXH7S7n1mBYqMk07OOV8Y_9tO6MsPjh2eC869yfSQj0bVQcvEL5ZuLDBzXhKP9rf_pS5y7wKjCsX5uBZpqtLq66HcE86j95I9XbWZ3vcndSb01TTHqgd9_hGQbr_e02rksZeQBZISqZU= Show response
fundingchoicesmessages.google.com/l/ 0
517 B 21ms
21ms XHR
text/html 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3vzLWkwPBj0sImKm0N+JTQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-3vzLWkwPBj0sImKm0N+JTQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.hotfreelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 08 Apr 2021 10:20:26 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.hotfreelist.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-3vzLWkwPBj0sImKm0N+JTQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-3vzLWkwPBj0sImKm0N+JTQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 AGSKWxXqvprCZBALDhVt9VrQx1UwdPxyd6VcqTSEEDF--vLjns7XxUBv2AKFSnneia6_Lgq-MVMzo6bH_mRRJrpVGFWjirCNbU9ceYpQEC6vACtSFn9QcbToyRXbTTrmcHzVC7iucTWMPSAl9665DylOBOWZv3VOqFDufcUMhhRUmo1FCBSLZWcRzQqXLJE= Show response
fundingchoicesmessages.google.com/f/ 63 KB
24 KB 39ms
38ms Script
application/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXqvprCZBALDhVt9VrQx1UwdPxyd6VcqTSEEDF--vLjns7XxUBv2AKFSnneia6_Lgq-MVMzo6bH_mRRJrpVGFWjirCNbU9ceYpQEC6vACtSFn9QcbToyRXbTTrmcHzVC7iucTWMPSAl9665DylOBOWZv3VOqFDufcUMhhRUmo1FCBSLZWcRzQqXLJE=?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjE3ODc3MjI3LDI0MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNywxMF1dXQ

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c43c5528689ba6d5c1926c4f04a74e9f6e2d670db556058bf31d626c8182dd64

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pRnuriBynp+WnYxaYnpg3Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-pRnuriBynp+WnYxaYnpg3Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.hotfreelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Apr 2021 10:20:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-pRnuriBynp+WnYxaYnpg3Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-pRnuriBynp+WnYxaYnpg3Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
111 B 39ms
38ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_inf_scr&r=p&pg_h=1774&su=www.hotfreelist.com&d=5000

Requested by

Host: www.hotfreelist.com
URL: https://www.hotfreelist.com/3/posts/5/56/1699495.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hotfreelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Apr 2021 10:20:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 48ms
33ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210406&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e4508ea41a489cddedb28ac00da8bb9d7e98682840786470dff7e7350a32cb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hotfreelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Apr 2021 10:20:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6597
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 44ms
14ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hotfreelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 10:20:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Thu, 08 Apr 2021 10:20:27 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame FAB6 12 KB
5 KB 41ms
16ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hotfreelist.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.hotfreelist.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Thu, 08 Apr 2021 10:08:17 GMT
expires: Fri, 08 Apr 2022 10:08:17 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 730
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js Show response
pagead2.googlesyndication.com/bg/ Frame FAB6 14 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c4ebf8d9b187b8d93c48bd93320a3783158da606de20b7b1903b9f5c06185b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 21:22:26 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 46681
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5698
x-xss-protection: 0
expires: Thu, 07 Apr 2022 21:22:26 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
23 B 40ms
40ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210406&jk=4222596977022664&bg=!BAelB0PNAAY56aLOOek7ACkAdvg8Wnnew7hlYqi-5gySmy11oazg6a2xLCb69Ydah0bUpShwNfZSbwIAAADvUgAAAApoAQcKADvG84UcwFTwipadE_Ugj4OWOU_zZ2f-MLFgSnzyOd5uYiFWi_FuVx5_7rZKKesLEjSkvO46ZEPkhY9IYpkB2kNXkUBc7ppuHpbbeomQ8nV3iuQVoLkTJKBj8UPLe6zcovES3aV1ilLYin_7EFIA9z3FnvtoiMOMi8jH5rUbIJ1KhYUrhSDLkYKQsxiFyE6bn4-O0UY3DBkjtiRTydKhJrpCNjtZCi7uePxwRxphjD2Boqhc6gaoGmCtdZuekiXWRTanbb0G5SyJ2WVHQGYDvaawDapIoUNR5ebE5zqlM5hUgcT7V6VGIfwsKjG1S3t5J18LSWfQYpw3tOzUi8pGh7RqaVNGfapYXQS7EzdKV1XVwqM_tU9aWF7hu_T677m5hVMQBD28cuGUwPANShob6kAv9oUsRn9XksU5braVDVsJNbGYxmgohDiIaWVyN3OJ_I0UE7EayqGSq5g6ieuvI3lBj8lpr2WOWieHi2Ga9-avbhRMz-cmAY21KrxbuGLJlexHVDR47C4WGvqXeR2JQ9WFOxpHftQXhPatZvOgrAnL1wm2RWL7b10o2ZiXemMqbh63xF-rLBhhwbIzc233UG1XffGHWMD3xYIdAb34v4rTokibWUR2PvvBcnfUGQLkiABkv4AeD3JhqfOVbKESHn439AkOsNk9Tx3uSF0Yubh9dlW3UmyI_wTCJGj4vVd8bUWd3xDV5qlwNA

