freetrx.fun Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://freetrx.fun/ftrx/
Submission: On June 16 via api (June 16th 2023, 2:37:19 pm UTC) from US — Scanned from NL

Summary HTTP 184 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 46 IPs in 4 countries across 43 domains to perform 184 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is freetrx.fun.
TLS certificate: Issued by GTS CA 1P5 on April 20th 2023. Valid for: 3 months.

This is the only time freetrx.fun was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 35	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:9000:249... 2600:9000:2491:ca00:2:e529:700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
1	2606:4700:20:... 2606:4700:20::681a:507	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:e2:... 2606:4700:e2::ac40:840f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700:303... 2606:4700:3035::ac43:97b9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	199.241.100.27 199.241.100.27	27589 (MOJOHOST) (MOJOHOST)
3	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:223... 2600:9000:223f:b200:1f:946:f000:21	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	192.0.78.146 192.0.78.146	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
14	2606:4700:20:... 2606:4700:20::681a:807	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700:21:... 2606:4700:21::8d65:780a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3031::6815:2dfb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	92.204.136.218 92.204.136.218	398108 (GO-DADDY-...) (GO-DADDY-COM-LLC)
1	2a02:4780:a:7... 2a02:4780:a:761:0:199c:170d:8	47583 (AS-HOSTINGER) (AS-HOSTINGER)
6	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
4	2606:4700:e6:... 2606:4700:e6::ac40:c021	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:10:... 2606:4700:10::ac43:1997	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:4aab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	176.9.77.232 176.9.77.232	24940 (HETZNER-AS) (HETZNER-AS)
4	45.133.44.53 45.133.44.53	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
3	176.9.28.133 176.9.28.133	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	162.19.58.159 162.19.58.159	16276 (OVH) (OVH)
1 1	2606:4700:303... 2606:4700:3030::ac43:b3c9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::ac43:4427	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2600:9000:224... 2600:9000:2240:ba00:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	172.64.151.83 172.64.151.83	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700::68... 2606:4700::6812:82e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:224... 2600:9000:2240:6600:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a01:4f8:c0:2... 2a01:4f8:c0:2343::2	24940 (HETZNER-AS) (HETZNER-AS)
2	45.133.44.52 45.133.44.52	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	2600:9000:223... 2600:9000:223c:ae00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	67.202.105.34 67.202.105.34	32748 (STEADFAST) (STEADFAST)
1	2600:9000:225... 2600:9000:225e:8400:3:a4cd:8380:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
2	157.90.84.242 157.90.84.242	24940 (HETZNER-AS) (HETZNER-AS)
1	67.202.105.31 67.202.105.31	32748 (STEADFAST) (STEADFAST)
1	18.198.226.87 18.198.226.87	16509 (AMAZON-02) (AMAZON-02)
184	46

35 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

freetrx.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cryptocoinsad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2491:ca00:2:e529:700:93a1 (United States)

ASN16509 (AMAZON-02, US)

tags.orquideassp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:507 (United States)

ASN13335 (CLOUDFLARENET, US)

waust.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e2::ac40:840f (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:3035::ac43:97b9 (United States)

ASN13335 (CLOUDFLARENET, US)

servicer.adqva.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.adqva.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 199.241.100.27 (United States)

ASN27589 (MOJOHOST, US)
PTR: cs2196.mojohost.com

ss.mndsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pp.mndsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cp.mndsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223f:b200:1f:946:f000:21 (United States)

ASN16509 (AMAZON-02, US)

d3u598arehftfk.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.78.146 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

supertruco.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:20::681a:807 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.bmcdn5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.bmcdn5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:21::8d65:780a (United States)

ASN13335 (CLOUDFLARENET, US)

t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3031::6815:2dfb (United States)

ASN13335 (CLOUDFLARENET, US)

static.surfe.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.204.136.218 (Warrenton, United States)

ASN398108 (GO-DADDY-COM-LLC, US)
PTR: ns1007988.ip-92-204-136.us

zerads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:4780:a:761:0:199c:170d:8 (Manchester, United Kingdom)

ASN47583 (AS-HOSTINGER, CY)

claim.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:e6::ac40:c021 (United States)

ASN13335 (CLOUDFLARENET, US)

hbagency.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:1997 (United States)

ASN13335 (CLOUDFLARENET, US)

boot.pbstck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.pbstck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:4aab (United States)

ASN13335 (CLOUDFLARENET, US)

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 176.9.77.232 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.232.77.9.176.clients.your-server.de

acceptable.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.133.44.53 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

9186bf9778.cca63f7d30.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.wpshsdk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
795bb4615e.3cbc749ccf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 176.9.28.133 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.133.28.9.176.clients.your-server.de

rt183.surfe.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.58.159 (France)

ASN16276 (OVH, FR)
PTR: ns3096667.ip-162-19-58.eu

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:b3c9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.pokebtc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4427 (United States)

ASN13335 (CLOUDFLARENET, US)

www.pokania.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2240:ba00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.151.83 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:82e (United States)

ASN13335 (CLOUDFLARENET, US)

s-img.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2240:6600:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:4f8:c0:2343::2 (Germany)

ASN24940 (HETZNER-AS, DE)

ntvpwpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.133.44.52 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

js.canstrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223c:ae00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 67.202.105.34 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:8400:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)

test.cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.90.84.242 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.242.84.90.157.clients.your-server.de

fp.metricswpsh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.31 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip31.67-202-105.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.226.87 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-226-87.eu-central-1.compute.amazonaws.com

audit-tcfv2.cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 133 tpc.googlesyndication.com — Cisco Umbrella Rank: 155	397 KB
28	freetrx.fun 1 redirects freetrx.fun	350 KB
17	mndsrv.com ss.mndsrv.com — Cisco Umbrella Rank: 179060 pp.mndsrv.com — Cisco Umbrella Rank: 157361 cp.mndsrv.com	175 KB
14	bmcdn5.com cdn.bmcdn5.com — Cisco Umbrella Rank: 130973 static.bmcdn5.com — Cisco Umbrella Rank: 196606	550 KB
7	tynt.com cdn.tynt.com — Cisco Umbrella Rank: 14429 ic.tynt.com — Cisco Umbrella Rank: 8732 de.tynt.com — Cisco Umbrella Rank: 1841	8 KB
7	quantcast.com cmp.quantcast.com — Cisco Umbrella Rank: 3300 test.cmp.quantcast.com — Cisco Umbrella Rank: 10584 audit-tcfv2.cmp.quantcast.com — Cisco Umbrella Rank: 12380	147 KB
7	cryptocoinsad.com cryptocoinsad.com — Cisco Umbrella Rank: 310039	396 KB
7	adqva.com servicer.adqva.com — Cisco Umbrella Rank: 870178 img.adqva.com	29 KB
6	adskeeper.com s-img.adskeeper.com — Cisco Umbrella Rank: 21275	2 MB
6	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 57	43 KB
5	surfe.pro static.surfe.pro — Cisco Umbrella Rank: 358948 rt183.surfe.pro — Cisco Umbrella Rank: 379473	7 KB
4	hbagency.it hbagency.it — Cisco Umbrella Rank: 163068	290 KB
3	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 107 www.google.com — Cisco Umbrella Rank: 3	2 KB
3	a-ads.com acceptable.a-ads.com — Cisco Umbrella Rank: 120920
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 263	38 KB
3	orquideassp.com tags.orquideassp.com — Cisco Umbrella Rank: 166555	4 KB
2	metricswpsh.com fp.metricswpsh.com — Cisco Umbrella Rank: 33475	400 B
2	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1141	1 KB
2	canstrm.com js.canstrm.com — Cisco Umbrella Rank: 83766	51 KB
2	consensu.org quantcast.mgr.consensu.org — Cisco Umbrella Rank: 4744	95 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1215	18 KB
2	cca63f7d30.com 9186bf9778.cca63f7d30.com	58 KB
2	pbstck.com boot.pbstck.com — Cisco Umbrella Rank: 8121 cdn.pbstck.com — Cisco Umbrella Rank: 9408	47 KB
2	dtscout.com t.dtscout.com — Cisco Umbrella Rank: 13998	2 KB
2	cloudfront.net d3u598arehftfk.cloudfront.net	65 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 207	56 KB
1	ntvpwpush.com ntvpwpush.com — Cisco Umbrella Rank: 28544	654 B
1	3cbc749ccf.com 795bb4615e.3cbc749ccf.com	207 B
1	wpshsdk.com js.wpshsdk.com — Cisco Umbrella Rank: 14733	238 B
1	pokania.com www.pokania.com	90 KB
1	pokebtc.com 1 redirects www.pokebtc.com	466 B
1	ibb.co i.ibb.co — Cisco Umbrella Rank: 11861	900 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1107	606 B
1	amung.us whos.amung.us — Cisco Umbrella Rank: 13356	184 B
1	claim.fun claim.fun	484 B
1	zerads.com zerads.com — Cisco Umbrella Rank: 941382	1 KB
1	gstatic.com fonts.gstatic.com	31 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 82	44 KB
1	supertruco.com supertruco.com — Cisco Umbrella Rank: 480976	2 KB
1	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1159	12 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 80	1016 B
1	waust.at waust.at — Cisco Umbrella Rank: 42860	18 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 379	3 KB
184	43

	Domain	Requested by
28	freetrx.fun	1 redirects freetrx.fun
22	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
11	pp.mndsrv.com	ss.mndsrv.com
10	cdn.bmcdn5.com	freetrx.fun cdn.bmcdn5.com
9	pagead2.googlesyndication.com	tags.orquideassp.com pagead2.googlesyndication.com freetrx.fun tpc.googlesyndication.com
7	cryptocoinsad.com	freetrx.fun claim.fun cryptocoinsad.com cdn.jsdelivr.net
6	s-img.adskeeper.com	freetrx.fun
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
6	servicer.adqva.com	freetrx.fun servicer.adqva.com
5	ic.tynt.com	freetrx.fun
5	cmp.quantcast.com	hbagency.it quantcast.mgr.consensu.org
5	ss.mndsrv.com	freetrx.fun ss.mndsrv.com
4	static.bmcdn5.com	srcdoc
4	hbagency.it	d3u598arehftfk.cloudfront.net
3	rt183.surfe.pro	freetrx.fun
3	acceptable.a-ads.com	freetrx.fun
3	cdnjs.cloudflare.com	freetrx.fun d3u598arehftfk.cloudfront.net
3	tags.orquideassp.com	freetrx.fun
2	fp.metricswpsh.com	9186bf9778.cca63f7d30.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	rules.quantcount.com	secure.quantserve.com
2	js.canstrm.com	9186bf9778.cca63f7d30.com js.canstrm.com
2	quantcast.mgr.consensu.org	cmp.quantcast.com
2	secure.quantserve.com	cmp.quantcast.com
2	9186bf9778.cca63f7d30.com	freetrx.fun 9186bf9778.cca63f7d30.com
2	static.surfe.pro	freetrx.fun cdn.jsdelivr.net
2	t.dtscout.com	waust.at t.dtscout.com
2	d3u598arehftfk.cloudfront.net	freetrx.fun
1	audit-tcfv2.cmp.quantcast.com	cmp.quantcast.com
1	de.tynt.com	cdn.tynt.com
1	www.googletagservices.com	googleads.g.doubleclick.net
1	test.cmp.quantcast.com	quantcast.mgr.consensu.org
1	ntvpwpush.com	9186bf9778.cca63f7d30.com
1	795bb4615e.3cbc749ccf.com	9186bf9778.cca63f7d30.com
1	img.adqva.com	freetrx.fun
1	cp.mndsrv.com	ss.mndsrv.com
1	cdn.tynt.com	waust.at
1	cdn.pbstck.com	boot.pbstck.com
1	js.wpshsdk.com	9186bf9778.cca63f7d30.com
1	www.pokania.com	zerads.com
1	www.pokebtc.com	1 redirects
1	i.ibb.co	zerads.com
1	adservice.google.com	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	whos.amung.us	waust.at
1	boot.pbstck.com	d3u598arehftfk.cloudfront.net
1	claim.fun	freetrx.fun
1	zerads.com	freetrx.fun
1	fonts.gstatic.com	fonts.googleapis.com
1	www.googletagmanager.com	cdn.jsdelivr.net
1	supertruco.com	tags.orquideassp.com
1	use.fontawesome.com	freetrx.fun
1	fonts.googleapis.com	freetrx.fun
1	waust.at	freetrx.fun
1	cdn.jsdelivr.net	freetrx.fun
184	55

This site contains links to these domains. Also see Links.

Domain
orquidea.ai

Subject Issuer	Validity	Valid
freetrx.fun GTS CA 1P5	`2023-04-20` - `2023-07-19`	3 months	crt.sh
tags.orquideassp.com Amazon RSA 2048 M01	`2023-04-30` - `2024-05-28`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-06-04` - `2024-06-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
use.fontawesome.com GTS CA 1P5	`2023-05-06` - `2023-08-04`	3 months	crt.sh
adqva.com GTS CA 1P5	`2023-06-02` - `2023-08-31`	3 months	crt.sh
pp.mndsrv.com R3	`2023-05-24` - `2023-08-22`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
tls.automattic.com R3	`2023-05-17` - `2023-08-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
dtscout.com GTS CA 1P5	`2023-05-27` - `2023-08-25`	3 months	crt.sh
surfe.pro E1	`2023-06-03` - `2023-09-01`	3 months	crt.sh
zerads.com cPanel, Inc. Certification Authority	`2023-04-16` - `2023-07-15`	3 months	crt.sh
claim.fun R3	`2023-06-10` - `2023-09-08`	3 months	crt.sh
cryptocoinsad.com GTS CA 1P5	`2023-05-06` - `2023-08-04`	3 months	crt.sh
hbagency.it Cloudflare Inc ECC CA-3	`2022-10-21` - `2023-10-20`	a year	crt.sh
pbstck.com Cloudflare Inc ECC CA-3	`2023-06-04` - `2024-06-03`	a year	crt.sh
*.amung.us Sectigo RSA Domain Validation Secure Server CA	`2022-05-18` - `2023-06-17`	a year	crt.sh
*.a-ads.com Sectigo ECC Domain Validation Secure Server CA	`2022-12-21` - `2024-01-21`	a year	crt.sh
9186bf9778.cca63f7d30.com R3	`2023-06-13` - `2023-09-11`	3 months	crt.sh
*.surfe.pro R3	`2023-06-05` - `2023-09-03`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
i.ibb.co R3	`2023-06-11` - `2023-09-09`	3 months	crt.sh
cmp.quantcast.com R3	`2023-06-13` - `2023-09-11`	3 months	crt.sh
js.wpshsdk.com R3	`2023-05-26` - `2023-08-24`	3 months	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-07` - `2023-09-30`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
795bb4615e.3cbc749ccf.com R3	`2023-06-13` - `2023-09-11`	3 months	crt.sh
notification.tubecup.net R3	`2023-04-28` - `2023-07-27`	3 months	crt.sh
js.canstrm.com R3	`2023-05-24` - `2023-08-22`	3 months	crt.sh
quantserve.com R3	`2023-06-13` - `2023-09-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh

This page contains 20 frames:

Primary Page: https://freetrx.fun/ftrx/
Frame ID: EC695ADEB7B0697FA0AB87E7A4BC0C8C
Requests: 125 HTTP requests in this frame

Frame: https://zerads.com/ad/ad.php?width=300&ref=2277
Frame ID: 77B5D8070F7680A9213D4805584EABD0
Requests: 3 HTTP requests in this frame

Frame: https://freetrx.fun/ad_cp.html
Frame ID: 73235E129BFBB1261A1DAC7804AC92EE
Requests: 9 HTTP requests in this frame

Frame: https://claim.fun/adcpm_300x250.html
Frame ID: A10615DEBA469F5DFF616401CE13BB19
Requests: 1 HTTP requests in this frame

Frame: https://cryptocoinsad.com/ads/show.php?a=251910&b=392997
Frame ID: BC14951DAEB5D8E7850347E35740FC0D
Requests: 3 HTTP requests in this frame

Frame: https://freetrx.fun/cdn-cgi/challenge-platform/h/g/scripts/jsd/6cdb09c9/invisible.js
Frame ID: 23E92279B64B818F278A2782268EE3C3
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20190131/zrt_lookup.html
Frame ID: A89184D6E3D017C2B95DC77E98977562
Requests: 1 HTTP requests in this frame

Frame: https://cryptocoinsad.com/ads/show.php?a=252741&b=393437
Frame ID: 381E2C59116D8CB06E2BC3B2F0867B88
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=90&slotname=www.freetrx.fun_Footer_728x90&adk=813149523&adf=3122884765&pi=t.ma~as.www.freetrx.fun_Foo_&w=728&lmt=1686926233&url=https%3A%2F%2Ffreetrx.fun%2Fftrx%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686926233323&bpp=6&bdt=555&idt=195&shv=r20230614&mjsv=m202306080101&ptt=5&saldr=sd&abxe=1&correlator=6555478906997&frm=20&pv=2&ga_vid=1576126448.1686926234&ga_sid=1686926234&ga_hid=1263145369&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1194&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075067%2C44788442%2C31075280%2C44791046&oid=2&pvsid=3994702489873707&tmod=108516072&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=uq9rMZppP4&p=https%3A//freetrx.fun&dtd=212
Frame ID: CDA37596B275E43D6441907B71B26A68
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.freetrx.fun&adk=36377878&adf=3271003695&pi=t.ma~as.www.freetrx.fun&w=300&lmt=1686926233&url=https%3A%2F%2Ffreetrx.fun%2Fftrx%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686926233329&bpp=1&bdt=562&idt=213&shv=r20230614&mjsv=m202306080101&ptt=5&saldr=sd&abxe=1&prev_slotnames=www.freetrx.fun_footer_728x90&correlator=6555478906997&frm=20&pv=1&ga_vid=1576126448.1686926234&ga_sid=1686926234&ga_hid=1263145369&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=2857&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075067%2C44788442%2C31075280%2C44791046&oid=2&pvsid=3994702489873707&tmod=108516072&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=p46pTxqA9z&p=https%3A//freetrx.fun&dtd=226
Frame ID: 30839D0A9BB4E9463E2BFF5DEC9F4E05
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&adk=1812271804&adf=3025194257&lmt=1686926233&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ffreetrx.fun%2Fftrx%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686926233376&bpp=2&bdt=608&idt=275&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_slotnames=www.freetrx.fun_footer_728x90%2Cwww.freetrx.fun&nras=1&correlator=6555478906997&frm=20&pv=1&ga_vid=1576126448.1686926234&ga_sid=1686926234&ga_hid=1263145369&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075067%2C44788442&oid=2&pvsid=3994702489873707&tmod=108516072&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=288
Frame ID: 2AE089A14F617276552E3CEB043D4944
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4407217601433664615/index.html
Frame ID: 809E9F7CD2DC5582D31B7F77B73C41CD
Requests: 17 HTTP requests in this frame

Frame: https://cdn.bmcdn5.com/p/6462ded54dfa5babd4b5eaa9/?source=https%253A%252F%252Ffreetrx.fun%252Fftrx%252F&sourceid=871127111941&ent=&we=0&fid=e31d981f0adb674e0a0ec29afe56d6fb&fidnoua=1cf3f5c7c63989a278b8557547d1d331&impid=8e6e2e56-ded5-473c-9abf-57eda2e01efd&sessionId=7927f614-75d5-406f-90c1-7c4169230eb8&pageViewUuid=f807a1ec-ad76-41b3-a77b-35323a9018e5&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F114.0.5735.133%2520Safari%252F537.36&sig=0x00000&blocksubid=0
Frame ID: 404AF0C63F762A316263074AA93D0515
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 89A1905DEA1283C72BD03A6131C21823
Requests: 2 HTTP requests in this frame

Frame: https://cdn.bmcdn5.com/p/6462ded54dfa5babd4b5eaa9/?source=https%253A%252F%252Ffreetrx.fun%252Fftrx%252F&sourceid=871127111941&ent=&we=0&fid=e31d981f0adb674e0a0ec29afe56d6fb&fidnoua=1cf3f5c7c63989a278b8557547d1d331&impid=3720e98c-b575-4f47-91af-5180a5bfc6c9&sessionId=d6dd78a5-6114-4473-b1b1-361bf31e2564&pageViewUuid=f807a1ec-ad76-41b3-a77b-35323a9018e5&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F114.0.5735.133%2520Safari%252F537.36&sig=0x00000&blocksubid=1
Frame ID: 1E5FD0FE59E443B3668D29B02DCF62D9
Requests: 1 HTTP requests in this frame

Frame: https://ntvpwpush.com/dl/cookies
Frame ID: 79344D35942728319B96B0374CA350FE
Requests: 1 HTTP requests in this frame

Frame: https://static.bmcdn5.com/css/img.css?v=v1.25.18
Frame ID: 182F94297F6B1E17E70B532C80384D90
Requests: 4 HTTP requests in this frame

Frame: https://static.bmcdn5.com/css/img.css?v=v1.25.18
Frame ID: 3ABAD2291B945DEFC0C7CF270F9EBA72
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EBF36918BA7D41BFEFC10057CB6EA8C9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2A80179346CA6451855DAF644D3DF2BD
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Faucet Instant Payout Zone | FTRX Faucet

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

CodeIgniter (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

RightJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

right\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Quantcast Choice (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

quantcast\.mgr\.consensu\.org

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

SweetAlert (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweet(?:-)?alert(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

184
Requests

99 %
HTTPS

72 %
IPv6

43
Domains

55
Subdomains

46
IPs

4
Countries

5222 kB
Transfer

8986 kB
Size

24
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://orquidea.ai/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54

https://freetrx.fun/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
https://freetrx.fun/cdn-cgi/challenge-platform/h/g/scripts/jsd/6cdb09c9/invisible.js

Request Chain 94

https://www.pokebtc.com/banners/300x250.png HTTP 301
https://www.pokania.com/banners/300x250.png

Request Chain 141

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

184 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
freetrx.fun/ftrx/ 114 KB
20 KB 306ms
237ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freetrx.fun/ftrx/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.2.34

Resource Hash

3732c1b69385794cba9a27e536edc67d5763e658e50744a8dc21497897e03059

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7d83ca195a9a19a9-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Fri, 16 Jun 2023 14:37:12 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
platform: hostinger
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tPWrCm73SE%2BSfWiNir%2F32xy9KNgYuszvtuXM2ZPVIlAp4HaUIXsf8QAyIGchz%2FX13bja0pM9iVfeuRFNhL2AAoWR6b4Lcs3JRHvUu5dlg4vkbgq%2BCk8xdzLwnebCP3jC%2FMcvRGH6WUzOzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.2.34
x-turbo-charged-by: LiteSpeed

GET
H2 200 11545 Show response
tags.orquideassp.com/tag/ 2 KB
3 KB 153ms
22ms Script
text/javascript 2600:9000:2491:ca00:2:e529:700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.orquideassp.com/tag/11545

Requested by

Host: freetrx.fun
URL: https://freetrx.fun/ftrx/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:ca00:2:e529:700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

7208300e27f4249d18cd55cb0dfe1a94a362adf6af4309883a6d85595823abcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
date: Fri, 16 Jun 2023 14:19:48 GMT
x-content-type-options: nosniff
via: 1.1 4b69099d64ffa1fbe8adbe1235065a14.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 1061
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
content-length: 2359
x-xss-protection: 1; mode=block
server: nginx/1.16.1
etag: W/"937-v+tJmxzNggjYY2WyHBH/6DzNW+4"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-amz-cf-id: XUWdu-bVORibJ-qgPEqBKlCi4R1Zljkk6L6IM0aZzNoxKkLbecX9Tw==

GET
H2 200 aab.js Show response
cdn.jsdelivr.net/gh/ourtecads/AntiAdblock@aff5230f61c60d6dc24a1ac69a40d2ebf3f65593/ 6 KB
3 KB 65ms
24ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/ourtecads/AntiAdblock@aff5230f61c60d6dc24a1ac69a40d2ebf3f65593/aab.js

Requested by

Host: freetrx.fun
URL: https://freetrx.fun/ftrx/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ad22181291ddb371eb4359ad0c5887c25ece808425f2383011d8c6e7cfa4b71c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 16 Jun 2023 14:37:12 GMT
x-content-type-options: nosniff
content-encoding: br
age: 308441
x-jsd-version: aff5230f61c60d6dc24a1ac69a40d2ebf3f65593
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2618
x-served-by: cache-fra-eddf8230035-FRA, cache-ams21027-AMS
x-jsd-version-type: commit
etag: W/"17d5-FqCxPW2A+qXVGHYy3OqOvYHkqYA"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 t.js Show response
waust.at/ 29 KB
18 KB 87ms
28ms Script
application/x-javascript 2606:4700:20::681a:507
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://waust.at/t.js
Requested by: Host: freetrx.fun
URL: https://freetrx.fun/ftrx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff4c07f1e5cbcfdcfeabb37e8c1dc21d3edc5e3e20edd2d3da16ab5aa22bc600

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 12 Jan 2023 17:19:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3340
etag: W/"63c0412c-728a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZcpT1wYhyuqo6b0FuClBR7ui2aMvXN43TU5m69SZQwnilfC2KsmLlG5rOPnicj37wWLu1kTZpZ0HGITwRM3BteTGD23dO3LiEF%2FuHtFOI3mrJ4J%2F2YgzVuksRncHddO%2FEyOdUoKr"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 7d83ca1bcbc49b8c-FRA
expires: Sat, 17 Jun 2023 13:41:32 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1016 B 96ms
30ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700,200

Requested by

Host: freetrx.fun
URL: https://freetrx.fun/ftrx/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7f044f2ee9a12e9cb79571e1157be389d9ee137211608260596fdb5d7c1fda54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 16 Jun 2023 14:37:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 16 Jun 2023 12:46:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 16 Jun 2023 14:37:12 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.7.1/css/ 53 KB
12 KB 80ms
29ms Stylesheet
text/css 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.7.1/css/all.css
Requested by: Host: freetrx.fun
URL: https://freetrx.fun/ftrx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf

Request headers

Referer: https://freetrx.fun/
Origin: https://freetrx.fun
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: PBS7X5T90X0R5QBC
age: 858447
alt-svc: h3=":443"; ma=86400
x-amz-id-2: kd5hc04itWXSaoJh2YxQ86/QHYkxxnRUvtzWdhiDtE9lyI5x3XR1HRASepoZ72CPludcekximgQ=
last-modified: Wed, 30 Jun 2021 15:45:37 GMT
server: cloudflare
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ugbl8irD6%2B2hpdXfNO%2FVugJcurbl3IAKZB0UDRbB%2F%2F7%2BCNFKvrt9Zbc51UwOJ7zMiX%2Bi6fGAEdY98sERjfx8v3kZd%2FXj%2F6hFjSsr9OCtmF6JvGDfmXI6KvWJ%2FEi3jKYudUb%2FVRAtN9sinQTNOWiZhEpG"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7d83ca1b38a03656-FRA

GET
H2 200 bootstrap.min.css
freetrx.fun/ftrx/assets/css/ 156 KB
25 KB 34ms
32ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freetrx.fun/ftrx/assets/css/bootstrap.min.css

Requested by

Host: freetrx.fun
URL: https://freetrx.fun/ftrx/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2dd548f87f1e0c7cc046b0895552a7b4c25bc92c47bb8b9b53081f492241ab76

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/ftrx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:12 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 507901
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 06 May 2023 13:15:05 GMT
server: cloudflare
etag: W/"26f1c-645652d9-6d435b364d1a7751;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ukwj3%2F0qXFIo9r8MjnMQTXv%2FNjc2z18YeT7yBqOhXOwXb9UHP5VTDDXAcSK0IdkYQDTVLIrorIseqN%2FLOApysmKOzWt7GesuRd1EysvE%2FYRGy86cL92%2FJYJMo21CZnDkodEb5uW4mv%2BQMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 7d83ca1aece219a9-FRA
expires: Sat, 17 Jun 2023 17:32:11 GMT

GET
H2 200 now-ui-dashboard.css
freetrx.fun/ftrx/assets/css/ 124 KB
18 KB 30ms
28ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freetrx.fun/ftrx/assets/css/now-ui-dashboard.css?v=1.5.0

Requested by

Host: freetrx.fun
URL: https://freetrx.fun/ftrx/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4988271486d7942dec3bfcd183a5e9381dcb4cdc3b4a9c4e2ad5b3dcfcb5008

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/ftrx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:12 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 507901
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 06 May 2023 13:15:05 GMT
server: cloudflare
etag: W/"1f0b4-645652d9-e48653a01d233d5;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LJeLREVJk8Y9T1bh7iNCDl66wRqvZhhnmfFTKdbhVzPYKYQufpsRraX5Yj%2FmYWzJcCfWuVQctO%2F4Yz9Coop1Oh061wcLVRIuFr8NKf7gmTKHqthVs3djwNCVPNIsEtF2SMQ3LJItqwXuIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 7d83ca1aece519a9-FRA
expires: Sat, 17 Jun 2023 17:32:11 GMT

GET
H2 200 sweetalert.min.js Show response
freetrx.fun/ftrx/assets/js/webjs/ 71 KB
20 KB 37ms
36ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freetrx.fun/ftrx/assets/js/webjs/sweetalert.min.js

Requested by

Host: freetrx.fun
URL: https://freetrx.fun/ftrx/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26c6b253d74f84feade601e3155b6dea6655e6838dfdd9f0499f9a1387c5bf46

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/ftrx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:12 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 500111
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 06 May 2023 13:15:05 GMT
server: cloudflare
etag: W/"11c9a-645652d9-b9400c154616a4a9;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SzTA5%2BapxpTJilCp4p9Dlb6BRA7HrMSeS5WG%2B2zz%2F3V%2Fw%2Fgd4CvkS%2FJ%2FbEpFwG1UPqGLN291Rf62buDMSifJxnE0Ic3N4zhLmrsVmmbSlug9YW2xAmNbRh%2FhRXV4JcEFlvdheZ2e8t47ug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 7d83ca1aece619a9-FRA
expires: Sat, 17 Jun 2023 19:42:01 GMT

GET
H2 404 9362
tags.orquideassp.com/tag/ 0
0 68ms
25ms Script
text/plain 2600:9000:2491:ca00:2:e529:700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.orquideassp.com/tag/9362
Requested by: Host: freetrx.fun
URL: https://freetrx.fun/ftrx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:ca00:2:e529:700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H2 200 _AdQVAWidget_15609.js Show response
servicer.adqva.com/ads/ 1 KB
972 B 98ms
28ms Script
application/javascript 2606:4700:3035::ac43:97b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://servicer.adqva.com/ads/_AdQVAWidget_15609.js

Requested by

Host: freetrx.fun
URL: https://freetrx.fun/ftrx/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:97b9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.33, PleskLin

Resource Hash

ab80f37b78f7b46dd6692610d353a20d410561554adb21605ea24f2b06bdbba1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 787
x-powered-by: PHP/7.4.33, PleskLin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Fri, 16 Jun 2023 13:52:17 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wZSGQvh%2Ft7L764aszSs4fqYxOF8w5PzeMWUJbYTuqK0C03vlHeQ80WV%2FQ4KhdvuPE7N7xP9TPtlNVZJNHZio%2FOVyNr1N6b5qpEdDYCRPdaYj7OE9ipEevox%2B0H9KwDxC4yP6fyCwEGVXABmYJfa1zc0%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7d83ca1bdea99030-FRA

GET
H3 200 bnb.png
freetrx.fun/ftrx/assets/images/currencies/ 8 KB
8 KB 36ms
33ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freetrx.fun/ftrx/assets/images/currencies/bnb.png

Requested by

Host: freetrx.fun
URL: https://freetrx.fun/ftrx/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba77213c3a26f4c5e4e9a9252b72b7d8c9cbffc6bb23efd5961c53486f56d236

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/ftrx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:12 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 466602
alt-svc: h3=":443"; ma=86400
content-length: 7879
last-modified: Sat, 06 May 2023 13:15:05 GMT
server: cloudflare
etag: "1ec7-645652d9-fdf65690b36b212;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LDS%2FhE3AvnTCGiwRlZ9dM7OnR3TPQsL3WNrBvJb3KvUCvFjsFZvaZlQbC2fs9CHYiirRf2%2F%2BOfBAAfSzrdMJb705XcjLpM6IkFpEVRACQXdAwQf%2F2xwhm3yAv9YA5204O0l2IGRH2WX0mQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 7d83ca1b7cc935f4-FRA
expires: Sun, 18 Jun 2023 05:00:30 GMT

GET
H3 200 bch.png
freetrx.fun/ftrx/assets/images/currencies/ 10 KB
10 KB 99ms
92ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freetrx.fun/ftrx/assets/images/currencies/bch.png

Requested by

Host: freetrx.fun
URL: https://freetrx.fun/ftrx/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

444a5df71eb146dcdb605e4ff56b10811f27c31dce28cbf5dee37858f6e577ad

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/ftrx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:12 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 466601
alt-svc: h3=":443"; ma=86400
content-length: 9914
last-modified: Sat, 06 May 2023 13:15:05 GMT
server: cloudflare
etag: "26ba-645652d9-26f22a377273d72b;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JFiM4WFXHhRfdkRyhwTxGgM6mZNdAzs4v%2BzPRD5vyrKp2FDTIn4J9SQJaGccK9xY%2FoPmisbQNhVeuOrt25Kf0Rv3TPFCAsK1Gx4PruQafHIKe7trUzY2reSY4sa7wSb%2BrDBdZJdlKBXMFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 7d83ca1b7cd435f4-FRA
expires: Sun, 18 Jun 2023 05:00:31 GMT

GET
H3 200 doge.png
freetrx.fun/ftrx/assets/images/currencies/ 8 KB
9 KB 95ms
89ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freetrx.fun/ftrx/assets/images/currencies/doge.png

Requested by

Host: freetrx.fun
URL: https://freetrx.fun/ftrx/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3605f94c4674b73f60b20d9f3069eca84cc8d3d3370fc91de0cd9bc6d7e44a90

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/ftrx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:12 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 466600
alt-svc: h3=":443"; ma=86400
content-length: 8292
last-modified: Sat, 06 May 2023 13:15:05 GMT
server: cloudflare
etag: "2064-645652d9-2a673935a8b06233;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ct0dmsXe8jFa5UkVPXZ9Bh2N6uAaJ7hvgj325fGHT6fxMkK99TY2Sp55JRf3DpwikGqicOepxYeiSDyAVuN2GKzJrq4hR6JcaIh0Y2OqcRdI5Luvn8Z5ZMKtWEoKSemCyqDZcdxlH5yXKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 7d83ca1b7cd935f4-FRA
expires: Sun, 18 Jun 2023 05:00:32 GMT

GET
H3 200 dgb.png
freetrx.fun/ftrx/assets/images/currencies/ 8 KB
9 KB 37ms
30ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freetrx.fun/ftrx/assets/images/currencies/dgb.png

Requested by

Host: freetrx.fun
URL: https://freetrx.fun/ftrx/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

603c57f113e498ba5805cfcafaf70ffb75159203bd32cac9d363b5540a2fb60a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/ftrx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:12 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 466600
alt-svc: h3=":443"; ma=86400
content-length: 8270
last-modified: Sat, 06 May 2023 13:15:05 GMT
server: cloudflare
etag: "204e-645652d9-ff3775378d2903dc;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cjSl16WTVTzoUiyvb1j%2FeEy%2Fzg8iEl0U72xFr%2BM1pfOqjZaifurhynOFUq5b2ZkLcaOp7aAA5mcOgtE3aR%2BwXzavfuAgsVY0TItJMffTyNphtX1ChKTGYweRP2ucQ9vBgUsXKr8JYp9Sjw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 7d83ca1b7cdd35f4-FRA
expires: Sun, 18 Jun 2023 05:00:32 GMT

GET
H3 200 ltc.png
freetrx.fun/ftrx/assets/images/currencies/ 7 KB
7 KB 77ms
70ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freetrx.fun/ftrx/assets/images/currencies/ltc.png

Requested by

Host: freetrx.fun
URL: https://freetrx.fun/ftrx/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

635cbd5c4f2676a4f9287331eddb4fdae18114878cf9f45fefc068922628f368

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/ftrx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:12 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 552269
alt-svc: h3=":443"; ma=86400
content-length: 6686
last-modified: Sat, 06 May 2023 13:15:05 GMT
server: cloudflare
etag: "1a1e-645652d9-51cf75eb3ee1566b;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uIUJPjbTKCJRy4LI7yd015kHfrA6qSuArUdSDBGxnUlKtYYJoP6AFHfEmF%2FIfK41Tq%2FEqti4inWQz7FWGPM5OzcVvMDyA0Lep5QMhF%2Bwo00APkZz1MrKPZsQj5F%2B9S0Xc0d2z863WTUHQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 7d83ca1b7cdf35f4-FRA
expires: Sat, 17 Jun 2023 05:12:43 GMT

GET
H3 200 sol.png
freetrx.fun/ftrx/assets/images/currencies/ 53 KB
54 KB 78ms
71ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freetrx.fun/ftrx/assets/images/currencies/sol.png

Requested by

Host: freetrx.fun
URL: https://freetrx.fun/ftrx/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e967828146b91def4b3d68fa3fa7d6c069c39a6e713bfea10ba247d010477fa6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/ftrx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:12 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 466597
alt-svc: h3=":443"; ma=86400
content-length: 54481
last-modified: Sat, 06 May 2023 13:15:05 GMT
server: cloudflare
etag: "d4d1-645652d9-944e0082c022f469;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aFPTrF1fwIr5PJ0v9ywPolidjfYEYYpoPX9TslHcc%2BQH9RJiFuiVjeFXDE5oKyWL9DegOBZbR8J8p2TbCkTFS978toIk3f6LGVIsFFcYfDxLOi2yL7YDjLKfSmJmdpNBmdFMPoScdwYu%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 7d83ca1b7ce035f4-FRA
expires: Sun, 18 Jun 2023 05:00:35 GMT

GET
H3 200 trx.png
freetrx.fun/ftrx/assets/images/currencies/ 6 KB
6 KB 99ms
92ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freetrx.fun/ftrx/assets/images/currencies/trx.png

Requested by

Host: freetrx.fun
URL: https://freetrx.fun/ftrx/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53daca580d3f9d8d5ceca8d366e9bf23d952a04ccec7d6321a30813eab1a4084

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/ftrx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:12 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 466597
alt-svc: h3=":443"; ma=86400
content-length: 5681
last-modified: Sat, 06 May 2023 13:15:05 GMT
server: cloudflare
etag: "1631-645652d9-7bbf53c5145ab4cc;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ms5I%2FxVCFsn0a2sTPwQWXb5brqj01lFPUd1YqZCN60zOPFoACq7%2FD2hAm62mlP3fDSTbTihpxYr8sU%2Bv9d4RaGw0sDu6dWQ5eeB%2FPXiQEh2x2oRR7f3N%2FcY9Yil7cQ2r8SHNj%2F9pqbxNrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 7d83ca1b7ce135f4-FRA
expires: Sun, 18 Jun 2023 05:00:35 GMT

GET
H3 200 zec.png
freetrx.fun/ftrx/assets/images/currencies/ 7 KB
8 KB 55ms
48ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freetrx.fun/ftrx/assets/images/currencies/zec.png

Requested by

Host: freetrx.fun
URL: https://freetrx.fun/ftrx/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44f8f908467e4a0a3b1b0ca71f6042c67dccebe72de3c82f0824380692093963

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/ftrx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:12 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 466597
alt-svc: h3=":443"; ma=86400
content-length: 7501
last-modified: Sat, 06 May 2023 13:15:05 GMT
server: cloudflare
etag: "1d4d-645652d9-77165074d9a2d121;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uPKWQdrQQNKmkgPJKtKacGOboeTaHOdFKjHuN7g%2FH6kWS3gxOWsHXqWVR8JxHB6%2B3zrnp9T8Bd3n2h7ZDesyFx4ow%2B4XhVLBGyHhUv3yyX3zkWPnMHmW5xytLVVjJZYYxnzMOO24UVrmmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 7d83ca1b7ce235f4-FRA
expires: Sun, 18 Jun 2023 05:00:35 GMT

GET
H3 200 xrp.png
freetrx.fun/ftrx/assets/images/currencies/ 7 KB
7 KB 99ms
93ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freetrx.fun/ftrx/assets/images/currencies/xrp.png

Requested by

Host: freetrx.fun
URL: https://freetrx.fun/ftrx/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f22061853568d37b9b8f4775622b90ad1a559a4fbbfb22491226f883c1b7fad7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/ftrx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:12 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 552269
alt-svc: h3=":443"; ma=86400
content-length: 6749
last-modified: Sat, 06 May 2023 13:15:05 GMT
server: cloudflare
etag: "1a5d-645652d9-a5118db525093d82;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rSzkatRk1mVYyxId3E%2FeUT2dWJz7BWMwAj49xU8v16W9g%2BP0WKxrzsYvjxxwPn6hZ3D8iNjGcHbFP6VGlUVv1naB09CDX3dJ%2FYBOfS3ZtzJOM15kubtCDeLyCfgYbGNfbHSyX0NWamP8yg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 7d83ca1b7ce435f4-FRA
expires: Sat, 17 Jun 2023 05:12:43 GMT

GET
H3 200 matic.png
freetrx.fun/ftrx/assets/images/currencies/ 7 KB
8 KB 100ms
93ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freetrx.fun/ftrx/assets/images/currencies/matic.png

Requested by

Host: freetrx.fun
URL: https://freetrx.fun/ftrx/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e76e8f648d5be7aa7790a3a8d884aaa2d813f4eaa2d32da97edc8ecae87cf2f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/ftrx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:12 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 494656
alt-svc: h3=":443"; ma=86400
content-length: 7547
last-modified: Sat, 06 May 2023 13:15:05 GMT
server: cloudflare
etag: "1d7b-645652d9-c9624a1a799ddf8f;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uz%2F%2F3pJIWqJKIJVQyFcQwIFfLnQbjOcCEsVYZTcWZaI86thoVUDUcXnestu3WGK9FBZ7ul1kp8JJneq0OkNhnHngZTDAw%2FX4EXGQfxsCBtnv4o%2BZjaoorNtfwkIAF%2F3RC8cy6Y7AQgEhCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 7d83ca1b7ce535f4-FRA
expires: Sat, 17 Jun 2023 21:12:56 GMT

GET
H3 200 btc.png
freetrx.fun/ftrx/assets/images/currencies/ 9 KB
9 KB 115ms
108ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freetrx.fun/ftrx/assets/images/currencies/btc.png

Requested by

Host: freetrx.fun
URL: https://freetrx.fun/ftrx/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebc3a7fd60aaed829245b3e010a91bfbd59619f4b302e31151875685cd01cc96

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/ftrx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:12 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 506456
alt-svc: h3=":443"; ma=86400
content-length: 8707
last-modified: Sat, 06 May 2023 13:15:05 GMT
server: cloudflare
etag: "2203-645652d9-b2d02d794f91170;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DIfb5DdCapA3HXyK7SLql1pwbJSq5wMIzPEaopcPErzboXP%2B3C7oHEEL4slUgiO8dG8IwXTCn5bmV1kiAEuYQZnAnxwkxgpO%2Bx5JP%2BwQ2G29mUwj4UCUgPedFj2uYhPOcG8VIOt8zfUnmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 7d83ca1b7ce735f4-FRA
expires: Sat, 17 Jun 2023 17:56:16 GMT

GET
H3 200 eth.png
freetrx.fun/ftrx/assets/images/currencies/ 10 KB
10 KB 116ms
108ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freetrx.fun/ftrx/assets/images/currencies/eth.png