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hotfreelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Apr 2021 10:20:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
121 B 39ms
39ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_inf_scr&r=s&pg_h=1774&su=www.hotfreelist.com&d=5000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hotfreelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Apr 2021 10:20:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

94 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 17:24:38	Name: test_cookie Value: CheckForPermission
.hotfreelist.com/	1970-01-20 02:46:13	Name: FCCDCF Value: [null,null,["[[],[],[],[],null,null,true]",1617877226589],null,null]
www.hotfreelist.com/	1970-01-19 18:51:01	Name: xzclf_cityid Value: 3
www.hotfreelist.com/	1970-01-20 02:53:25	Name: __atuvc Value: 1%7C14
www.hotfreelist.com/	1969-12-31 23:59:59	Name: xz_captcha_code Value: b76221330a42575900a120745c618c38
www.hotfreelist.com/	1969-12-31 23:59:59	Name: hits Value: %3BA1699495
.hotfreelist.com/	1970-01-20 02:46:13	Name: __gads Value: ID=bfc8248516551504-22ca2e987aa700d3:T=1617877226:RT=1617877226:S=ALNI_MYPMb3hzf737xvh0zhXrEvasas-oQ
www.hotfreelist.com/	1970-01-19 17:24:39	Name: __atuvs Value: 606ed8ea3bbbb3fe000
www.hotfreelist.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: i2ts4u1ho2aiek41d55j7h06b2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
s7.addthis.com
tpc.googlesyndication.com
v1.addthisedge.com
www.googletagservices.com
www.hotfreelist.com
z.moatads.com
142.250.185.66
2.18.235.40
23.210.248.44
2a00:1450:4001:802::2002
2a00:1450:4001:803::2002
2a00:1450:4001:808::2001
2a00:1450:4001:808::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::200e
66.45.231.19
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0c4ebf8d9b187b8d93c48bd93320a3783158da606de20b7b1903b9f5c06185b3
19a26d6046c4fcfe9e3efbc1fb7532f424c6b0b7590b9e193788e30bce8b9836
297cc0b8b1face50baf3ee4409eff881abcbfb5b77526224d590c2a72aa9cf8e
318046ab8bdc103407f01de38c5b4cf661bbd352a57446b22ffccadb8b1a2a95
4bde6be5b8578944bac32794ff4c3b588c0769e535cab938a5d172a99a85b28e
4e4508ea41a489cddedb28ac00da8bb9d7e98682840786470dff7e7350a32cb4
5126d0f2d1927a334ab3e40505248ab72af82210d74d8d3955567385d24a6733
538eac1ba4b4b00ccd7165c3a019371bedb138eba06923dc05738e2c4f286d6e
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
7622be96517a8440749d21c6d524f2d1c82adbf2ba789c4859bbe29197faa741
7d686acfc12a44fc472fb2a3c0ff9baa4638ced8f0da5b32f9ae5c15a2611def
8a18c6cf371902cb4f0ba1e085daba40066bf6f2711280201578e08d231142b8
8eb9e2b352509e84dd54890cec75f6429660d1d5a2dd88422297611adaa4ab57
9bed3041058559364049a7b35b5923de0b676074884f16f24d950f07e4eb03a4
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5e4bcbd0115f13554979bfc01b347125139ed54f7e8e05f59ba0b785d34f546
b99bd73c745a6e1ebebea405ead4590d43f26fd64bdcc5c0241a1f0f92e16113
bd330a46009005649c06122eefc533c2ab0dea2509fdb9a3ae3de649cec69df8
c43c5528689ba6d5c1926c4f04a74e9f6e2d670db556058bf31d626c8182dd64
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
ccddf92adbd03829ce4617c472219a63969324aff461584366ac096a952e37f5
ce6f84f0ff1787d55624d5b575a7ec082228192e7ec23c87baad998305d4fae5
df899ea73be0b55ebdf4fb4eee19337f8ead6427bd82692796e5304de67ac296
dfabf589b450580a0752009d74a6c2bea851879b7f6172770c659a0dc287990a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f27bcd5609939317883815c1471258eb73fd8001f1aae3d9cd0efbb5c3b3259e
fab744b4d3af481417084ece049be0ce196a646abd6204bdba5602e093635e2f

www.hotfreelist.com Open in urlscan Pro 66.45.231.19 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

37 Requests

100 %HTTPS

60 %IPv6

10 Domains

12 Subdomains

10 IPs

2 Countries

417 kBTransfer

1100 kBSize

9 Cookies

2 Outgoing links

Redirected requests

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.hotfreelist.com Open in urlscan Pro
66.45.231.19 Public Scan

Screenshot
Live screenshot

Full Image

37
Requests

100 %
HTTPS

60 %
IPv6

10
Domains

12
Subdomains

10
IPs

2
Countries

417 kB
Transfer

1100 kB
Size

9
Cookies

37 HTTP transactions
0 data transactions