Requested by

Host: freetrx.fun
URL: https://freetrx.fun/ftrx/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

073a619dd22d64d0db9f60ef8199b7b216a9efba06a4bc40fd319ebbf3611bc0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/ftrx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:12 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 466586
alt-svc: h3=":443"; ma=86400
content-length: 9844
last-modified: Sat, 06 May 2023 13:15:05 GMT
server: cloudflare
etag: "2674-645652d9-c851efff7750fa7;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JHXgoq%2BDnal2C6HcxgpFaWLLSJO1VsutF8h%2BUFB3yPtQY3BNN3lE7BiKomSfWzvT7GeeDsBKfSEdsXpZBXDbTqkkxyXkisC%2BVAwdXD6dllwNWWuMhVQ2O11Y2Jv%2B1Zxs1cq8CrZ%2Fn1fBrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 7d83ca1b7ce835f4-FRA
expires: Sun, 18 Jun 2023 05:00:46 GMT

GET
H3 200 dash.png
freetrx.fun/ftrx/assets/images/currencies/ 6 KB
7 KB 117ms
109ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freetrx.fun/ftrx/assets/images/currencies/dash.png

Requested by

Host: freetrx.fun
URL: https://freetrx.fun/ftrx/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb7dfe59c593e0c564fbd1a53e4cc936c4791e3ffe140471e803fb25f689f7ca

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/ftrx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:12 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 361569
alt-svc: h3=":443"; ma=86400
content-length: 6493
last-modified: Sat, 06 May 2023 13:15:05 GMT
server: cloudflare
etag: "195d-645652d9-11c0b77ce98b5e8;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5TuRJSiH8KkTp5NOjhoLTbbsQT5Br6Cf5ZwIwiUa0np2KQGfeBfJD3DxzLz28Xic6LEKZdvV28S9XgGn%2BMiIh%2FgA0gjBTXHXl4HmnHHjbLGiHg3coVhJffq46tD%2BsLdFeHQ50ODWfzs1WQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 7d83ca1b7cea35f4-FRA
expires: Mon, 19 Jun 2023 10:11:03 GMT

GET
H3 200 usdt.png
freetrx.fun/ftrx/assets/images/currencies/ 9 KB
9 KB 117ms
110ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freetrx.fun/ftrx/assets/images/currencies/usdt.png

Requested by

Host: freetrx.fun
URL: https://freetrx.fun/ftrx/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c47b7f6b678f1a9be54dbc587c3df8900ce1611fff266967a07b91d9809f3659

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/ftrx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:12 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 33389
alt-svc: h3=":443"; ma=86400
content-length: 8753
last-modified: Sat, 06 May 2023 13:15:05 GMT
server: cloudflare
etag: "2231-645652d9-23e3096da190095d;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2BNTYaQD%2By6vgTQGo%2FBBXOvytllERPuJMHKK0ABwDoR7kVDgaMSdW0cWF29OC9eslG3%2FYLPhifRIruFSl0c0lXedCHRHtEnlXbb73PcPpXk8Mc8Hrm6ejI3ojzI%2F4m7oDhkLOMeY4kLmVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 7d83ca1b7ced35f4-FRA
expires: Fri, 23 Jun 2023 05:20:43 GMT

GET
H3 200 fey.png
freetrx.fun/ftrx/assets/images/currencies/ 42 KB
43 KB 55ms
48ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freetrx.fun/ftrx/assets/images/currencies/fey.png

Requested by

Host: freetrx.fun
URL: https://freetrx.fun/ftrx/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b4e9db6469cd291e6710eb04ba112bd603c9d504bae2af0d3c0896676bad2dc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/ftrx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:12 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 361569
alt-svc: h3=":443"; ma=86400
content-length: 43265
last-modified: Sat, 06 May 2023 13:15:05 GMT
server: cloudflare
etag: "a901-645652d9-4847e215a3f8a278;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nhv3cFKzURILi15Pf50s2%2F%2Fgavdx3dkvP3R4qIWSBvkAKEQ8Td31mIHpwRhmfSH7rTO30qqHCPBZH%2BuNFCHXe3NTLn9qk9x6w3SCkYmbwBVaZ2uECfQHpCw%2FxiRa7r9dysoyzsqmOnBjxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 7d83ca1b7cef35f4-FRA
expires: Mon, 19 Jun 2023 10:11:03 GMT

GET
H2 200 _AdQVAWidget_15613.js Show response
servicer.adqva.com/ads/ 1 KB
1 KB 95ms
27ms Script
application/javascript 2606:4700:3035::ac43:97b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://servicer.adqva.com/ads/_AdQVAWidget_15613.js

Requested by

Host: freetrx.fun
URL: https://freetrx.fun/ftrx/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:97b9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.33, PleskLin

Resource Hash

c2cf03ea96115afe0d4018bfc61f664ab1e5c75702542345d9a8aedd42a6f4c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1771
x-powered-by: PHP/7.4.33, PleskLin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 16 Jun 2023 12:07:33 GMT
cf-bgj: minify
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MiJEjLPhZC4qISJ4%2Bt4I5nkA%2FEvI25l4Nqz9movdhpA8SlXdaRJv7uAqd8YO6xPXwDm5xcaMSXpPrMAxgR6pSJJkVCBKHE1STBkcKCifCNaM6htKCNK9JXOnnlRz5z6nnQ%2Bvr%2F%2FMzYoELM98U2W%2Bm7Y%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7d83ca1bdeab9030-FRA

GET
H2 200 11539 Show response
tags.orquideassp.com/tag/ 660 B
1 KB 62ms
22ms Script
text/javascript 2600:9000:2491:ca00:2:e529:700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.orquideassp.com/tag/11539

Requested by

Host: freetrx.fun
URL: https://freetrx.fun/ftrx/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:ca00:2:e529:700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

1db231eb61ab4d9a3c523d01727eb4a4bcbe62b5059d383f7910d03e1e2b276c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
date: Fri, 16 Jun 2023 14:14:52 GMT
x-content-type-options: nosniff
via: 1.1 4b69099d64ffa1fbe8adbe1235065a14.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 1349
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
content-length: 660
x-xss-protection: 1; mode=block
server: nginx/1.16.1
etag: W/"294-e2uT/cXcnMAd3O/2zorT0wLhMNQ"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-amz-cf-id: jpwKprzf1BJhtiHLCcA01X47AyJVtccBQfLhj8vbIb9qguocqR3Wjw==

GET
H/1.1 200
OK native.js Show response
ss.mndsrv.com/ 72 KB
72 KB 528ms
247ms Script
application/javascript 199.241.100.27
MOJOHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://ss.mndsrv.com/native.js
Requested by: Host: freetrx.fun
URL: https://freetrx.fun/ftrx/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.241.100.27 , United States, ASN27589 (MOJOHOST, US),
Reverse DNS: cs2196.mojohost.com
Software: nginx/1.20.1 /
Resource Hash: 24b05a7f551a61746572b9c72e45608f295268e9e69bcbb27ffeaa3c2c9669ca

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Fri, 16 Jun 2023 14:37:13 GMT
Last-Modified: Tue, 16 May 2023 12:00:59 GMT
Server: nginx/1.20.1
ETag: "6463707b-1205e"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 73822

GET
H/1.1 200
OK e774fe94-d8a1-461d-bb9b-164c8b1bf98f.js Show response
ss.mndsrv.com/ctatic/ 34 KB
35 KB 537ms
254ms Script
application/javascript 199.241.100.27
MOJOHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://ss.mndsrv.com/ctatic/e774fe94-d8a1-461d-bb9b-164c8b1bf98f.js
Requested by: Host: freetrx.fun
URL: https://freetrx.fun/ftrx/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.241.100.27 , United States, ASN27589 (MOJOHOST, US),
Reverse DNS: cs2196.mojohost.com
Software: nginx/1.20.1 /
Resource Hash: 138d351d33c6d9b7b0cf61e937c3da66b13459ac0f11cc6796a6bb5a8cfa3d44

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Fri, 16 Jun 2023 14:37:13 GMT
Last-Modified: Thu, 25 Aug 2022 10:51:56 GMT
Server: nginx/1.20.1
ETag: "6307544c-88fd"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35069

GET
H/1.1 200
OK banner.js Show response
ss.mndsrv.com/ 7 KB
7 KB 417ms
130ms Script
application/javascript 199.241.100.27
MOJOHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://ss.mndsrv.com/banner.js
Requested by: Host: freetrx.fun
URL: https://freetrx.fun/ftrx/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.241.100.27 , United States, ASN27589 (MOJOHOST, US),
Reverse DNS: cs2196.mojohost.com
Software: nginx/1.20.1 /
Resource Hash: 8a64910872e140c9fdee68753b9a8a8c6ade93b2e55be7cf91dbcf060b314fe8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Fri, 16 Jun 2023 14:37:13 GMT
Last-Modified: Wed, 19 Apr 2023 08:14:08 GMT
Server: nginx/1.20.1
ETag: "643fa2d0-1c31"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7217

GET
H/1.1 200
OK a524e320-b020-4ade-9e63-b6637ccaca65.js Show response
ss.mndsrv.com/static/ 59 KB
59 KB 550ms
263ms Script
application/javascript 199.241.100.27
MOJOHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://ss.mndsrv.com/static/a524e320-b020-4ade-9e63-b6637ccaca65.js
Requested by: Host: freetrx.fun
URL: https://freetrx.fun/ftrx/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.241.100.27 , United States, ASN27589 (MOJOHOST, US),
Reverse DNS: cs2196.mojohost.com
Software: nginx/1.20.1 /
Resource Hash: 188efb3210377ba8f48b43637e08a2f703a0dc95fca0aed4c5b6f4f3dd324151

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Fri, 16 Jun 2023 14:37:13 GMT
Last-Modified: Tue, 25 Apr 2023 14:57:01 GMT
Server: nginx/1.20.1
ETag: "6447ea3d-ebaa"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 60330

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.0/ 86 KB
28 KB 80ms
29ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.0/jquery.min.js

Requested by

Host: freetrx.fun
URL: https://freetrx.fun/ftrx/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1939162
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27781
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-15857"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FiPIHNiCHpINcA8aa606iS4h%2BlKmElSOn7qTH10sOS%2FgnPTpA6YoCvY4WUiytcyK%2FmTpeKrRpRKWCNbD7W0kaabQ8%2FHzpWkbnv7F%2F8Fi%2FcOtah7XN74QKJuZSnhLuK1Fo22OHUfteiNeb3HPOz9sw9dv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d83ca1bc8ad3831-FRA
expires: Wed, 05 Jun 2024 14:37:12 GMT

GET
H3 200 jquery.min.js Show response
freetrx.fun/ftrx/assets/js/core/ 86 KB
32 KB 56ms
49ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freetrx.fun/ftrx/assets/js/core/jquery.min.js

Requested by

Host: freetrx.fun
URL: https://freetrx.fun/ftrx/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/ftrx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:12 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 466604
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 06 May 2023 13:15:05 GMT
server: cloudflare
etag: W/"15851-645652d9-7c03ce963707906a;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hAG9k1EFGRQ%2FgtMG1dppkBm4P7f3cyGPeimXfwq1TynyyLURBRp2IHFzkJccCLb21g1mZt0rSQ7aKT7kSeUz23D7%2FWi%2BfJcz8s%2FOofoWwfepG%2BetjxbMZNC6z76M5ngX3mtmkyU%2FTJTgMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 7d83ca1b7cf035f4-FRA
expires: Sun, 18 Jun 2023 05:00:28 GMT

GET
H3 200 popper.min.js Show response
freetrx.fun/ftrx/assets/js/core/ 20 KB
8 KB 142ms
136ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freetrx.fun/ftrx/assets/js/core/popper.min.js

Requested by

Host: freetrx.fun
URL: https://freetrx.fun/ftrx/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b0f43a41a22937586d9dcfb1a83acb9e352846843188049c87613a17f688fbb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/ftrx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:12 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 466604
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 06 May 2023 13:15:05 GMT
server: cloudflare
etag: W/"51c6-645652d9-a28af2c54a1bef59;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IqrTWB01nkWRP9mLqUwaRw8InxLRZMHERR4MTPfcKUrJjpwuVwRSM5SilcjA%2FzLqU9ih6O83pR1Z4QTZJqPwEpcrSWLQkKRTuN335rj5czpo5pKAKR6KDWAa8nEAsP5lPenku%2BjQJ1qfqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 7d83ca1b7cf335f4-FRA
expires: Sun, 18 Jun 2023 05:00:28 GMT

GET
H3 200 bootstrap.min.js Show response
freetrx.fun/ftrx/assets/js/core/ 59 KB
17 KB 143ms
137ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freetrx.fun/ftrx/assets/js/core/bootstrap.min.js

Requested by

Host: freetrx.fun
URL: https://freetrx.fun/ftrx/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

feaf27fdddabe92bfbbe2a1493c53a3bf017fd225854c3e7c1dd2539da667ea5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/ftrx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:12 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 461808
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 06 May 2023 13:15:05 GMT
server: cloudflare
etag: W/"ea6b-645652d9-676cc0a3725d9c3e;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1eXq7u4BVZlWE8YbX0UmugxkEYL1Z7Z8igkGDU3Dp%2BPBwQ9YZTe4FGGxEUaC1tcl9Ln9F0SYpXK%2BYMkduoNSf%2B853DpKP95PyIbN4klB2ys4tjNQe6iNrInokKYKi1fZ31tHkRLuO0thTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 7d83ca1b7cf435f4-FRA
expires: Sun, 18 Jun 2023 06:20:24 GMT

GET
H3 200 now-ui-dashboard.min.js Show response
freetrx.fun/ftrx/assets/js/ 3 KB
2 KB 145ms
138ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freetrx.fun/ftrx/assets/js/now-ui-dashboard.min.js?v=1.5.0

Requested by

Host: freetrx.fun
URL: https://freetrx.fun/ftrx/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a649d13dae46d7ac7044b05e17257687096577cc2e3b8ac8990ef48dd8fa6875

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/ftrx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:12 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 494657
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 06 May 2023 13:15:05 GMT
server: cloudflare
etag: W/"cc1-645652d9-7d0b859a13bc9d2e;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=znDm%2BVn1uwqnhE0OmWPiJZuiwzlh%2BF6lzpGZMTYdM88Dv2Dg5XDtclD%2FGfDsn53A8erLDZ%2B27Mb0IIXgOy1FVFOLeC9w%2BmuNngHZKzO7rC3FAKWuGRhlKU6OcVYkLOWaNSAgcRHjJtXbkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 7d83ca1b7cf535f4-FRA
expires: Sat, 17 Jun 2023 21:12:55 GMT

GET
H3 200 captcha.js Show response
freetrx.fun/ftrx/assets/js/webjs/ 288 B
716 B 145ms
139ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freetrx.fun/ftrx/assets/js/webjs/captcha.js

Requested by

Host: freetrx.fun
URL: https://freetrx.fun/ftrx/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

634bdefb7556c6d66dd18b54785288b3f86b453f791a5a66254779b2bbdd1479

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/ftrx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:12 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 494657
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 06 May 2023 13:15:05 GMT
server: cloudflare
etag: W/"120-645652d9-3f9826c3a3d66ffc;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kW0HJxOx2IlSYSZCo8877G5o8t4Tdd4JRz7DowMkeKFiPAo7gy22UTPjdEhdqs6z3fwwIi5gR5tgiq0Ua7s1bItR8NOBux9A1xuhP4OJ4a5GkDdTSN0Lt0PIvcOeJ1bRF3Fcp8qq2PZrFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 7d83ca1b7cf735f4-FRA
expires: Sat, 17 Jun 2023 21:12:55 GMT

GET
H2 200 prebid_hb_1652_3661.js Show response
d3u598arehftfk.cloudfront.net/ 143 KB
32 KB 83ms
23ms Script
application/javascript 2600:9000:223f:b200:1f:946:f000:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3u598arehftfk.cloudfront.net/prebid_hb_1652_3661.js
Requested by: Host: freetrx.fun
URL: https://freetrx.fun/ftrx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:b200:1f:946:f000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f19f0b839b4f0a879b574e4e49b04995872fc6d8fb88f7cf35d6f21e197a4671

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 31 May 2023 06:10:04 GMT
content-encoding: gzip
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
last-modified: Wed, 19 Apr 2023 08:55:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 1412829
etag: W/"6e305a9964e9ef6d8d461f7e7871f43a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=864000
x-amz-cf-id: ojwFYeSZrhv8kvkpj2tbyvdH-lDZu43Io86QtgaSaorWWcI2mzoLTw==

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 18 KB
8 KB 119ms
64ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: tags.orquideassp.com
URL: https://tags.orquideassp.com/tag/11545

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cfe6bd59f0db86d5ca34ef51bb50d954b91e46d4c84b6f7be3ef03e579d3d51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freetrx.fun/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 16 Jun 2023 14:37:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7690
x-xss-protection: 0
server: cafe
etag: 4246617202716247881
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 16 Jun 2023 14:37:13 GMT

GET
H2 200 icon.svg
supertruco.com/ 4 KB
2 KB 65ms
17ms Image
image/svg+xml 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://supertruco.com/icon.svg

Requested by

Host: tags.orquideassp.com
URL: https://tags.orquideassp.com/tag/11545

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

6500f7835a2323775cb4c894af2f8c7506ab6266809823cd23c1de35e6b63e77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:12 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 30 Aug 2022 14:43:20 GMT
server: nginx
x-ac: 5.ams _atomic_ams HIT
etag: W/"630e2208-102b"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800
expires: Wed, 26 Apr 2023 16:15:42 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
46 KB 114ms
113ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

709aeb9f541d0d14b76b7f0b93fc0d3e2431736b099b2c1b4de92a571d387fdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47273
x-xss-protection: 0
server: cafe
etag: 11891084987288308430
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 16 Jun 2023 14:37:13 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 112 KB
44 KB 87ms
37ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TSPMGJL

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/ourtecads/AntiAdblock@aff5230f61c60d6dc24a1ac69a40d2ebf3f65593/aab.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

746b795285b8b75c72d73afff7292a7fac46f177f54593339978276cd68dc931

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44695
x-xss-protection: 0
last-modified: Fri, 16 Jun 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 16 Jun 2023 14:37:13 GMT

GET
H2 200 6462ded54dfa5babd4b5eaa9.js Show response
cdn.bmcdn5.com/js/ 10 KB
5 KB 184ms
116ms Script
application/javascript 2606:4700:20::681a:807
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bmcdn5.com/js/6462ded54dfa5babd4b5eaa9.js?v=1686926233054
Requested by: Host: freetrx.fun
URL: https://freetrx.fun/ftrx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:807 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0abb0ff2de787bbe7df0008b49a99a09dd5e8eac35a3826cf287f69a44f1b848

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:13 GMT
content-encoding: br
accept-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HegM%2FC5UwbvwHWsDmKSTinJ%2FgEB0x2I3dey8GqUgNO2zVttJA6sNOvQz0XcJXV3mWnqUewcK0L1Az9d259UaZT5z8%2Bl9qfe%2BxAV4KMuh3nrM7nx83hL3nGbEz0%2F4Z%2FFW%2BWN78T3Z2020sBMq"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1800, public
cf-ray: 7d83ca1d1adf3627-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Fri, 16 Jun 2023 15:07:13 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
31 KB 76ms
20ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700,200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://freetrx.fun
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 14:34:09 GMT
x-content-type-options: nosniff
age: 518584
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Jun 2024 14:34:09 GMT

GET
H2 200 / Show response
t.dtscout.com/i/ 2 KB
2 KB 245ms
190ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/i/?l=https%3A%2F%2Ffreetrx.fun%2Fftrx%2F&j=
Requested by: Host: waust.at
URL: https://waust.at/t.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9285a80d8ab5865b3c84926cf203f1b3d15667d275a88f64dcfeb83d9ed2d316

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:13 GMT
x-t: 0.202
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2e9K9S24xWHeHXLxgFdYx5Kto%2FLU9dWJLS5WhonVnHGQWI8JLVisrSWkm0iXRXRZJFz6mEW4vV7qcUOlzlug3X6OjlXDdAIR%2Bvj6JT8KUPX%2B%2FZLZMobFgoThG36iPb5HxXa%2FWwbKzaKmuU4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl3
cf-ray: 7d83ca1d2a87b79d-AMS
expires: Fri, 16 Jun 2023 14:37:12 GMT

GET
H2 200 net.js Show response
static.surfe.pro/js/ 4 KB
3 KB 111ms
30ms Script
application/javascript 2606:4700:3031::6815:2dfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.surfe.pro/js/net.js

Requested by

Host: freetrx.fun
URL: https://freetrx.fun/ftrx/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:2dfb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5b7cca93edaff23020330b201d45def46d287db5da3a1222bf0875958a9adeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1373
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 20 Mar 2023 14:25:26 GMT
server: cloudflare
etag: W/"64186cd6-1100"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aBvdiArm1EN1Hssc4yH%2B%2FhzO5OSf4Hpgbk0u3xiOgR4sPiKFP5QKMy0uI7b3tc%2Bl7KgfGo0HQmeroAT72xLiHIL%2B%2F62%2BG%2BLts2OHU7pJhBwn%2F8vJOdPw0hQSN27zn1Eyqu%2B7w97bYuJKR0xvC5V7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
permissions-policy: interest-cohort=(),geolocation=(self), camera=()
cf-ray: 7d83ca1d6b362c52-FRA

GET
H2 200 6462ded54dfa5babd4b5eaa9.js Show response
cdn.bmcdn5.com/js/ 10 KB
5 KB 145ms
114ms Script
application/javascript 2606:4700:20::681a:807
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bmcdn5.com/js/6462ded54dfa5babd4b5eaa9.js?v=1686926233093
Requested by: Host: freetrx.fun
URL: https://freetrx.fun/ftrx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:807 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb168fe9924e629e2da0b3a2c4c9bbce18ae9d19719cd45572c4c7acb112e30b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:13 GMT
content-encoding: br
accept-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qAhG0%2Fv4NHnjo19V%2FuGO6bwVpgHE0LNFokONruEFGUp5Uh%2Bx3Duob2xJ0SGFzBOlnTGNTNWjIndFXUzjAFwi9eNU8WFBPX8%2FsTBdf7JH%2Fa6jHNDkuGLmw6947rUJfs3dr3qlNCDoYQrJmmM1"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1800, public
cf-ray: 7d83ca1d1ae23627-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Fri, 16 Jun 2023 15:07:13 GMT

GET
H/1.1 200
OK ad.php Show response
zerads.com/ad/ Frame 77B5 1 KB
1 KB 531ms
130ms Document
text/html 92.204.136.218
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://zerads.com/ad/ad.php?width=300&ref=2277
Requested by: Host: freetrx.fun
URL: https://freetrx.fun/ftrx/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 92.204.136.218 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),
Reverse DNS: ns1007988.ip-92-204-136.us
Software: Apache /
Resource Hash: 739f0b1eed0e422f12edd5dff5a0677e595a95780eb16e2180b7ccf5a5ea70f0

Request headers

Referer: https://freetrx.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html
Date: Fri, 16 Jun 2023 14:37:13 GMT
Keep-Alive: timeout=3, max=200
Server: Apache
Transfer-Encoding: chunked

GET
H3 200 ad_cp.html Show response
freetrx.fun/ Frame 7323 2 KB
1 KB 66ms
65ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freetrx.fun/ad_cp.html

Requested by

Host: freetrx.fun
URL: https://freetrx.fun/ftrx/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

392ce57102cbbb0a075837c2cd5faa91009369859842c5f6b26acba2820f9bdc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://freetrx.fun/ftrx/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7d83ca1cfe8735f4-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html
date: Fri, 16 Jun 2023 14:37:13 GMT
last-modified: Tue, 28 Feb 2023 19:25:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
platform: hostinger
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=38xd%2FL2FIPr%2B6lA2d9ZlmgEtpfkGthIJay%2BfNZmjaTIdF2sTvKKNOHVnBxrfTKf0xNx01XunCA%2FcqczbDvr0bbaC3YAifAWK53xR%2BGsTE3IcJ9sOB3TCzHCrkJDAdV5a%2BJ5LFBCTNF30yQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET
H2 200 adcpm_300x250.html Show response
claim.fun/ Frame A106 166 B
484 B 135ms
25ms Document
text/html 2a02:4780:a:761:0:199c:170d:8
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://claim.fun/adcpm_300x250.html

Requested by

Host: freetrx.fun
URL: https://freetrx.fun/ftrx/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:a:761:0:199c:170d:8 Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

6ca59ef5115f985c9b5070de7bae45d0a1c629540bbcb9a7e6fb68a2389777fd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://freetrx.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 166
content-security-policy: upgrade-insecure-requests
content-type: text/html
date: Fri, 16 Jun 2023 14:37:13 GMT
etag: "a6-640bd386-5d50bbee8c8e0d6b;;;"
last-modified: Sat, 11 Mar 2023 01:04:06 GMT
platform: hostinger
server: LiteSpeed

GET
H2 200 15609 Show response
servicer.adqva.com/native/ 73 KB
13 KB 493ms
491ms Script
application/javascript 2606:4700:3035::ac43:97b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://servicer.adqva.com/native/15609?pageUrl=https%3A%2F%2Ffreetrx.fun%2Fftrx%2F&language=en&refererUrl=

Requested by

Host: servicer.adqva.com
URL: https://servicer.adqva.com/ads/_AdQVAWidget_15609.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:97b9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.33, PleskLin

Resource Hash

d3b4b0b4dc15a09b65a425fff5c8cb734fd4ea3bc2828ef16e7bee8c829174fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33, PleskLin
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VmXjo37fs2UxwC55xU5HjgP8hmb82hggOPELUFgobGQDhRpM%2FhxKI4xtLvxDyhSBnX%2BPBmpaYWnVgnnxKMHhpnZ0rFhL3k8dgkh2wQuq1It2O7gWnnH%2FXwbohqQajNNknPS8fNtRhJU6p4uMK8q%2BdFQ%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7d83ca1d1fb59030-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H2 200 15613 Show response
servicer.adqva.com/native/ 69 KB
12 KB 464ms
462ms Script
application/javascript 2606:4700:3035::ac43:97b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://servicer.adqva.com/native/15613?pageUrl=https%3A%2F%2Ffreetrx.fun%2Fftrx%2F&language=en&refererUrl=

Requested by

Host: servicer.adqva.com
URL: https://servicer.adqva.com/ads/_AdQVAWidget_15613.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:97b9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.33, PleskLin

Resource Hash

ccd818ef2f3cafaf22ffc06e52d0e4a6f9f2f766bf88721b8461a1b71dfc6d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33, PleskLin
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QA7HfC4H7y93zUqSLp3r%2BRyoOW2WvUc6Pd0gkHGNu3z7wsw2wLhHr9RA3MvJwnszI8j8IE0h5Prxf7vdsXCsTTy7pxwJzeHBWxK04zI%2BQ3SdbjMope6R78b%2F37NKq5DeemGwPVAnsOt%2BtwFYeYxkS6s%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7d83ca1d1fb69030-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H2 200 prebid_hb_1652_3954.js Show response
d3u598arehftfk.cloudfront.net/ Frame 7323 155 KB
33 KB 23ms
18ms Script
application/javascript 2600:9000:223f:b200:1f:946:f000:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3u598arehftfk.cloudfront.net/prebid_hb_1652_3954.js
Requested by: Host: freetrx.fun
URL: https://freetrx.fun/ad_cp.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:b200:1f:946:f000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2a4c2efee597e82f8d7476b1ba4d0b96af2c548f65fe0849f08f2d3a2b39cc0c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 09:42:26 GMT
content-encoding: gzip
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
last-modified: Mon, 05 Jun 2023 09:31:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 968088
etag: W/"a339917210ba89b03d56942eea7afa86"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=864000
x-amz-cf-id: n8adb6J2qWJ8upDiGdZ3ilR9pBewQO3S_iPEJAtqiTP6M-yj1da7kA==

GET
H2 200 show.php Show response
cryptocoinsad.com/ads/ Frame BC14 2 KB
1 KB 348ms
113ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptocoinsad.com/ads/show.php?a=251910&b=392997
Requested by: Host: freetrx.fun
URL: https://freetrx.fun/ad_cp.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.24-0ubuntu0.18.04.17
Resource Hash: 813317bf73afbf03dfc44f7f1c1b14329709b141b4062f82e12f0ae48cdb4149

Request headers

Referer: https://freetrx.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7d83ca1f4c842baf-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 16 Jun 2023 14:37:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qvjtFcGrtKgC%2FLryXt%2BM5CXhgotzngQewfRHDrcrK7TyJ43TKCVmQJ2ZO9TC1UeK5ZHfNoMofjFHM1yUHTQX4deTr7zNjONmh4ses%2BpsoLlMSV4MWguVnPLFzE2P5aZJbyhwUOl2mVecdtQuBQoVwA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.2.24-0ubuntu0.18.04.17

GET
H3

200

invisible.js Show response
freetrx.fun/cdn-cgi/challenge-platform/h/g/scripts/jsd/6cdb09c9/ Frame 23E9
Redirect Chain

https://freetrx.fun/cdn-cgi/challenge-platform/scripts/invisible.js
https://freetrx.fun/cdn-cgi/challenge-platform/h/g/scripts/jsd/6cdb09c9/invisible.js

7 KB
4 KB

28ms
27ms

Script
application/javascript

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freetrx.fun/cdn-cgi/challenge-platform/h/g/scripts/jsd/6cdb09c9/invisible.js

Requested by

Host: freetrx.fun
URL: https://freetrx.fun/ad_cp.html

Protocol

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12a96d6aa7b52f5355ecb267c30d60a4124dbd79571b03ab18714d3dd5b532f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:13 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nMQJv9P00WlIU0NXyOUDldewRaID3h72hZIXN9YziHuDiGvxM4PTvLEqQrXNLSml8K2cKHWIGZ%2BsAp8EAuCAURY1YSdoYoP4jGDPC59tC3ko5qHOvvo1UvZ1OzUco2XIIKbbi%2B4%2F%2FtbP9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7d83ca1f593735f4-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Fri, 16 Jun 2023 14:37:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B0bzEmNoQ7ieoEDmau0F%2Ba9XKqumcxdZGyUCLQSNOfia%2BwffTmukZnTV4Y5v5%2BqZbRSuiqv2iuwQcOaUax1ggZqjsbr6OvFY3CCqZh8icddcN8x7i%2BEhIQqmsYG7xjQH0kpNA9q794g0nA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/6cdb09c9/invisible.js
cache-control: max-age=300, public
cf-ray: 7d83ca1e3fec35f4-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/ 352 KB
118 KB 91ms
91ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7913044002918072&plah=freetrx.fun

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

757bee2792e9a9d34105e3ebf7fa31e149c93c153adc4212b4a03a811d41bd5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120774
x-xss-protection: 0
server: cafe
etag: 15825672674257756821
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 16 Jun 2023 14:37:13 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230614/r20190131/ Frame A891 10 KB
5 KB 137ms
30ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230614/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freetrx.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 73943
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jun 2023 18:04:50 GMT
etag: 15057649708203361565
expires: Thu, 29 Jun 2023 18:04:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 tcf2_cmp_hbagency.js Show response
hbagency.it/cdn/ 2 KB
1 KB 143ms
29ms Script
application/javascript 2606:4700:e6::ac40:c021
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hbagency.it/cdn/tcf2_cmp_hbagency.js
Requested by: Host: d3u598arehftfk.cloudfront.net
URL: https://d3u598arehftfk.cloudfront.net/prebid_hb_1652_3661.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c021 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 670f6a774e46fdb4672ec410b164f24cf883d5afcb2ef4c88084eb62df070092

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3329
cf-polished: origSize=1711
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 28 Feb 2023 10:52:57 GMT
server: cloudflare
etag: W/"6af-5f5c066061950"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wVFtzBHYmFrkX1uIrFojQo6djntelhbIwQSw8YqzJpgy6W4hXSdC16zRShF3rjhdptoPu9NGbFzz7wWscpz6UmtlNRCD5FblXvdNJGg2A%2BVdTd%2FDmhotuyW%2Bfa%2B2N%2BCr4n5G0pq5d9%2BHUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7d83ca1f5a561e6c-FRA

GET
H2 200 0f6d7fa0-6cda-4e39-97fa-2b65962ccf31 Show response
boot.pbstck.com/v1/tag/ 1 KB
834 B 179ms
65ms Script
application/javascript 2606:4700:10::ac43:1997
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://boot.pbstck.com/v1/tag/0f6d7fa0-6cda-4e39-97fa-2b65962ccf31
Requested by: Host: d3u598arehftfk.cloudfront.net
URL: https://d3u598arehftfk.cloudfront.net/prebid_hb_1652_3661.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1997 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 136c5c2d764abed6f0998886a3edd474d74711688dde7a8d90b7e41c42f15648

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=120
timing-allow-origin: *
cf-ray: 7d83ca1f5f420418-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 postscribe.min.js Show response
cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/ 17 KB
5 KB 32ms
31ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js

Requested by

Host: d3u598arehftfk.cloudfront.net
URL: https://d3u598arehftfk.cloudfront.net/prebid_hb_1652_3661.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2147283
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5117
last-modified: Mon, 04 May 2020 16:15:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03faa-45f4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RoXOGPVx24ebMRGTcIFVHWDmtzGGv1GTSE4wA2d828CFDES4tfmt8%2FSj%2BNZz%2FI3R9HMYWlLb04z9YH8WD%2BtpzgPLMfpqDsXciVqt9lmULSOze7ad%2BtWcg0uLU%2Fe7NqyADdJYJWyNmGzSVNu8tCrFyp5O"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d83ca1eac713831-FRA
expires: Wed, 05 Jun 2024 14:37:13 GMT

GET
H2 200 prebid_7_44_ng.js Show response
hbagency.it/cdn/ 470 KB
144 KB 182ms
69ms Script
application/javascript 2606:4700:e6::ac40:c021
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hbagency.it/cdn/prebid_7_44_ng.js
Requested by: Host: d3u598arehftfk.cloudfront.net
URL: https://d3u598arehftfk.cloudfront.net/prebid_hb_1652_3661.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c021 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62abb2acb82a1832beb6f7f01a455cc6101d6593963c744771434fc23cac2266

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2861
cf-polished: origSize=481793
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 11 Apr 2023 11:28:34 GMT
server: cloudflare
etag: W/"75a01-5f90dcab31228"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NPYbJvlDRo%2BFnMdAfA786asG9Fd1EXBjXGkA9M%2BrKkmgyvEPB8gqEE29F2HPZpuZ%2Fw6oPjfamSp7W%2BBFOh6kVI2t%2FLz3ZZWxgqnmC1ZrcLSWTF%2FAhR0fR9uOREq2ay46qRLT2DXICTWsiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7d83ca1f5a591e6c-FRA

GET
H2 200 / Show response
whos.amung.us/pingjs/ 30 B
184 B 271ms
146ms Script
text/javascript 2606:4700:10::6816:4aab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://whos.amung.us/pingjs/?k=4yeqx3f6zb&t=Faucet%20Instant%20Payout%20Zone%20%7C%20FTRX%20Faucet&c=t&x=https%3A%2F%2Ffreetrx.fun%2Fftrx%2F&y=&a=0&d=0.915&v=27&r=8482
Requested by: Host: waust.at
URL: https://waust.at/t.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4aab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b448993aabcbe3b62434d2c6611ad5d04bf9e94854c87bc24c914aa7a02c02d3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:13 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7d83ca1f6d913627-FRA
content-type: text/javascript;charset=UTF-8

HEAD
H2 200 1
acceptable.a-ads.com/ 0
0 168ms
45ms Fetch
text/html 176.9.77.232
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acceptable.a-ads.com/1
Requested by: Host: freetrx.fun
URL: https://freetrx.fun/ftrx/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 176.9.77.232 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.232.77.9.176.clients.your-server.de
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

HEAD
H2 200 1
acceptable.a-ads.com/ 0
0 168ms
46ms Fetch
text/html 176.9.77.232
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acceptable.a-ads.com/1
Requested by: Host: freetrx.fun
URL: https://freetrx.fun/ftrx/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 176.9.77.232 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.232.77.9.176.clients.your-server.de
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

HEAD
H2 200 1
acceptable.a-ads.com/ 0
0 169ms
46ms Fetch
text/html 176.9.77.232
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acceptable.a-ads.com/1
Requested by: Host: freetrx.fun
URL: https://freetrx.fun/ftrx/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 176.9.77.232 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.232.77.9.176.clients.your-server.de
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H2 200 cc70209f1eaf9fa3bbb92ba659f121cc.js Show response
9186bf9778.cca63f7d30.com/ 155 KB
56 KB 128ms
22ms Script
application/javascript 45.133.44.53
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://9186bf9778.cca63f7d30.com/cc70209f1eaf9fa3bbb92ba659f121cc.js
Requested by: Host: freetrx.fun
URL: https://freetrx.fun/ftrx/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 53082ac01970252c5540950e4460f4a6a76cd0785b28e2baa1c8b9caf08c3c94

Request headers

Referer: https://freetrx.fun/
Origin: https://freetrx.fun
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: Fri, 16 Jun 2023 14:42:13 GMT
date: Fri, 16 Jun 2023 14:37:13 GMT
content-encoding: gzip
last-modified: Fri, 16 Jun 2023 08:12:36 GMT
server: nginx/1.18.0
etag: W/"648c1974-26bae"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
x-proxy-cache: HIT

POST
H2 200 teaser Show response
rt183.surfe.pro/net/ 0
399 B 136ms
34ms XHR
text/html 176.9.28.133
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rt183.surfe.pro/net/teaser?sid=1&w=1600&seed=6598570073868792&doc_ref=&href=aHR0cHM6Ly9mcmVldHJ4LmZ1bi9mdHJ4Lw==
Requested by: Host: freetrx.fun
URL: https://freetrx.fun/ftrx/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 176.9.28.133 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.133.28.9.176.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://freetrx.fun/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 16 Jun 2023 14:37:13 GMT
content-encoding: gzip
server: nginx
speed-04: site-notfound - 0.002065896987915
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://freetrx.fun
sb-error: Unknown origin host freetrx.fun
access-control-allow-credentials: true
speed-03: site-inited-view - 0.0020618438720703
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
speed-02: preload - 0.0014770030975342

GET
H2 200 show.php Show response
cryptocoinsad.com/ads/ Frame 381E 2 KB
1 KB 144ms
140ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptocoinsad.com/ads/show.php?a=252741&b=393437
Requested by: Host: claim.fun
URL: https://claim.fun/adcpm_300x250.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.24-0ubuntu0.18.04.17
Resource Hash: 7e25df8e43cd5cb9c48026af01f0d5c1b2de5e25a5212b8c26a719020e10f8b7

Request headers

Referer: https://claim.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7d83ca1f4c852baf-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 16 Jun 2023 14:37:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6sC8sxLZYgbeRbWL%2Bm%2BIqWWKMxVvet7womp%2FTRjdkFi9raktg7tQVBxgFmIwCf2yhw8%2FIQg47ywymJoEmX0IEDs3mSu8A4wun3PEEyoH%2Bc%2BDEyUA8%2BTsYxt41WP%2F2yPYrRUzQY%2FoNvKFOKATBKxMWw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.2.24-0ubuntu0.18.04.17

GET
H2 200 tcf2_cmp_hbagency.js Show response
hbagency.it/cdn/ Frame 7323 2 KB
1 KB 103ms
30ms Script
application/javascript 2606:4700:e6::ac40:c021
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hbagency.it/cdn/tcf2_cmp_hbagency.js
Requested by: Host: d3u598arehftfk.cloudfront.net
URL: https://d3u598arehftfk.cloudfront.net/prebid_hb_1652_3954.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c021 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 670f6a774e46fdb4672ec410b164f24cf883d5afcb2ef4c88084eb62df070092

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3329
cf-polished: origSize=1711
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 28 Feb 2023 10:52:57 GMT
server: cloudflare
etag: W/"6af-5f5c066061950"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bv1AVIEQZweMNR5%2BeeTgesRgFiJ8qINDcWBG7mbPMJJ97JIeYW83qTTTkTvTKvmc%2FDIQmiRKQu12ZcFUTUN35MYg3dGkG%2B1rMYxf4Th%2FR%2FRO1aoJ%2FQlXo%2FyZTgv%2BzvaKVCwdvCcstjFBFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7d83ca1f5a5c1e6c-FRA

GET
H2 200 postscribe.min.js Show response
cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/ Frame 7323 17 KB
5 KB 42ms
34ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js

Requested by

Host: d3u598arehftfk.cloudfront.net
URL: https://d3u598arehftfk.cloudfront.net/prebid_hb_1652_3954.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2147283
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5117
last-modified: Mon, 04 May 2020 16:15:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03faa-45f4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tCKQCD3GhYhQTUVQzKef8XPv7j%2FiY4IltTzjcPOsl3sTGwqdHW9gVSb%2BWw1y6BeF6nU6fm%2BQxNaT3F1mHTMOPhJTM%2BsQXBgWqSaaHnWLGlTRc0jCljCqitrfSA%2BAExbRl%2FV1M70X8sTQ2XiJVtL4V%2Btw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d83ca1efce93831-FRA
expires: Wed, 05 Jun 2024 14:37:13 GMT

GET
H2 200 prebid_7_44_ng.js Show response
hbagency.it/cdn/ Frame 7323 470 KB
144 KB 120ms
48ms Script
application/javascript 2606:4700:e6::ac40:c021
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hbagency.it/cdn/prebid_7_44_ng.js
Requested by: Host: d3u598arehftfk.cloudfront.net
URL: https://d3u598arehftfk.cloudfront.net/prebid_hb_1652_3954.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c021 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62abb2acb82a1832beb6f7f01a455cc6101d6593963c744771434fc23cac2266

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2861
cf-polished: origSize=481793
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 11 Apr 2023 11:28:34 GMT
server: cloudflare
etag: W/"75a01-5f90dcab31228"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sb6uHONULfDwudvILMHJTNZsDhh01N2545lgRBeHP8VjhZDd5WBAZD8IlvqdBDLmM0FkHlgpzHN%2Fs%2BU819kaxmAQ783w85817RjjXJcx4OpcjRAc1E7BTw%2FK1RLDpJyicV2ncfy8XztGYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7d83ca1f5a5d1e6c-FRA

GET
H2 200 871127111941.js Show response
cdn.bmcdn5.com/js/source/ 61 KB
20 KB 209ms
205ms Script
application/javascript 2606:4700:20::681a:807
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bmcdn5.com/js/source/871127111941.js?v=1.0.14
Requested by: Host: cdn.bmcdn5.com
URL: https://cdn.bmcdn5.com/js/6462ded54dfa5babd4b5eaa9.js?v=1686926233093
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:807 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f28ac64647542f51cc710b676f8dc6c5343ea77247f7c715f8f828dc397c3cce

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:13 GMT
content-encoding: br
accept-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BnD5hZUnJRZrhfx3HieR1o2ayg%2FnvDWLIFQnDlZkNYLqgNUeeabBEjPaxrNQKKUXOKT7GP86jOYupDdx8vfnbHOP9a6Xn3E3xr8sPCa5KTkHzJ5Jf2RIaa%2F3WJQOc8opcjWZX2rPH%2BVF36an"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1800, public
cf-ray: 7d83ca1efd0e3627-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Fri, 16 Jun 2023 15:07:13 GMT

GET
H2 200 /
cdn.bmcdn5.com/trl/6462ded54dfa5babd4b5eaa9/ 0
268 B 123ms
120ms Image
text/plain 2606:4700:20::681a:807
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bmcdn5.com/trl/6462ded54dfa5babd4b5eaa9/?sourceRef=https%3A%2F%2Ffreetrx.fun%2Fftrx%2F&displayHost=https%3A%2F%2Fcdn.bmcdn5.com%2F&loadTime=2000&badCode=PCFkb2N0eXBlIGh0bWw%2BPGh0bWw%2BPGhlYWQ%2BPG1ldGEgY2hhcnNldD0idXRmLTgiLz48bWV0YSBjb250ZW50PSJJRT1lZGdlIiBodHRwLWVxdWl2PSJYLVVBLUNvbXBhdGlibGUiLz48bWV0YSBuYW1lPSJ2aWV3cG9ydCIgY29udGVudD0id2lkdGg9ZGV2aWNlLXdpZHRoLGluaXRpYWwtc2NhbGU9MSxzaHJpbmstdG8tZml0PW5vIi8%2BPHRpdGxlPjwvdGl0bGU%2BPGxpbmsgaHJlZj0iLy9zdGF0aWMuYm1jZG41LmNvbS9jc3MvaW1nLmNzcz92PXYxLjI1LjE4IiByZWw9InN0eWxlc2hlZXQiLz48L2hlYWQ%2BPGJvZHk%2BPGRpdiBpZD0ibWVkaWEiIHN0eWxlPSJ3aWR0aDozMzZweDtoZWlnaHQ6MjgwcHgiPjxhIGNsYXNzPSJ0b3AtaWRlbnRpdHkiIGhyZWY9Imh0dHBzOi8vYml0bWVkaWEuaW8vcHJpdmFjeT91dG1fc291cmNlPWljb24iIHRhcmdldD0iX2JsYW5rIj48L2E%2BIDxhIGNsYXNzPSJib3R0b20taWRlbnRpdHkiIGhyZWY9Imh0dHBzOi8vYml0bWVkaWEuaW8vP3V0bV9zb3VyY2U9aWNvbiIgdGFyZ2V0PSJfYmxhbmsiPjwvYT48ZGl2IGNsYXNzPSJtYWluLWNvbnRlbnQiPjxhIGNsYXNzPSJsaW5rIiBocmVmPSJodHRwczovL2JpdG1lZGlhLmlvP3I9a21nOWE1am0mdXRtX2NhbXBhaWduPTg3MTEyNzExMTk0MSZ1dG1fbWVkaXVtPWJjayZ1dG1fc291cmNlPWJtYmNrIiB0YXJnZXQ9Il9ibGFuayI%2BPGltZyBhbHQ9IkJpdG1lZGlhIFJlZmVycmFsIiBjbGFzcz0ibGluay1pbWFnZSIgc3JjPSIvL3N0YXRpYy5ibWNkbjUuY29tL2ltZy9yL3JfdzMzNmgyODAuZ2lmP3Y9djEuMjUuMTgiLz48L2E%2BPC9kaXY%2BPC9kaXY%2BPHNjcmlwdD5sZXQgY3VycmVudExvY2F0aW9uUGF0aD1kb2N1bWVudC5sb2NhdGlvbi5ocmVmLnNsaWNlKGRvY3VtZW50LmxvY2F0aW9uLm9yaWdpbi5sZW5ndGgpLHRlbXBTdHJpbmc9Y3VycmVudExvY2F0aW9uUGF0aC5zbGljZSgzKSxibG9ja0lkPXRlbXBTdHJpbmcuc2xpY2UoMCx0ZW1wU3RyaW5nLmluZGV4T2YoIi8iKSksYmxvY2tTdWJJZD1wYXJzZUludCh0ZW1wU3RyaW5nLnNsaWNlKHRlbXBTdHJpbmcubGFzdEluZGV4T2YoIj0iKSsxKSksbXNnPXtzdGF0dXM6ImRlZmF1bHRBZExvYWRlZCIsZGVzdGluYXRpb25CbG9ja0lkOmJsb2NrSWQsYmxvY2tTdWJJZDpibG9ja1N1YklkLHdpZHRoQmxvY2s6IjMzNiIsaGVpZ2h0QmxvY2s6IjI4MCJ9O3dpbmRvdy5wYXJlbnQucG9zdE1lc3NhZ2UoSlNPTi5zdHJpbmdpZnkobXNnKSwiKiIpPC9zY3JpcHQ%2BPC9ib2R5PjwvaHRtbD4%3D&badType=bitmedia_referral_ad&version=1686926233425
Requested by: Host: freetrx.fun
URL: https://freetrx.fun/ftrx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:807 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:13 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yv8%2B8GFk3La87D909th%2BvewcZujoP0verTkvijsZErS3JyX%2B7LxwrqgDvOSc5OZ1eEeoY%2BqV4RWaPL9Zc1vgBrM5o9ShtPEMIgp8z6Mufhja2lgg2fZW5W6d3nJRHC%2BhiJ8zN1FE3DmV%2BAaN"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1800, public
cf-ray: 7d83ca1efd103627-FRA
expires: Fri, 16 Jun 2023 15:07:13 GMT

GET
H2 200 /
cdn.bmcdn5.com/trl/6462ded54dfa5babd4b5eaa9/ 0
262 B 121ms
121ms Image
text/plain 2606:4700:20::681a:807
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bmcdn5.com/trl/6462ded54dfa5babd4b5eaa9/?sourceRef=https%3A%2F%2Ffreetrx.fun%2Fftrx%2F&displayHost=https%3A%2F%2Fcdn.bmcdn5.com%2F&loadTime=2000&badCode=PCFkb2N0eXBlIGh0bWw%2BPGh0bWw%2BPGhlYWQ%2BPG1ldGEgY2hhcnNldD0idXRmLTgiLz48bWV0YSBjb250ZW50PSJJRT1lZGdlIiBodHRwLWVxdWl2PSJYLVVBLUNvbXBhdGlibGUiLz48bWV0YSBuYW1lPSJ2aWV3cG9ydCIgY29udGVudD0id2lkdGg9ZGV2aWNlLXdpZHRoLGluaXRpYWwtc2NhbGU9MSxzaHJpbmstdG8tZml0PW5vIi8%2BPHRpdGxlPjwvdGl0bGU%2BPGxpbmsgaHJlZj0iLy9zdGF0aWMuYm1jZG41LmNvbS9jc3MvaW1nLmNzcz92PXYxLjI1LjE4IiByZWw9InN0eWxlc2hlZXQiLz48L2hlYWQ%2BPGJvZHk%2BPGRpdiBpZD0ibWVkaWEiIHN0eWxlPSJ3aWR0aDozMzZweDtoZWlnaHQ6MjgwcHgiPjxhIGNsYXNzPSJ0b3AtaWRlbnRpdHkiIGhyZWY9Imh0dHBzOi8vYml0bWVkaWEuaW8vcHJpdmFjeT91dG1fc291cmNlPWljb24iIHRhcmdldD0iX2JsYW5rIj48L2E%2BIDxhIGNsYXNzPSJib3R0b20taWRlbnRpdHkiIGhyZWY9Imh0dHBzOi8vYml0bWVkaWEuaW8vP3V0bV9zb3VyY2U9aWNvbiIgdGFyZ2V0PSJfYmxhbmsiPjwvYT48ZGl2IGNsYXNzPSJtYWluLWNvbnRlbnQiPjxhIGNsYXNzPSJsaW5rIiBocmVmPSJodHRwczovL2JpdG1lZGlhLmlvP3I9a21nOWE1am0mdXRtX2NhbXBhaWduPTg3MTEyNzExMTk0MSZ1dG1fbWVkaXVtPWJjayZ1dG1fc291cmNlPWJtYmNrIiB0YXJnZXQ9Il9ibGFuayI%2BPGltZyBhbHQ9IkJpdG1lZGlhIFJlZmVycmFsIiBjbGFzcz0ibGluay1pbWFnZSIgc3JjPSIvL3N0YXRpYy5ibWNkbjUuY29tL2ltZy9yL3JfdzMzNmgyODAuZ2lmP3Y9djEuMjUuMTgiLz48L2E%2BPC9kaXY%2BPC9kaXY%2BPHNjcmlwdD5sZXQgY3VycmVudExvY2F0aW9uUGF0aD1kb2N1bWVudC5sb2NhdGlvbi5ocmVmLnNsaWNlKGRvY3VtZW50LmxvY2F0aW9uLm9yaWdpbi5sZW5ndGgpLHRlbXBTdHJpbmc9Y3VycmVudExvY2F0aW9uUGF0aC5zbGljZSgzKSxibG9ja0lkPXRlbXBTdHJpbmcuc2xpY2UoMCx0ZW1wU3RyaW5nLmluZGV4T2YoIi8iKSksYmxvY2tTdWJJZD1wYXJzZUludCh0ZW1wU3RyaW5nLnNsaWNlKHRlbXBTdHJpbmcubGFzdEluZGV4T2YoIj0iKSsxKSksbXNnPXtzdGF0dXM6ImRlZmF1bHRBZExvYWRlZCIsZGVzdGluYXRpb25CbG9ja0lkOmJsb2NrSWQsYmxvY2tTdWJJZDpibG9ja1N1YklkLHdpZHRoQmxvY2s6IjMzNiIsaGVpZ2h0QmxvY2s6IjI4MCJ9O3dpbmRvdy5wYXJlbnQucG9zdE1lc3NhZ2UoSlNPTi5zdHJpbmdpZnkobXNnKSwiKiIpPC9zY3JpcHQ%2BPC9ib2R5PjwvaHRtbD4%3D&badType=bitmedia_referral_ad&version=1686926233430
Requested by: Host: freetrx.fun
URL: https://freetrx.fun/ftrx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:807 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:13 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2BVQf8zv2Jkk1lHv2g7eCnH1XBdqShzoLAlx0M2x0Lmf3AchCKgyXnwrncOLZJOL8mBUs5epxNh0qZhiOLjqIyZMXn8V2YkQ6fP0LbiOBQGtgyvN9MLz7P9fQZ2Q0uUtERKqPwxhP7V0Mv2y"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1800, public
cf-ray: 7d83ca1efd163627-FRA
expires: Fri, 16 Jun 2023 15:07:13 GMT

POST
H/1.1 204
No Content e8e4c52b-4176-40ea-a4b1-ee552ecbe7c1 Show response
pp.mndsrv.com/v1/ 0
142 B 417ms
128ms XHR
text/plain 199.241.100.27
MOJOHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://pp.mndsrv.com/v1/e8e4c52b-4176-40ea-a4b1-ee552ecbe7c1
Requested by: Host: ss.mndsrv.com
URL: https://ss.mndsrv.com/banner.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.241.100.27 , United States, ASN27589 (MOJOHOST, US),
Reverse DNS: cs2196.mojohost.com
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 16 Jun 2023 14:37:13 GMT
Server: nginx/1.20.1
Connection: keep-alive

POST
H/1.1 204
No Content 0228260e-7ca3-41a9-aeb3-79199c0f6067 Show response
pp.mndsrv.com/v1/ 0
142 B 421ms
133ms XHR
text/plain 199.241.100.27
MOJOHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://pp.mndsrv.com/v1/0228260e-7ca3-41a9-aeb3-79199c0f6067
Requested by: Host: ss.mndsrv.com
URL: https://ss.mndsrv.com/banner.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.241.100.27 , United States, ASN27589 (MOJOHOST, US),
Reverse DNS: cs2196.mojohost.com
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 16 Jun 2023 14:37:13 GMT
Server: nginx/1.20.1
Connection: keep-alive

POST
H/1.1 204
No Content 0e2018be-da5b-44c9-bbf0-521b53a58877 Show response
pp.mndsrv.com/v1/ 0
142 B 422ms
132ms XHR
text/plain 199.241.100.27
MOJOHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://pp.mndsrv.com/v1/0e2018be-da5b-44c9-bbf0-521b53a58877
Requested by: Host: ss.mndsrv.com
URL: https://ss.mndsrv.com/banner.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.241.100.27 , United States, ASN27589 (MOJOHOST, US),
Reverse DNS: cs2196.mojohost.com
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 16 Jun 2023 14:37:13 GMT
Server: nginx/1.20.1
Connection: keep-alive

POST
H/1.1 204
No Content e8e4c52b-4176-40ea-a4b1-ee552ecbe7c1 Show response
pp.mndsrv.com/v1/ 0
142 B 428ms
136ms XHR
text/plain 199.241.100.27
MOJOHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://pp.mndsrv.com/v1/e8e4c52b-4176-40ea-a4b1-ee552ecbe7c1
Requested by: Host: ss.mndsrv.com
URL: https://ss.mndsrv.com/banner.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.241.100.27 , United States, ASN27589 (MOJOHOST, US),
Reverse DNS: cs2196.mojohost.com
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 16 Jun 2023 14:37:13 GMT
Server: nginx/1.20.1
Connection: keep-alive

POST
H/1.1 204
No Content 0228260e-7ca3-41a9-aeb3-79199c0f6067 Show response
pp.mndsrv.com/v1/ 0
142 B 429ms
138ms XHR
text/plain 199.241.100.27
MOJOHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://pp.mndsrv.com/v1/0228260e-7ca3-41a9-aeb3-79199c0f6067
Requested by: Host: ss.mndsrv.com
URL: https://ss.mndsrv.com/banner.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.241.100.27 , United States, ASN27589 (MOJOHOST, US),
Reverse DNS: cs2196.mojohost.com
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 16 Jun 2023 14:37:13 GMT
Server: nginx/1.20.1
Connection: keep-alive

POST
H/1.1 204
No Content 0e2018be-da5b-44c9-bbf0-521b53a58877 Show response
pp.mndsrv.com/v1/ 0
142 B 430ms
139ms XHR
text/plain 199.241.100.27
MOJOHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://pp.mndsrv.com/v1/0e2018be-da5b-44c9-bbf0-521b53a58877
Requested by: Host: ss.mndsrv.com
URL: https://ss.mndsrv.com/banner.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.241.100.27 , United States, ASN27589 (MOJOHOST, US),
Reverse DNS: cs2196.mojohost.com
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 16 Jun 2023 14:37:13 GMT
Server: nginx/1.20.1
Connection: keep-alive

POST
H/1.1 204
No Content e8e4c52b-4176-40ea-a4b1-ee552ecbe7c1 Show response
pp.mndsrv.com/v1/ 0
142 B 537ms
125ms XHR
text/plain 199.241.100.27
MOJOHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://pp.mndsrv.com/v1/e8e4c52b-4176-40ea-a4b1-ee552ecbe7c1
Requested by: Host: ss.mndsrv.com
URL: https://ss.mndsrv.com/banner.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.241.100.27 , United States, ASN27589 (MOJOHOST, US),
Reverse DNS: cs2196.mojohost.com
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 16 Jun 2023 14:37:13 GMT
Server: nginx/1.20.1
Connection: keep-alive

POST
H/1.1 204
No Content 0228260e-7ca3-41a9-aeb3-79199c0f6067 Show response
pp.mndsrv.com/v1/ 0
142 B 551ms
134ms XHR
text/plain 199.241.100.27
MOJOHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://pp.mndsrv.com/v1/0228260e-7ca3-41a9-aeb3-79199c0f6067
Requested by: Host: ss.mndsrv.com
URL: https://ss.mndsrv.com/banner.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.241.100.27 , United States, ASN27589 (MOJOHOST, US),
Reverse DNS: cs2196.mojohost.com
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 16 Jun 2023 14:37:13 GMT
Server: nginx/1.20.1
Connection: keep-alive

POST
H/1.1 204
No Content 0e2018be-da5b-44c9-bbf0-521b53a58877 Show response
pp.mndsrv.com/v1/ 0
142 B 547ms
131ms XHR
text/plain 199.241.100.27
MOJOHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://pp.mndsrv.com/v1/0e2018be-da5b-44c9-bbf0-521b53a58877
Requested by: Host: ss.mndsrv.com
URL: https://ss.mndsrv.com/banner.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.241.100.27 , United States, ASN27589 (MOJOHOST, US),
Reverse DNS: cs2196.mojohost.com
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 16 Jun 2023 14:37:13 GMT
Server: nginx/1.20.1
Connection: keep-alive

GET
H2 200 / Show response
t.dtscout.com/pv/ 51 B
347 B 205ms
204ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=freetrx.fun&_ss=756acryq5f&_pv=1&_ls=0&_u1=1&_u3=1&_cc=nl&_pl=d&_cbid=wx5h&_cb=_dtspv.c
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Ffreetrx.fun%2Fftrx%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 025a694da100b6f79fd00f9922e6a126b0b479873a8a54ad56bb191cd7a535c4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:13 GMT
x-t: 0.17
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6FzGjsoPxpIwCo5v%2FqJGmj%2BR%2Bhl%2B%2BwRbWaAtphJdZg0eAnTw00YAN1gNRDE7I5C9fyPZrCkWSxv18zwc%2F2brmyuNt%2FmYo%2F8NQfdyclhx0kqsTnL8OVSFFSu8uZJan1FEVqrPSh2B2Up5mg4%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 7d83ca1f2ca6b79d-AMS
expires: Fri, 16 Jun 2023 14:37:12 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
606 B 91ms
31ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=freetrx.fun&callback=_gfp_s_&client=ca-pub-7913044002918072

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7913044002918072&plah=freetrx.fun

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2dde6b081659ee9b5d2bd6fc1b0463d5daebd60cc5f51db1cdb58f21a5854424

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 254
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 98ms
28ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=freetrx.fun

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CDA3 603 B
216 B 434ms
396ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=90&slotname=www.freetrx.fun_Footer_728x90&adk=813149523&adf=3122884765&pi=t.ma~as.www.freetrx.fun_Foo_&w=728&lmt=1686926233&url=https%3A%2F%2Ffreetrx.fun%2Fftrx%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686926233323&bpp=6&bdt=555&idt=195&shv=r20230614&mjsv=m202306080101&ptt=5&saldr=sd&abxe=1&correlator=6555478906997&frm=20&pv=2&ga_vid=1576126448.1686926234&ga_sid=1686926234&ga_hid=1263145369&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1194&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075067%2C44788442%2C31075280%2C44791046&oid=2&pvsid=3994702489873707&tmod=108516072&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=uq9rMZppP4&p=https%3A//freetrx.fun&dtd=212

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freetrx.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Jun 2023 14:37:13 GMT
expires: Fri, 16 Jun 2023 14:37:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3083 100 KB
38 KB 460ms
442ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.freetrx.fun&adk=36377878&adf=3271003695&pi=t.ma~as.www.freetrx.fun&w=300&lmt=1686926233&url=https%3A%2F%2Ffreetrx.fun%2Fftrx%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686926233329&bpp=1&bdt=562&idt=213&shv=r20230614&mjsv=m202306080101&ptt=5&saldr=sd&abxe=1&prev_slotnames=www.freetrx.fun_footer_728x90&correlator=6555478906997&frm=20&pv=1&ga_vid=1576126448.1686926234&ga_sid=1686926234&ga_hid=1263145369&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=2857&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075067%2C44788442%2C31075280%2C44791046&oid=2&pvsid=3994702489873707&tmod=108516072&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=p46pTxqA9z&p=https%3A//freetrx.fun&dtd=226

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5811af6b95ce409b00865c836719791822336e838a1280a36b2323a7732a91ef

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4407217601433664615/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4407217601433664615/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CK6prveByP8CFQCVfwQdFQAETw&gqi=mXOMZO6GJJ-G9fgPuf2i-AM&layout=/sadbundle/%24csp%253Der3%24/4407217601433664615/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freetrx.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 38047
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4407217601433664615/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4407217601433664615/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CK6prveByP8CFQCVfwQdFQAETw&gqi=mXOMZO6GJJ-G9fgPuf2i-AM&layout=/sadbundle/%24csp%253Der3%24/4407217601433664615/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Jun 2023 14:37:14 GMT
expires: Fri, 16 Jun 2023 14:37:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 204
No Content 16b0f3a6-4012-4d27-b02a-12442eb4a3a4 Show response
pp.mndsrv.com/v1/ 0
142 B 448ms
136ms XHR
text/plain 199.241.100.27
MOJOHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://pp.mndsrv.com/v1/16b0f3a6-4012-4d27-b02a-12442eb4a3a4
Requested by: Host: ss.mndsrv.com
URL: https://ss.mndsrv.com/native.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.241.100.27 , United States, ASN27589 (MOJOHOST, US),
Reverse DNS: cs2196.mojohost.com
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 16 Jun 2023 14:37:13 GMT
Server: nginx/1.20.1
Connection: keep-alive

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 66ms
65ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=idc8d9ff054d5c8&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: freetrx.fun
URL: https://freetrx.fun/ftrx/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jun 2023 14:37:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2AE0 0
180 B 30ms
29ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&adk=1812271804&adf=3025194257&lmt=1686926233&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ffreetrx.fun%2Fftrx%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686926233376&bpp=2&bdt=608&idt=275&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_slotnames=www.freetrx.fun_footer_728x90%2Cwww.freetrx.fun&nras=1&correlator=6555478906997&frm=20&pv=1&ga_vid=1576126448.1686926234&ga_sid=1686926234&ga_hid=1263145369&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075067%2C44788442&oid=2&pvsid=3994702489873707&tmod=108516072&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=288

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freetrx.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Jun 2023 14:37:13 GMT
expires: Fri, 16 Jun 2023 14:37:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 26373.gif
cryptocoinsad.com/banner/ads_banner/ Frame BC14 192 KB
193 KB 48ms
47ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptocoinsad.com/banner/ads_banner/26373.gif
Requested by: Host: cryptocoinsad.com
URL: https://cryptocoinsad.com/ads/show.php?a=251910&b=392997
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 505ad707b1e5393e241b2a68ef278ed069d2c685f660d8d166927fd343767787

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cryptocoinsad.com/ads/show.php?a=251910&b=392997
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:13 GMT
cf-cache-status: HIT
last-modified: Wed, 14 Jun 2023 11:01:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3345
etag: "64899e05-30133"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bOzY636TsbqbgvUAepilauZAjkwINTv8TTVZy7JcsytCepHpRVKJo2ZnFuNA6urBoxBQT%2FnrYwDu7X%2F4X%2B552JWa5AkYCP3%2BmeFDinwuTv298GpoEJPhYi0tNNf09%2FXYngxDFfVq5CB09Xot4lgS9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=10800
accept-ranges: bytes
cf-ray: 7d83ca208e892baf-FRA
alt-svc: h3=":443"; ma=86400
content-length: 196915

GET
H2 200 26373.gif
cryptocoinsad.com/banner/ads_banner/ Frame 381E 192 KB
193 KB 67ms
66ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptocoinsad.com/banner/ads_banner/26373.gif
Requested by: Host: cryptocoinsad.com
URL: https://cryptocoinsad.com/ads/show.php?a=252741&b=393437
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 505ad707b1e5393e241b2a68ef278ed069d2c685f660d8d166927fd343767787

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cryptocoinsad.com/ads/show.php?a=252741&b=393437
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:13 GMT
cf-cache-status: HIT
last-modified: Wed, 14 Jun 2023 11:01:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3345
etag: "64899e05-30133"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bNXO%2FrAWq1BXj9%2BprxMje2o6WjDUhDtP0ocg0yaBPtqfLZ3x53EaVZ%2B1b1ffjqY9ruvs29tfU%2BPm5OIhR%2BhpW7IdqsYSnwTSlbQxIse3GesG7bEIdVqQUyDAbA7hxQVRr9h2ejWPfHdnImyArbpdCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=10800
accept-ranges: bytes
cf-ray: 7d83ca209e9b2baf-FRA
alt-svc: h3=":443"; ma=86400
content-length: 196915

GET
H2 200 fav.png
i.ibb.co/zbtMxW5/ Frame 77B5 657 B
900 B 92ms
26ms Image
image/png 162.19.58.159
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/zbtMxW5/fav.png
Requested by: Host: zerads.com
URL: https://zerads.com/ad/ad.php?width=300&ref=2277
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.159 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096667.ip-162-19-58.eu
Software: nginx /
Resource Hash: a4b840e80840dc925b011e8e5dc85ad29af0b3c5d852103b1e578e9c82fa9d31

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zerads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:13 GMT
last-modified: Sat, 08 Jan 2022 17:29:49 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 657
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

300x250.png
www.pokania.com/banners/ Frame 77B5
Redirect Chain

https://www.pokebtc.com/banners/300x250.png
https://www.pokania.com/banners/300x250.png

90 KB
90 KB

100ms
26ms

Image
image/png

2606:4700:20::ac43:4427
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pokania.com/banners/300x250.png
Requested by: Host: zerads.com
URL: https://zerads.com/ad/ad.php?width=300&ref=2277
Protocol: H2
Server: 2606:4700:20::ac43:4427 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 025c36bce8d03d5331e01b67713aab16f47053358b923633fac5721a4ea9bf14

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zerads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1364
cf-polished: origSize=91932
content-length: 91895
cf-bgj: imgq:100,h2pri
last-modified: Mon, 16 Jan 2023 13:47:05 GMT
server: cloudflare
etag: "1671c-5f261d18d4840"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qZaBWZxltA7MtcmmDPG%2BiP3b9io3BiHR6J%2FsomcZ0naovNU6%2BeYgE1JzCM2TkTdY9TQyr5h4PL%2BdKOOWLeX2X3dn8IRjnm5d7hWxlAqcgfX0KmyfsmT9NdJtnsQU0PPQ3PipFNSdQyFTb2UoFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d83ca22db52bbcb-FRA

Redirect headers

date: Fri, 16 Jun 2023 14:37:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HkoKuyMT2AOhTSnlOSpeWnzAeaWsNWbxF3wo9942FBl2Q%2FlKVO2gXGX7Z9r0J%2BT2pBOZ60M%2FyA9SzhUFT3iES33iwH0q9rKTBry25xn5LHaWx792ev0tymoIwU%2BpwR%2By51NVIry9VW3ONCsPC34%3D"}],"group":"cf-nel","max_age":604800}
location: https://www.pokania.com/banners/300x250.png
cache-control: max-age=3600
cf-ray: 7d83ca21181292c9-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 16 Jun 2023 15:37:13 GMT

POST
H3 200 7d83ca1cfe8735f4 Show response
freetrx.fun/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 23E9 0
584 B 37ms
32ms XHR
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freetrx.fun/cdn-cgi/challenge-platform/h/g/cv/result/7d83ca1cfe8735f4
Requested by: Host: freetrx.fun
URL: https://freetrx.fun/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 16 Jun 2023 14:37:13 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lEU0u844QWt%2FH2DBeF%2FZEabgrSd9pcuUOZIQ4M6nq%2FmC7h0XjF2vTncaKGfE55xWj4D7B79rCGTVuUy8i7z%2BulehrlIFI1YaX8e%2BOqqJ9uhSFPq%2Fr%2BujcHAMhumefkeq%2F%2BaZZBtZM5ORBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7d83ca21cc5d35f4-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 choice.js Show response
cmp.quantcast.com/choice/cJsduNRegvC-s/hbagency.it/ 5 KB
2 KB 87ms
22ms Script
application/javascript 2600:9000:2240:ba00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/choice/cJsduNRegvC-s/hbagency.it/choice.js
Requested by: Host: hbagency.it
URL: https://hbagency.it/cdn/tcf2_cmp_hbagency.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:ba00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 32aae5c43fa382dde29a65f39d86fa0060c44d9dafa9adc7ecc3a0efebd2f75c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:13 GMT
content-encoding: gzip
via: 1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront)
last-modified: Thu, 17 Nov 2022 10:37:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 7
x-amz-server-side-encryption: AES256
etag: W/"e65bb654e0616b9e5b0d468dc10ae334"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
x-amz-cf-id: xGhTm8VRii-1Cq1gkoDfERvzoMqmhyBBKmhk42G9B4IpW6uAbW8r5g==

GET
H2 200 choice.js Show response
cmp.quantcast.com/choice/cJsduNRegvC-s/hbagency.it/ Frame 7323 5 KB
2 KB 79ms
22ms Script
application/javascript 2600:9000:2240:ba00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/choice/cJsduNRegvC-s/hbagency.it/choice.js
Requested by: Host: hbagency.it
URL: https://hbagency.it/cdn/tcf2_cmp_hbagency.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:ba00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 32aae5c43fa382dde29a65f39d86fa0060c44d9dafa9adc7ecc3a0efebd2f75c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:13 GMT
content-encoding: gzip
via: 1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront)
last-modified: Thu, 17 Nov 2022 10:37:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 7
x-amz-server-side-encryption: AES256
etag: W/"e65bb654e0616b9e5b0d468dc10ae334"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
x-amz-cf-id: NJrIVxzl6dhzmiBkJaqt6fMF-twqnOXVZir-yK-ZtJy3oHaq2QUwOg==

GET
H3 200 icon.png
cryptocoinsad.com/ads/show/img/ Frame BC14 3 KB
4 KB 26ms
26ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptocoinsad.com/ads/show/img/icon.png
Requested by: Host: cryptocoinsad.com
URL: https://cryptocoinsad.com/ads/show.php?a=251910&b=392997
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b14ef09e5d084f7cb785998d54d37e486619c9b9527e72776a7c9d2b7e85c828

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cryptocoinsad.com/ads/show.php?a=251910&b=392997
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:13 GMT
cf-cache-status: HIT
last-modified: Sat, 29 Jan 2022 11:54:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 922
etag: "61f52b0c-ced"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C9ttl33rjkm2%2Fh%2FhcIQTuOvZ1RE%2FXDHoHFd3BhNVt61feBokc1Bji%2BcOKpEb%2FjrNM5mM1F5gg7zI01%2FoJ4FfyZunRwd0eApkG93j9jbzBVRGiJ1ZFgoKFjuc9wYBxYGTzznmI9CBLqDxg0fFYbtZDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=10800
accept-ranges: bytes
cf-ray: 7d83ca226ed02c6f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3309

GET
H3 200 icon.png
cryptocoinsad.com/ads/show/img/ Frame 381E 3 KB
4 KB 28ms
26ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptocoinsad.com/ads/show/img/icon.png
Requested by: Host: cryptocoinsad.com
URL: https://cryptocoinsad.com/ads/show.php?a=252741&b=393437
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b14ef09e5d084f7cb785998d54d37e486619c9b9527e72776a7c9d2b7e85c828

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cryptocoinsad.com/ads/show.php?a=252741&b=393437
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:13 GMT
cf-cache-status: HIT
last-modified: Sat, 29 Jan 2022 11:54:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 922
etag: "61f52b0c-ced"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fzj%2FbGshsQK4VLfYZZcd9RayXvUsagw1AFcGIEayKUzUTJD%2BcBjuxYfbrpUtzru1PyveBQa%2BqmWw%2BRXMxbwrI32%2BRfAwGASS3DWy1KQa2LOG1S73BxI6fiwmUibvxDsDYZ31K2Ktp81f40Mtxu5x6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=10800
accept-ranges: bytes
cf-ray: 7d83ca226ed22c6f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3309

GET
H2 200 84095 Show response
9186bf9778.cca63f7d30.com/2c3c620fa701630612b1bcfb341b1390/ 1 KB
1 KB 15ms
13ms XHR
application/json 45.133.44.53
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://9186bf9778.cca63f7d30.com/2c3c620fa701630612b1bcfb341b1390/84095?version_name=b
Requested by: Host: 9186bf9778.cca63f7d30.com
URL: https://9186bf9778.cca63f7d30.com/cc70209f1eaf9fa3bbb92ba659f121cc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 6c8f81e139f698036111f532ca695b38184ac78c443b122b81b63eb72aeeeaba

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: Fri, 16 Jun 2023 14:42:14 GMT
date: Fri, 16 Jun 2023 14:37:14 GMT
server: nginx/1.18.0
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=300
content-length: 1305
x-proxy-cache: HIT

GET
H2 200 wp-banners.js Show response
js.wpshsdk.com/npc/sdk/ 0
238 B 55ms
13ms Script
application/javascript 45.133.44.53
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpshsdk.com/npc/sdk/wp-banners.js
Requested by: Host: 9186bf9778.cca63f7d30.com
URL: https://9186bf9778.cca63f7d30.com/cc70209f1eaf9fa3bbb92ba659f121cc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: Fri, 16 Jun 2023 14:42:14 GMT
date: Fri, 16 Jun 2023 14:37:14 GMT
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
server: nginx/1.18.0
etag: "611fc6d7-0"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
content-length: 0
x-proxy-cache: HIT

POST
H/1.1 204
No Content a524e320-b020-4ade-9e63-b6637ccaca65 Show response
pp.mndsrv.com/v1/ 0
142 B 125ms
125ms XHR
text/plain 199.241.100.27
MOJOHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://pp.mndsrv.com/v1/a524e320-b020-4ade-9e63-b6637ccaca65
Requested by: Host: ss.mndsrv.com
URL: https://ss.mndsrv.com/static/a524e320-b020-4ade-9e63-b6637ccaca65.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.241.100.27 , United States, ASN27589 (MOJOHOST, US),
Reverse DNS: cs2196.mojohost.com
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 16 Jun 2023 14:37:14 GMT
Server: nginx/1.20.1
Connection: keep-alive

GET
H2 200 collector-889b5e1.js Show response
cdn.pbstck.com/ 156 KB
46 KB 114ms
39ms XHR
application/javascript 2606:4700:10::ac43:1997
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pbstck.com/collector-889b5e1.js
Requested by: Host: boot.pbstck.com
URL: https://boot.pbstck.com/v1/tag/0f6d7fa0-6cda-4e39-97fa-2b65962ccf31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1997 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb36670fcbe378e37b5ecc4d239a9e3a84b6dd5ba0617fdfa14b1af8e969b451

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:14 GMT
content-encoding: br
cf-cache-status: HIT
age: 234896
x-guploader-uploadid: ADPycdvbx-dops8e1rb0DqwBqqclGeQAAZOeOtD7OH-y0KomZFZ0mOyIcHE3YniAmixJVRyL1vkvq7K0jgx_iVKu2HEDZw
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 06 Jun 2023 13:36:42 GMT
server: cloudflare
etag: W/"3aafdccc4b2647ce3ad94aadd7d01563"
vary: Accept-Encoding
x-goog-hash: crc32c=pMlpOw==, md5=Oq/czEsmR8462Uqt19AVYw==
x-goog-generation: 1686058602666461
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=604800, immutable
x-goog-stored-content-length: 45175
cf-ray: 7d83ca235b4e9ba4-FRA
expires: Tue, 20 Jun 2023 20:35:12 GMT

GET
H2 200 tc.js Show response
cdn.tynt.com/ 18 KB
7 KB 104ms
27ms Script
application/javascript 172.64.151.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/tc.js
Requested by: Host: waust.at
URL: https://waust.at/t.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1804777ba20dafab3f354093af8b20442bec0eb61b2d34ea8a735a3bfefa278

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 14 Mar 2023 15:48:17 GMT
server: cloudflare
age: 119947
etag: W/"64109741-4750"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7d83ca2379409116-FRA
expires: Mon, 19 Jun 2023 14:37:14 GMT

GET
DATA 200
OK truncated
/ 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e119d54f77ab175a1af13b742102c9062ce8db77ac8c104e4beb1246c7bd035f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200 pr
cp.mndsrv.com/v1/e774fe94-d8a1-461d-bb9b-164c8b1bf98f/ 0
0 418ms
145ms Fetch 199.241.100.27
MOJOHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://cp.mndsrv.com/v1/e774fe94-d8a1-461d-bb9b-164c8b1bf98f/pr

Requested by

Host: ss.mndsrv.com
URL: https://ss.mndsrv.com/ctatic/e774fe94-d8a1-461d-bb9b-164c8b1bf98f.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

199.241.100.27 , United States, ASN27589 (MOJOHOST, US),

Reverse DNS

cs2196.mojohost.com

Software

nginx/1.20.1 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Jun 2023 14:37:14 GMT
X-Content-Type-Options: nosniff
Server: nginx/1.20.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Frame-Options: DENY
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: 0

POST
H3 200 impression
servicer.adqva.com/ 0
0 533ms
533ms Ping
text/html 2606:4700:3035::ac43:97b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.adqva.com/impression
Requested by: Host: servicer.adqva.com
URL: https://servicer.adqva.com/native/15613?pageUrl=https%3A%2F%2Ffreetrx.fun%2Fftrx%2F&language=en&refererUrl=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:97b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://freetrx.fun/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryi012jzZZ6xAWwiFr

Response headers

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDMvMzEwMTQxL2IxMmQ5NTY1NmZiMWM1OTRmY...
s-img.adskeeper.com/g/12512273/200x200/-/ 7 KB
7 KB 211ms
63ms Image
image/webp 2606:4700::6812:82e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/12512273/200x200/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDMvMzEwMTQxL2IxMmQ5NTY1NmZiMWM1OTRmYjAyZTE1YmU2ZWZmNmY3LmpwZw.webp?v=1686926233-q58mFdlKg7TzDLvcUQ6uXeQ1PhrlLfrEkKS5em9hwA8
Requested by: Host: freetrx.fun
URL: https://freetrx.fun/ftrx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:82e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ab1a51be5b306a14f87e7ad6923911a3620d8cd452b04860860986cabc291af

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:14 GMT
cf-cache-status: HIT
last-modified: Mon, 21 Mar 2022 21:04:36 GMT
x-mg-request-uuid: 4b84da88-d2cc-4a7b-b2d0-dd5faf1da674
server: cloudflare
age: 2104621
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7d83ca252b6d5bf9-FRA
content-length: 7166
alt-svc: h3=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcix3Xzk2MCx4XzYyMix5XzUwMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wMS8zMTAxNDEvN2I2NGU4O...
s-img.adskeeper.com/g/12061352/200x200/-/ 4 KB
4 KB 425ms
277ms Image
image/webp 2606:4700::6812:82e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/12061352/200x200/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcix3Xzk2MCx4XzYyMix5XzUwMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wMS8zMTAxNDEvN2I2NGU4OTcxYjI1MzZkNGRlOTQ2YTI1YjI2ZDkyNjMucG5n.webp?v=1686926233-XBbu9TVHozrytr2xu9wQBfDbr1ptLpLZrn7A6s2CTxs
Requested by: Host: freetrx.fun
URL: https://freetrx.fun/ftrx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:82e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9e4783e4958f48e72530af7d3abf338fae673a880dc1a546dd7e499dfd3ee1a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:14 GMT
cf-cache-status: MISS
last-modified: Sat, 12 Feb 2022 09:53:45 GMT
x-mg-request-uuid: 33efadf6-b648-4bde-875b-885ff01273aa
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7d83ca252b6e5bf9-FRA
content-length: 3884
alt-svc: h3=":443"; ma=86400

GET
H2 200 logo_feed.svg
img.adqva.com/ 2 KB
1 KB 45ms
33ms Image
image/svg+xml 2606:4700:3035::ac43:97b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.adqva.com/logo_feed.svg
Requested by: Host: freetrx.fun
URL: https://freetrx.fun/ftrx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:97b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 06edb2a0f91c7326150a593b226f04bd1e5c1d8f107e0794753b2f608524073a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 25 May 2022 09:47:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2293
etag: W/"628dfb1b-795"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eAT7xIHCDZegiCB9dfYpDop28yDVLpHz2%2FvYH5dgSiRdcY2FEd6tcA%2Bqmw7hGxr3U007UaPG6a5Oznc%2B3nhG%2BClc9QLumXDnHJ%2BeXq6Y708KAizJyNr9ZVYYUtdaEMXUxbnN7azipSM57lQ4"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cf-ray: 7d83ca245f979030-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTAzLzI0NzMxOS8yOWNmZ...
s-img.adskeeper.com/g/15780383/492x328/-/ 11 KB
11 KB 405ms
261ms Image
image/webp 2606:4700::6812:82e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/15780383/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTAzLzI0NzMxOS8yOWNmZGFmN2Q2ODk1OGI5MmMxY2ZiNTRkMzM3YzU4ZC5qcGVn.webp?v=1686926233-78T3QQwOi68ZtYQbpniJZi7DxRwah-6nnHjUtwQq2Ao
Requested by: Host: freetrx.fun
URL: https://freetrx.fun/ftrx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:82e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 143ed1a9638431acf4ec165beedf294a67871bd94580d09f01fe41887458ba3b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:14 GMT
cf-cache-status: MISS
last-modified: Sat, 01 Apr 2023 21:06:12 GMT
x-mg-request-uuid: 207a3087-7355-4857-9590-be44e2fddcd9
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7d83ca252b6f5bf9-FRA
content-length: 11222
alt-svc: h3=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA5LzMxMDE0MS80MWIwNjgwOTRkMDBjODFlN...
s-img.adskeeper.com/g/10531121/492x328/-/ 36 KB
37 KB 183ms
39ms Image
image/webp 2606:4700::6812:82e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/10531121/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA5LzMxMDE0MS80MWIwNjgwOTRkMDBjODFlNGFiY2JlZWYwNWQzNTMyNS5qcGc.webp?v=1686926233-dMsIZURuiEhDXzlG3qRQsI2BCVdLFCXs4Zq0xmNouRo
Requested by: Host: freetrx.fun
URL: https://freetrx.fun/ftrx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:82e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62841916c11c839fde303ac3573a2514637f6de51f8a3d5b7bb47adbdd250575

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:14 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 15:56:24 GMT
x-mg-request-uuid: 58fba737-9dc6-4be8-802a-425ddca70d99
server: cloudflare
age: 13668172
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7d83ca252b705bf9-FRA
content-length: 37102
alt-svc: h3=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZl9naWYsZmxfbG9zc3ksZ194eV9jZW50ZXIsd185NjAseF8xNTIseV8yMzIvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDUvMzEwMTQxLzBhMjI4MDA3ZjhjY...
s-img.adskeeper.com/g/13039533/492x328/-/ 2 MB
2 MB 202ms
59ms Image
image/gif 2606:4700::6812:82e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/13039533/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZl9naWYsZmxfbG9zc3ksZ194eV9jZW50ZXIsd185NjAseF8xNTIseV8yMzIvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDUvMzEwMTQxLzBhMjI4MDA3ZjhjY2IzZjlmYTYwZDU3YWY2N2I5YTEwLmdpZg.gif?v=1686926233-Sk_hYLM7ngnanUGKeG8ACFrk7ILiqV9NSN7z-q-sTHQ
Requested by: Host: freetrx.fun
URL: https://freetrx.fun/ftrx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:82e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39a8ab5609f4a07be775b1091c2a91b1c8aab955361bd28b1c34da137b2d8063

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:14 GMT
cf-cache-status: HIT
last-modified: Mon, 28 Nov 2022 13:19:12 GMT
x-mg-request-uuid: 8e2212c5-cdce-4391-8925-3c64f200e2e5
server: cloudflare
age: 75185
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7d83ca252b725bf9-FRA
content-length: 2167502
alt-svc: h3=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA3LzMxMDE0MS82MDIwZDIzMDIyZjk3MmI5Y...
s-img.adskeeper.com/g/9826952/492x328/-/ 9 KB
9 KB 428ms
285ms Image
image/webp 2606:4700::6812:82e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/9826952/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA3LzMxMDE0MS82MDIwZDIzMDIyZjk3MmI5YmQ1ZTk2YWZiNTdmMTE4NC5qcGVn.webp?v=1686926233-F_mF6KtluAgSguiZ83tMhCPjO-wz36xGbscUqeAy3Lg
Requested by: Host: freetrx.fun
URL: https://freetrx.fun/ftrx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:82e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99af8158d8126e37f203ccdd03f8de404770639d4911be90fd32f0e10e715e33

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:14 GMT
cf-cache-status: MISS
last-modified: Thu, 11 Nov 2021 16:06:46 GMT
x-mg-request-uuid: 7dc83658-49a2-4e70-98ba-18103cf61bb1
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7d83ca252b735bf9-FRA
content-length: 9268
alt-svc: h3=":443"; ma=86400

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4407217601433664615/ Frame 809E 15 KB
5 KB 96ms
22ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4407217601433664615/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.freetrx.fun&adk=36377878&adf=3271003695&pi=t.ma~as.www.freetrx.fun&w=300&lmt=1686926233&url=https%3A%2F%2Ffreetrx.fun%2Fftrx%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686926233329&bpp=1&bdt=562&idt=213&shv=r20230614&mjsv=m202306080101&ptt=5&saldr=sd&abxe=1&prev_slotnames=www.freetrx.fun_footer_728x90&correlator=6555478906997&frm=20&pv=1&ga_vid=1576126448.1686926234&ga_sid=1686926234&ga_hid=1263145369&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=2857&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075067%2C44788442%2C31075280%2C44791046&oid=2&pvsid=3994702489873707&tmod=108516072&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=p46pTxqA9z&p=https%3A//freetrx.fun&dtd=226

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79c604c6827f6891d0565994ae6fc3ee01e655486bc8ff5f589f05df786455b5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 15659
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3310
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Jun 2023 10:16:15 GMT
expires: Sat, 15 Jun 2024 10:16:15 GMT
last-modified: Fri, 09 Jun 2023 09:23:51 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 quant.js Show response
secure.quantserve.com/ Frame 7323 22 KB
9 KB 129ms
49ms Script
application/javascript 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/cJsduNRegvC-s/hbagency.it/choice.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:14 GMT
content-encoding: gzip
etag: "sLp6xTjO7svFVaOemhLWUQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Fri, 23 Jun 2023 14:37:14 GMT

GET
H2 200 cmp2.js Show response
quantcast.mgr.consensu.org/tcfv2/ Frame 7323 178 KB
47 KB 95ms
30ms Script
text/javascript 2600:9000:2240:6600:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=hbagency.it
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/cJsduNRegvC-s/hbagency.it/choice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:6600:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eb644f290f0fb1ea074d5a52e431e49cf9fa4adc1b345e7719d0d27a3fe78c9a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:07:21 GMT
content-encoding: gzip
via: 1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
age: 3521
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
last-modified: Fri, 19 May 2023 14:04:40 GMT
server: AmazonS3
etag: W/"f95487cc7143663d91de3ec4a26c4beb"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-meta-qc-ineu: True
vary: Accept-Encoding
x-amz-cf-id: gNHttJ_J7Mo7GFqeAlRtUX18t1gG4RXxXvXSeUYklE6taGLR5r49oA==

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 102ms
23ms Script
application/javascript 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/cJsduNRegvC-s/hbagency.it/choice.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:14 GMT
content-encoding: gzip
etag: "sLp6xTjO7svFVaOemhLWUQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Fri, 23 Jun 2023 14:37:14 GMT

GET
H2 200 cmp2.js Show response
quantcast.mgr.consensu.org/tcfv2/ 178 KB
47 KB 117ms
53ms Script
text/javascript 2600:9000:2240:6600:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=hbagency.it
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/cJsduNRegvC-s/hbagency.it/choice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:6600:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eb644f290f0fb1ea074d5a52e431e49cf9fa4adc1b345e7719d0d27a3fe78c9a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:07:21 GMT
content-encoding: gzip
via: 1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
age: 3521
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
last-modified: Fri, 19 May 2023 14:04:40 GMT
server: AmazonS3
etag: W/"f95487cc7143663d91de3ec4a26c4beb"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-meta-qc-ineu: True
vary: Accept-Encoding
x-amz-cf-id: JDX2ylwfT-A8mfDL40DfsE-LNS0lEVubbXdAbJ2VVMUqvPxwAktCtg==

GET
H2 200 / Show response
cdn.bmcdn5.com/p/6462ded54dfa5babd4b5eaa9/ Frame 404A 620 B
571 B 143ms
142ms Document
text/html 2606:4700:20::681a:807
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bmcdn5.com/p/6462ded54dfa5babd4b5eaa9/?source=https%253A%252F%252Ffreetrx.fun%252Fftrx%252F&sourceid=871127111941&ent=&we=0&fid=e31d981f0adb674e0a0ec29afe56d6fb&fidnoua=1cf3f5c7c63989a278b8557547d1d331&impid=8e6e2e56-ded5-473c-9abf-57eda2e01efd&sessionId=7927f614-75d5-406f-90c1-7c4169230eb8&pageViewUuid=f807a1ec-ad76-41b3-a77b-35323a9018e5&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F114.0.5735.133%2520Safari%252F537.36&sig=0x00000&blocksubid=0
Requested by: Host: cdn.bmcdn5.com
URL: https://cdn.bmcdn5.com/js/source/871127111941.js?v=1.0.14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:807 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f85e41d9e1647f47a98a6ed8d82a4e316c984fd573a42843a2be2834c938904c

Request headers

Referer: https://freetrx.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-encoding: gzip
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 7d83ca25ed0f3627-FRA
content-encoding: br
content-type: text/html
date: Fri, 16 Jun 2023 14:37:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KaU8AFLTsQcOhu%2FP%2Fnr3z4fnjc5XfSLUm1erVUvgWeBQiFDI69djt0aiDgqmhFN5DdCgv2gANJzyURudHWYNDsthzwPjQOUxCAhmyzKzpTrlnBTF8SEICVdLd9GGQU7MWd1CALvWDFkbeqCy"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 /
cdn.bmcdn5.com/pv/549c2a8985476a49566aab3b/ 35 B
343 B 122ms
119ms Image
image/gif 2606:4700:20::681a:807
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bmcdn5.com/pv/549c2a8985476a49566aab3b/?source=https%253A%252F%252Ffreetrx.fun%252Fftrx%252F&sourceid=871127111941&ent=&we=0&fid=e31d981f0adb674e0a0ec29afe56d6fb&fidnoua=1cf3f5c7c63989a278b8557547d1d331&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F114.0.5735.133%2520Safari%252F537.36&sig=0x00000&blocksubid=0&pageViewUuid=f807a1ec-ad76-41b3-a77b-35323a9018e5&version=1686926234526
Requested by: Host: freetrx.fun
URL: https://freetrx.fun/ftrx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:807 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:14 GMT
accept-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8uvcgVGqYhSdjjCCqZMGRC%2BZdXzzBnmzlgyUnfdCZ8mdJ7NWbajM7Zwz6xo%2Fqx5e5eIBquAqtfH3IfJIDDpbyhclGY9XiSw%2BG%2Fgz3gkjKqK3ciHzLzklXQsQklAg0DghGnPmbYS31nQvZDTH"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cf-ray: 7d83ca25ed0e3627-FRA

GET
H2 200 /
cdn.bmcdn5.com/pb/549c2a8985476a49566aab3b/6462ded54dfa5babd4b5eaa9/ 0
264 B 123ms
121ms Image
text/plain 2606:4700:20::681a:807
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bmcdn5.com/pb/549c2a8985476a49566aab3b/6462ded54dfa5babd4b5eaa9/?type=overlapping&fid=e31d981f0adb674e0a0ec29afe56d6fb&fidnoua=1cf3f5c7c63989a278b8557547d1d331&source=https%253A%252F%252Ffreetrx.fun%252Fftrx%252F&sourceid=871127111941&pageViewUuid=f807a1ec-ad76-41b3-a77b-35323a9018e5&version=1686926234535
Requested by: Host: freetrx.fun
URL: https://freetrx.fun/ftrx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:807 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d83ca25ed123627-FRA
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y7u%2F6a3nelEnGAUwZUzCF5%2Fh%2FZ%2FiWPQFYPqorT9DKK8tDFPU3017y0BD7niwZTIMyxPcFV3gIJvK4pXAF3uRXW8ZItvaF9eLMe2co0CfwbcGZhuUTLOxDIZyQ4rixmIjl925i6Ep9lLPbQbk"}],"group":"cf-nel","max_age":604800}

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/ Frame 3083 22 KB
9 KB 47ms
44ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

854f47fda466ed9d7e0d438a80c3f7049575d373d5887aca71313da2b795c739

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 23:17:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55181
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8931
x-xss-protection: 0
server: cafe
etag: 12022837384336330993
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Jun 2023 23:17:33 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 89A1 143 B
166 B 43ms
41ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.freetrx.fun&adk=36377878&adf=3271003695&pi=t.ma~as.www.freetrx.fun&w=300&lmt=1686926233&url=https%3A%2F%2Ffreetrx.fun%2Fftrx%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686926233329&bpp=1&bdt=562&idt=213&shv=r20230614&mjsv=m202306080101&ptt=5&saldr=sd&abxe=1&prev_slotnames=www.freetrx.fun_footer_728x90&correlator=6555478906997&frm=20&pv=1&ga_vid=1576126448.1686926234&ga_sid=1686926234&ga_hid=1263145369&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=2857&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075067%2C44788442%2C31075280%2C44791046&oid=2&pvsid=3994702489873707&tmod=108516072&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=p46pTxqA9z&p=https%3A//freetrx.fun&dtd=226
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 1243
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Jun 2023 14:16:31 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame 3083 3 KB
1 KB 57ms
54ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 23:17:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55181
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Jun 2023 23:17:33 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame 3083 19 KB
8 KB 43ms
40ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:39:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75464
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8120
x-xss-protection: 0
server: cafe
etag: 8171891181101138299
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Jun 2023 17:39:30 GMT

GET
H2 200 / Show response
cdn.bmcdn5.com/p/6462ded54dfa5babd4b5eaa9/ Frame 1E5F 620 B
578 B 152ms
151ms Document
text/html 2606:4700:20::681a:807
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bmcdn5.com/p/6462ded54dfa5babd4b5eaa9/?source=https%253A%252F%252Ffreetrx.fun%252Fftrx%252F&sourceid=871127111941&ent=&we=0&fid=e31d981f0adb674e0a0ec29afe56d6fb&fidnoua=1cf3f5c7c63989a278b8557547d1d331&impid=3720e98c-b575-4f47-91af-5180a5bfc6c9&sessionId=d6dd78a5-6114-4473-b1b1-361bf31e2564&pageViewUuid=f807a1ec-ad76-41b3-a77b-35323a9018e5&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F114.0.5735.133%2520Safari%252F537.36&sig=0x00000&blocksubid=1
Requested by: Host: cdn.bmcdn5.com
URL: https://cdn.bmcdn5.com/js/source/871127111941.js?v=1.0.14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:807 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f85e41d9e1647f47a98a6ed8d82a4e316c984fd573a42843a2be2834c938904c

Request headers

Referer: https://freetrx.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-encoding: gzip
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 7d83ca264d833627-FRA
content-encoding: br
content-type: text/html
date: Fri, 16 Jun 2023 14:37:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x9r2jQ3i%2FpeomR778plCj8rOqbC94kXDqSdO%2BUoRdadzo%2F%2Fk3%2BKNj3yj1eUIjsNf133%2BwTXIBVY%2BE%2BTIomY%2F0X0dgB24lyKPj3L1QKo%2BRHSln4QCv6CqiFxi5d1x6RVaZNLONNMusbDFFMFw"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 /
cdn.bmcdn5.com/pb/549c2a8985476a49566aab3b/6462ded54dfa5babd4b5eaa9/ 0
265 B 115ms
114ms Image
text/plain 2606:4700:20::681a:807
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bmcdn5.com/pb/549c2a8985476a49566aab3b/6462ded54dfa5babd4b5eaa9/?type=overlapping&fid=e31d981f0adb674e0a0ec29afe56d6fb&fidnoua=1cf3f5c7c63989a278b8557547d1d331&source=https%253A%252F%252Ffreetrx.fun%252Fftrx%252F&sourceid=871127111941&pageViewUuid=f807a1ec-ad76-41b3-a77b-35323a9018e5&version=1686926234589
Requested by: Host: freetrx.fun
URL: https://freetrx.fun/ftrx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:807 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d83ca264d813627-FRA
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nPW4oY022d9BBSQxc8uy9fYl3K3TrnnY2ns7%2BZfPAtAa%2FDin2LGOtFISCZqoALOgTCwEiG%2BMjNR6fVQ0BX%2BWEJuf3Gngrpqp0CE%2Bj6XvBWoY2CmLhgDDlPVJGI29Yx5AbB0EFGIfSM3D9VpS"}],"group":"cf-nel","max_age":604800}

POST
H/1.1 200
OK l
ss.mndsrv.com/ 0
193 B 131ms
130ms Ping
application/octet-stream 199.241.100.27
MOJOHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://ss.mndsrv.com/l?afEOjGj9Z85shC68duor5kCqGrdrrj%2F2V44%2F0UqPO7sP8GrqLe9Em0r6CplTgwq2R%2FxehnmV
Requested by: Host: ss.mndsrv.com
URL: https://ss.mndsrv.com/ctatic/e774fe94-d8a1-461d-bb9b-164c8b1bf98f.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.241.100.27 , United States, ASN27589 (MOJOHOST, US),
Reverse DNS: cs2196.mojohost.com
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 16 Jun 2023 14:37:14 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream

GET
H2 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 809E 6 KB
3 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4407217601433664615/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 16:38:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79152
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2551
x-xss-protection: 0
server: cafe
etag: 4618035238173732404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 16 Jun 2023 16:38:02 GMT

GET
H2 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 809E 34 KB
13 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4407217601433664615/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 01:47:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 17 Jun 2023 01:47:45 GMT

GET
H2 200 ff9108aab92238a15fb73619298775f3.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4407217601433664615/ Frame 809E 82 KB
24 KB 38ms
37ms Script
application/x-javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4407217601433664615/ff9108aab92238a15fb73619298775f3.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4407217601433664615/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e82a7b71089b7cf96089fe5b22e139dbba36297d28cfa8d0e840e9d116c79c11

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 16 Jun 2023 08:57:16 GMT
age: 20398
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24088
x-xss-protection: 0
last-modified: Fri, 09 Jun 2023 09:23:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 15 Jun 2024 08:57:16 GMT

POST
H3 200 impression
servicer.adqva.com/ 0
0 498ms
497ms Ping
text/html 2606:4700:3035::ac43:97b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.adqva.com/impression
Requested by: Host: servicer.adqva.com
URL: https://servicer.adqva.com/native/15609?pageUrl=https%3A%2F%2Ffreetrx.fun%2Fftrx%2F&language=en&refererUrl=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:97b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://freetrx.fun/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary84Q3OutGehhb1397

Response headers

GET
H2 200 track Show response
795bb4615e.3cbc749ccf.com/in/ 0
207 B 111ms
56ms XHR
text/plain 45.133.44.53
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://795bb4615e.3cbc749ccf.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI5NDIwNjYxNTM5MjE0ODQ0MDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuNTguMCIsInRhZ19pZCI6ODQwOTUsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTYwMHgxMjAwIiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJFdGMvVW5rbm93biIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjY2LCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjAsInVzZXJfa2V5d29yZHMiOiJGYXVjZXQlMkNJbnN0YW50JTJDUGF5b3V0JTJDWm9uZSUyQ0ZUUlglMkNGYXVjZXQifQ==
Requested by: Host: 9186bf9778.cca63f7d30.com
URL: https://9186bf9778.cca63f7d30.com/cc70209f1eaf9fa3bbb92ba659f121cc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jun 2023 14:37:14 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

GET
H2 200 cookies Show response
ntvpwpush.com/dl/ Frame 7934 620 B
654 B 85ms
25ms Document
text/html 2a01:4f8:c0:2343::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ntvpwpush.com/dl/cookies
Requested by: Host: 9186bf9778.cca63f7d30.com
URL: https://9186bf9778.cca63f7d30.com/cc70209f1eaf9fa3bbb92ba659f121cc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:c0:2343::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 252020519b9481bc71c10e8ba9fc22d687d4718b5dde817ce56b6e26b0353076

Request headers

Referer: https://freetrx.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/html
date: Fri, 16 Jun 2023 14:37:14 GMT
pragma: no-cache
server: nginx/1.20.1
vary: Origin

GET
H2 200 build.js Show response
js.canstrm.com/in-stream-ad-admanager/ 21 KB
7 KB 68ms
14ms Script
application/javascript 45.133.44.52
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.canstrm.com/in-stream-ad-admanager/build.js
Requested by: Host: 9186bf9778.cca63f7d30.com
URL: https://9186bf9778.cca63f7d30.com/cc70209f1eaf9fa3bbb92ba659f121cc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 7bf6a15ffbbb990860172cde63d3ddd4763bbf066ef48e2cebac8290810046d7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: Fri, 16 Jun 2023 14:42:14 GMT
date: Fri, 16 Jun 2023 14:37:14 GMT
content-encoding: gzip
last-modified: Fri, 16 Jun 2023 14:27:21 GMT
server: nginx/1.18.0
etag: W/"648c7149-53b3"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
x-proxy-cache: HIT

GET
H2 200 rules-p-cJsduNRegvC-s.js Show response
rules.quantcount.com/ 160 B
633 B 74ms
20ms Script
application/javascript 2600:9000:223c:ae00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-cJsduNRegvC-s.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:ae00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d6eeced513e69e1ac89ce78dcf11108ee15d4a0e3ac647ffaefa8cc8d729059c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:19:24 GMT
via: 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 1071
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 15:17:49 GMT
server: AmazonS3
etag: "afa54eedc608b365bbc9eab8bd1ca4e2"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: 7JFXYLcjSPV6c0jlYydRToxtW2-DUrc-v8d4DVgCxo8Fkc7ExrYx8w==

GET
H2 200 rules-p-cJsduNRegvC-s.js Show response
rules.quantcount.com/ Frame 7323 160 B
632 B 66ms
20ms Script
application/javascript 2600:9000:223c:ae00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-cJsduNRegvC-s.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:ae00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d6eeced513e69e1ac89ce78dcf11108ee15d4a0e3ac647ffaefa8cc8d729059c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:19:24 GMT
via: 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 1071
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 15:17:49 GMT
server: AmazonS3
etag: "afa54eedc608b365bbc9eab8bd1ca4e2"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: NriyVqwm5ztpCqgW6F5qfDAE9P8Og05kc1yWIWHDYGpCEqkt05gs4Q==

GET
H2 204 p
ic.tynt.com/b/ 0
228 B 333ms
102ms Image
text/plain 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!4yeqx3f6zb&lm=0&ts=1686926234691&dn=TC&iso=0&pu=https%3A%2F%2Ffreetrx.fun%2Fftrx%2F&t=Faucet%20Instant%20Payout%20Zone%20%7C%20FTRX%20Faucet&chmob=0
Requested by: Host: freetrx.fun
URL: https://freetrx.fun/ftrx/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/ftrx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Fri, 16 Jun 2023 14:37:14 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 cmp-list.json Show response
test.cmp.quantcast.com/GVL-v2/ 10 KB
3 KB 96ms
20ms XHR
application/json 2600:9000:225e:8400:3:a4cd:8380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test.cmp.quantcast.com/GVL-v2/cmp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=hbagency.it
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:8400:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4af737f0d9b4d0f7ea8d3bdedef8cca3498b08c1acb62e0b7fe212a751a2f8c3

Request headers

Accept: application/json, text/plain, */*
Referer: https://freetrx.fun/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 03:00:38 GMT
x-amz-version-id: s6Ju_WHEbdan68573EJruHoJQf_Z4hyo
content-encoding: gzip
via: 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 41797
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 13 Jun 2023 19:52:29 GMT
server: AmazonS3
etag: W/"926ae1991ac38eff5686021d18d78eac"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
vary: Accept-Encoding
x-amz-cf-id: k9Q6KZl1oilDS6SNB51UXHuYHG2q8eGSfcm4YGziRkBX_eAv8Clx3w==

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 89A1
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

232ms
232ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Jun 2023 14:37:15 GMT
expires: Fri, 16 Jun 2023 14:37:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Jun 2023 14:37:14 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3083 178 KB
56 KB 113ms
97ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57029
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686742752845198"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Jun 2023 14:37:14 GMT

GET
DATA 200
OK truncated
/ Frame 3083 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c4ecd51f989ba54fcb5e250a48bc51a71b7a8af892039ac22c14544efa12d227

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 8b400d5748182b8979b2352372ae7e58.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4407217601433664615/media/ Frame 809E 9 KB
10 KB 29ms
29ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4407217601433664615/media/8b400d5748182b8979b2352372ae7e58.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4407217601433664615/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a32d199c7a1da6a9caa2921025843c48c8a57d39fac661b596e9b9ca79098bc

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 16 Jun 2023 10:12:57 GMT
x-content-type-options: nosniff
age: 15857
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9712
x-xss-protection: 0
last-modified: Fri, 09 Jun 2023 09:23:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 15 Jun 2024 10:12:57 GMT

GET
H3 200 40149bfb2cd2b215faba11275921ee77.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4407217601433664615/media/ Frame 809E 10 KB
10 KB 31ms
30ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4407217601433664615/media/40149bfb2cd2b215faba11275921ee77.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4407217601433664615/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08b3915e89a975cbdfc69129e80e7f13191a09aa940696aa3de726eb3d943a53

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 16 Jun 2023 08:30:11 GMT
x-content-type-options: nosniff
age: 22023
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10283
x-xss-protection: 0
last-modified: Fri, 09 Jun 2023 09:23:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 15 Jun 2024 08:30:11 GMT

GET
H3 200 8cec4b784ec3bdb7991d752cc2fc30c7.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4407217601433664615/media/ Frame 809E 10 KB
10 KB 45ms
44ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4407217601433664615/media/8cec4b784ec3bdb7991d752cc2fc30c7.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4407217601433664615/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d12e091388496d7bca308a2fd40b5984e99c854246bff3164d29506756aec74

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 16 Jun 2023 10:12:57 GMT
x-content-type-options: nosniff
age: 15857
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9999
x-xss-protection: 0
last-modified: Fri, 09 Jun 2023 09:23:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 15 Jun 2024 10:12:57 GMT

GET
H3 200 24f525273ba76ffeca1bdf6cb570ef33.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4407217601433664615/media/ Frame 809E 10 KB
10 KB 36ms
35ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4407217601433664615/media/24f525273ba76ffeca1bdf6cb570ef33.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4407217601433664615/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea99ff0c6eca23b9ffe62d1fa2fc6654edd7b284a51062c2335243b339c3b6e4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 16 Jun 2023 07:42:58 GMT
x-content-type-options: nosniff
age: 24856
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10588
x-xss-protection: 0
last-modified: Fri, 09 Jun 2023 09:23:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 15 Jun 2024 07:42:58 GMT

GET
H2 200 img.css
static.bmcdn5.com/css/ Frame 182F 27 KB
15 KB 49ms
31ms Stylesheet
text/css 2606:4700:20::681a:807
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.bmcdn5.com/css/img.css?v=v1.25.18
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:807 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71b58c684e74f8b8a72eeab2d19b447554b3245f65c7331b7a518f4a2bee555f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 14 Dec 2022 11:07:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6849
etag: W/"6399ae7d-6a64"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lX4vG87FHCjg7FzZSu5imEr%2FQCNInvE0pDpmOc%2FVYJmUbxXDpUac6Nknk2BBidjrjFjdRhrgVzwJjWoMe1gXM9u4ruFS0AcsRlHVeucaSrs3hJhSSiofI0mU3Un0j%2FSgsmXsf4TUoq4uavQAXP51"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7d83ca277ef33627-FRA

GET
H2 200 r_w336h280.gif
static.bmcdn5.com/img/r/ Frame 182F 243 KB
244 KB 51ms
33ms Image
image/gif 2606:4700:20::681a:807
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bmcdn5.com/img/r/r_w336h280.gif?v=v1.25.18
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:807 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a98a819a8492ffd0f399a8e454db87a44835e50bf38d7220b5ef7e373fd3f6d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:14 GMT
cf-cache-status: HIT
last-modified: Wed, 22 Jun 2022 16:11:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3019
etag: "62b33f1d-3cd93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oEER8qhtVwpvS8l3OKpXhfVThr06DzctJozt9F5VguosOeyoqqFUdWFUtlTikDhcuDGPb5xurAgyBY4F4TwNPJcza60jGx1YQPwGh1oyNW9Blclj4xz3GrxZp9tXU9BJyqNcpmugSKH0XercdC3V"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d83ca277ef63627-FRA
content-length: 249235

GET
H2 200 clickadilla-vast.min.js Show response
js.canstrm.com/pb/downloads/latest/ 139 KB
44 KB 18ms
18ms Script
application/javascript 45.133.44.52
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.canstrm.com/pb/downloads/latest/clickadilla-vast.min.js
Requested by: Host: js.canstrm.com
URL: https://js.canstrm.com/in-stream-ad-admanager/build.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: c5046fb759e8845a518bd28e9396435e82493fa071c107b822f4ef441fb63a99

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: Fri, 16 Jun 2023 14:42:14 GMT
date: Fri, 16 Jun 2023 14:37:14 GMT
content-encoding: gzip
last-modified: Fri, 16 Jun 2023 14:27:21 GMT
server: nginx/1.18.0
etag: W/"648c7149-22c55"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
x-proxy-cache: HIT

GET
H2 200 cmp2ui-en.js Show response
cmp.quantcast.com/tcfv2/47/ 248 KB
61 KB 24ms
24ms Script
text/javascript 2600:9000:2240:ba00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/tcfv2/47/cmp2ui-en.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=hbagency.it
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:ba00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6b814d02958e339eaad22839ea7a29d3ade9071a5e9df9ce065def22ab595936

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 03:19:24 GMT
content-encoding: br
via: 1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
age: 127071
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
cross-origin-resource-policy: cross-origin
last-modified: Fri, 19 May 2023 14:04:10 GMT
server: AmazonS3
etag: W/"556bc7ca21432cc0628ff6f67a5e09bc"
access-control-max-age: 604800
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=172800
vary: Accept-Encoding
x-amz-cf-id: AyYKxVdnejsHM9zJzWlzuju_WndsGCnhqHWB-WbVYEy8T_kqTHeb_w==

GET
H2 200 vendor-list-trimmed-v1-tmp.json Show response
cmp.quantcast.com/GVL-v2/ 353 KB
43 KB 71ms
25ms XHR
application/json 2600:9000:2240:ba00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1-tmp.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=hbagency.it
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:ba00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d0f3143f3ecea93e92391e08de3461a779d9c5094241779ccf1b57665a081133

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 03:00:37 GMT
content-encoding: br
via: 1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
age: 41798
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
last-modified: Fri, 19 May 2023 13:17:10 GMT
server: AmazonS3
etag: W/"3bbcdaed7cdab54742c76eb6b3acaff4"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: u_etZWUjrsxNFriODj-RXJZHW0gs7GWp5uFaMGuSlnZ8zH8MwwQHRQ==

GET
H2 200 google-atp-list.json Show response
cmp.quantcast.com/tcfv2/ 151 KB
35 KB 91ms
46ms XHR
application/json 2600:9000:2240:ba00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/tcfv2/google-atp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=hbagency.it
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:ba00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 31d1a8b234ef7e3fcd967fe38bb63298be8faf869e0dcd5352c330ed5c18964b

Request headers

Accept: application/json, text/plain, */*
Referer: https://freetrx.fun/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 03:00:28 GMT
content-encoding: br
via: 1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
age: 41807
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 16 Jun 2023 03:00:26 GMT
server: AmazonS3
etag: W/"1dbfd79d4ea7f69c0c42a2f6065532e7"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: CISUzcaMg6a3NWiC4pFupBMSXAeXxAJPPmeSYx6V_iIfnaGXIF54rA==

GET
DATA 200
OK truncated
/ Frame 182F 10 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f24251f2c97427d7777234c44a9493d33c22682e2dde22bd1f4f4c87dc766aeb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 182F 8 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 103a02e7d27f4a02b014b9b0270378a3235fe387432a0bd8b922211fe0d16c5f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 img.css
static.bmcdn5.com/css/ Frame 3ABA 27 KB
15 KB 38ms
37ms Stylesheet
text/css 2606:4700:20::681a:807
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.bmcdn5.com/css/img.css?v=v1.25.18
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:807 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71b58c684e74f8b8a72eeab2d19b447554b3245f65c7331b7a518f4a2bee555f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 14 Dec 2022 11:07:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6849
etag: W/"6399ae7d-6a64"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nwl%2Fnid0Vz%2BNw9Lk%2FyqO6Sq1IUlBgHZMdozE%2FLSLmA2IKgQz1FqMdtw8mt3eQogD%2BlPfSkMentOo%2F%2FLsTPtRGs9dDTdLXpPTgAv9q2Q9ltmJWRSFKwb5KGf7wOgm5M7ZlSloq44j6TDLqrS6gcMV"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7d83ca281fce3627-FRA

GET
H2 200 r_w336h280.gif
static.bmcdn5.com/img/r/ Frame 3ABA 243 KB
244 KB 27ms
26ms Image
image/gif 2606:4700:20::681a:807
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bmcdn5.com/img/r/r_w336h280.gif?v=v1.25.18
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:807 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a98a819a8492ffd0f399a8e454db87a44835e50bf38d7220b5ef7e373fd3f6d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:14 GMT
cf-cache-status: HIT
last-modified: Wed, 22 Jun 2022 16:11:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3019
etag: "62b33f1d-3cd93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=exmd4DDJ3dZklG9F4zYZr4TxsKl5cT3tuzWsxxQGdYOstrt6%2BDDEum0DjNQlS3y%2B1P6XPRfBB6MCm2WjHT1J3uAAEZqgrtmKYJIBWgAYYG3PeqdP%2BC2XIVrKH7pQwUqrhXFdyoDSI94KBcK%2FnswH"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d83ca281fd03627-FRA
content-length: 249235

OPTIONS
H/1.1 204
No Content fp
fp.metricswpsh.com/ Frame 0
0 86ms
23ms Preflight 157.90.84.242
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.metricswpsh.com/fp?tag_id=84095
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.84.242 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.242.84.90.157.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://freetrx.fun
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://freetrx.fun
Connection: keep-alive
Date: Fri, 16 Jun 2023 14:37:14 GMT
Server: nginx/1.20.1
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H/1.1 200
OK fp Show response
fp.metricswpsh.com/ 28 B
400 B 150ms
93ms XHR
application/json 157.90.84.242
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.metricswpsh.com/fp?tag_id=84095
Requested by: Host: 9186bf9778.cca63f7d30.com
URL: https://9186bf9778.cca63f7d30.com/cc70209f1eaf9fa3bbb92ba659f121cc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.84.242 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.242.84.90.157.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 1bc700d32be90dfa5d34daebe9871de7ad23439b20172d6bfe273b47ce08cae5

Request headers

Referer: https://freetrx.fun/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Fri, 16 Jun 2023 14:37:15 GMT
Server: nginx/1.20.1
Vary: Origin
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://freetrx.fun
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 28

GET
H3 200 da5ac621e001036fab2963ebddbcf494.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4407217601433664615/media/ Frame 809E 9 KB
9 KB 22ms
21ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4407217601433664615/media/da5ac621e001036fab2963ebddbcf494.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4407217601433664615/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

462bfb2a11aeef0c1c5c88861f3d9d56711256810f7290056f13b53c4eae6e1e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Thu, 15 Jun 2023 15:45:13 GMT
x-content-type-options: nosniff
age: 82321
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8720
x-xss-protection: 0
last-modified: Fri, 09 Jun 2023 09:23:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 14 Jun 2024 15:45:13 GMT

GET
H3 200 5dee159f9bcad7dc96d370a13e7bfddb.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4407217601433664615/media/ Frame 809E 9 KB
9 KB 27ms
26ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4407217601433664615/media/5dee159f9bcad7dc96d370a13e7bfddb.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4407217601433664615/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ffa1ba6ffe17da339de304d3672c86df235b1872ac08abb48c1e0a52f6a26995

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 16 Jun 2023 03:57:31 GMT
x-content-type-options: nosniff
age: 38383
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8877
x-xss-protection: 0
last-modified: Fri, 09 Jun 2023 09:23:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 15 Jun 2024 03:57:31 GMT

GET
H3 200 1a6a73d93237b1c517db9d299f651335.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4407217601433664615/media/ Frame 809E 6 KB
6 KB 26ms
25ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4407217601433664615/media/1a6a73d93237b1c517db9d299f651335.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4407217601433664615/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06e2d106cc61d385386d46603bf20c19b090c3710d649fcd563433fa63f9d810

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Thu, 15 Jun 2023 12:47:59 GMT
x-content-type-options: nosniff
age: 92955
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5948
x-xss-protection: 0
last-modified: Fri, 09 Jun 2023 09:23:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 14 Jun 2024 12:47:59 GMT

GET
H3 200 a319d44db7634e699897079b5c1789f5.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4407217601433664615/media/ Frame 809E 10 KB
11 KB 23ms
22ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4407217601433664615/media/a319d44db7634e699897079b5c1789f5.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4407217601433664615/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74f7db1c98d42be3145c1ba9988d5d59d072a87785c243ab6d56f35b4022ef6e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 16 Jun 2023 06:20:23 GMT
x-content-type-options: nosniff
age: 29811
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10732
x-xss-protection: 0
last-modified: Fri, 09 Jun 2023 09:23:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 15 Jun 2024 06:20:23 GMT

GET
H2 200 v2 Show response
de.tynt.com/deb/ 4 B
327 B 339ms
104ms Script
application/javascript 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=w!4yeqx3f6zb&dn=TC&cc=1&chmob=0&r=&pu=https%3A%2F%2Ffreetrx.fun%2Fftrx%2F
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/tc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/ftrx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date: Fri, 16 Jun 2023 14:37:14 GMT
cache-control: max-age=86400
content-type: application/javascript
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
content-length: 4
expires: Sat, 17 Jun 2023 14:37:15 GMT

GET
H2 200 / Show response
audit-tcfv2.cmp.quantcast.com/ 2 B
101 B 82ms
19ms XHR
text/plain 18.198.226.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%22cJsduNRegvC-s%22%2C%22domain%22%3A%22freetrx.fun%22%2C%22publisher%22%3A%22hbagency.it%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.47%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22LGDgJWUxtd52IEw3CY2J%2FA%22%2C%22tagVersion%22%3A%22V2%22%2C%22clientTimestamp%22%3A1686926235028%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-wudg66tpeuwcpoe5mwaf%22%7D
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/47/cmp2ui-en.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.226.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-226-87.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: application/json, text/plain, */*
Referer: https://freetrx.fun/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 16 Jun 2023 14:37:15 GMT
content-length: 2
content-type: text/plain; charset=utf-8

GET
DATA 200
OK truncated
/ 237 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db091352fcaa3462cce0ff4e640ff4e7c00fe32c076340c600f934498cc34ff3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 3ABA 10 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f24251f2c97427d7777234c44a9493d33c22682e2dde22bd1f4f4c87dc766aeb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 3ABA 8 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 103a02e7d27f4a02b014b9b0270378a3235fe387432a0bd8b922211fe0d16c5f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 105ms
105ms Image
text/plain 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!4yeqx3f6zb&lm=0&ts=1686926234691&dn=TC&iso=0&pu=https%3A%2F%2Ffreetrx.fun%2Fftrx%2F&t=Faucet%20Instant%20Payout%20Zone%20%7C%20FTRX%20Faucet
Requested by: Host: freetrx.fun
URL: https://freetrx.fun/ftrx/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/ftrx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Fri, 16 Jun 2023 14:37:15 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H3 200 _gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js Show response
pagead2.googlesyndication.com/bg/ Frame 809E 37 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/_gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe02c6f5a37c72317bbd729b31e3b19ad08e8ccf0f22c2553f3417353d9d63b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 23:17:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55178
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14773
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Jun 2024 23:17:37 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 105ms
105ms Image
text/plain 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!4yeqx3f6zb&lm=0&ts=1686926234691&dn=TC&iso=0&pu=https%3A%2F%2Ffreetrx.fun%2Fftrx%2F
Requested by: Host: freetrx.fun
URL: https://freetrx.fun/ftrx/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/ftrx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Fri, 16 Jun 2023 14:37:15 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 106ms
106ms Image
text/plain 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!4yeqx3f6zb&lm=0&ts=1686926234691&dn=TC&iso=0&pu=https%3A%2F%2Ffreetrx.fun%2Fftrx%2F
Requested by: Host: freetrx.fun
URL: https://freetrx.fun/ftrx/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/ftrx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Fri, 16 Jun 2023 14:37:15 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 106ms
105ms Image
text/plain 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!4yeqx3f6zb&lm=0&ts=1686926234691&dn=TC&iso=0&pu=https%3A%2F%2Ffreetrx.fun%2Fftrx%2F
Requested by: Host: freetrx.fun
URL: https://freetrx.fun/ftrx/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/ftrx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Fri, 16 Jun 2023 14:37:15 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

HEAD
H3 200 slider_right.js
cryptocoinsad.com/ads/js/ 0
0 79ms
36ms Fetch
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptocoinsad.com/ads/js/slider_right.js
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/ourtecads/AntiAdblock@aff5230f61c60d6dc24a1ac69a40d2ebf3f65593/aab.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 29 Jan 2022 11:54:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1015
etag: W/"61f52b0b-60c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zZwUi1u%2B9eUQhXLmjOmGaEvlBvSbbyYYWz36nBMlCJJxOsD7M2PTqfsF27H7VBrvbDPNG8%2FQfGQACmJR2EFByNiuliqMOulawHlBVGi3%2BNHdKXCErBOXAYVGlQFZWnD7rgpKPue9pl%2Boc6wXYg4K4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=10800
cf-ray: 7d83ca2c69723648-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 net.js Show response
static.surfe.pro/js/ 4 KB
3 KB 30ms
29ms Script
application/javascript 2606:4700:3031::6815:2dfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.surfe.pro/js/net.js

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/ourtecads/AntiAdblock@aff5230f61c60d6dc24a1ac69a40d2ebf3f65593/aab.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:2dfb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5b7cca93edaff23020330b201d45def46d287db5da3a1222bf0875958a9adeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1375
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 20 Mar 2023 14:25:26 GMT
server: cloudflare
etag: W/"64186cd6-1100"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iiDNtXNUl%2Bv4rkx%2FKNlJMv0oAqyzgSN2QoDr%2Fa%2FIxZwu6vNpyLXUcfRV%2BwEyNOyPrv0nP0qkHQrNT%2Fnl92%2BBZGEYCRtb6rVhUSeGNd3ZHDTbbTF8L40CWnVq%2Bk2ZhcpKm1qRKMqr9vF0Lyt1bdkT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
permissions-policy: interest-cohort=(),geolocation=(self), camera=()
cf-ray: 7d83ca2c2ee72c52-FRA

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 112ms
71ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230614&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

111753909b1ff79010b3b68264ddd5096e7fa537b7417f6c614b686faaabcdca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11142
x-xss-protection: 0

POST
H2 200 teaser Show response
rt183.surfe.pro/net/ 0
399 B 26ms
26ms XHR
text/html 176.9.28.133
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rt183.surfe.pro/net/teaser?sid=1&w=0&seed=10168487854930652&doc_ref=&href=aHR0cHM6Ly9mcmVldHJ4LmZ1bi9mdHJ4Lw==
Requested by: Host: freetrx.fun
URL: https://freetrx.fun/ftrx/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 176.9.28.133 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.133.28.9.176.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://freetrx.fun/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 16 Jun 2023 14:37:15 GMT
content-encoding: gzip
server: nginx
speed-04: site-notfound - 0.0021810531616211
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://freetrx.fun
sb-error: Unknown origin host freetrx.fun
access-control-allow-credentials: true
speed-03: site-inited-view - 0.0021770000457764
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
speed-02: preload - 0.0014410018920898

POST
H2 200 teaser Show response
rt183.surfe.pro/net/ 0
399 B 26ms
25ms XHR
text/html 176.9.28.133
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rt183.surfe.pro/net/teaser?sid=1&w=0&seed=09603875820614838&doc_ref=&href=aHR0cHM6Ly9mcmVldHJ4LmZ1bi9mdHJ4Lw==
Requested by: Host: freetrx.fun
URL: https://freetrx.fun/ftrx/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 176.9.28.133 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.133.28.9.176.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://freetrx.fun/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 16 Jun 2023 14:37:15 GMT
content-encoding: gzip
server: nginx
speed-04: site-notfound - 0.0021390914916992
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://freetrx.fun
sb-error: Unknown origin host freetrx.fun
access-control-allow-credentials: true
speed-03: site-inited-view - 0.0021350383758545
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
speed-02: preload - 0.0014619827270508

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 72ms
72ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 16 Jun 2023 14:37:15 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EBF3 13 KB
5 KB 20ms
19ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freetrx.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 55180
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jun 2023 23:17:35 GMT
expires: Fri, 14 Jun 2024 23:17:35 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2A80 783 B
971 B 36ms
35ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d877a0b297013c95a0c6bf59c502a3d5f1e61f20d64e307dbead9b09d954c75c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ZJ3jW1O_iFwPpUO2SLc25A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://freetrx.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-ZJ3jW1O_iFwPpUO2SLc25A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 16 Jun 2023 14:37:15 GMT
expires: Fri, 16 Jun 2023 14:37:15 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 _gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js Show response
pagead2.googlesyndication.com/bg/ Frame EBF3 37 KB
14 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/_gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe02c6f5a37c72317bbd729b31e3b19ad08e8ccf0f22c2553f3417353d9d63b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 23:17:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55178
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14773
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Jun 2024 23:17:37 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2A80 0
0 54ms
54ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230614&jk=3994702489873707&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame EBF3 0
10 B 19ms
18ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?jdS3Mw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:37:15 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 57ms
56ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230614&jk=3994702489873707&bg=!qaqlqv7NAAaGYqkwpmI7ADkAdvg8WqpU7JtpHxrqfddedBxEFOxpguOEd1exoxb7VHIp4l9SUz2TczesqGtsW2X7fmjMHQ3X0j8CAAAAWFIAAAAEaAEHmQLlJ7cPznsZPAR6X-km3ESXWYS-yQpeTJMQqGcKTJIcy0b7gno4Kmec3dIFhauXORTiSPUVoDdRJhztfwCtkIzFhZCAVUerz1J0shBvJ6U6Gvdv91fxgIWErQz7gQBcz43MZFsBVHnX8GTPa72oEh1W35HNi6u4QLKGZJPugnuci6Oo5LXruDpFgHz5MA9NnHJSuBBXxcPnyqBD_CRKK_pk08VVuJOaqB2Bwo0alLg9zmPV5FMBmP1Pkdpy1BX95W38qyxWvS7JkKBBobQEPEzgA0sI0zw71AAhn9F1ma9UsFOS3CAN0zRH1MZBFHgFQTEB-mD_rqQS2fiQS_0ZNkziE0oxjXpMbkJxaiDLfehvT4yeteuJ020GK-Gmm2CCVnO_PToEOvGS2EPb1c72QPLQHV8T63bx_IquqTXKjiJBV1AlUBkLlG3HWJdC23DnQRz-oG7sa-GF7yoec-oVMSFGDOtVLkzMqEygCc0F-sD6s-LBk8a0rYyc8l_OV5kaQWk5i-EUytPF_Eu5J0sAyKIdjhIDkWq5-XTI2Dmt2fR0HGFbOKAEPpyfrrutE5MdbF74Tslx4LK1BbaiboXmkWmlcJOTdyrRLBeQjCTZ8156EcM-fFrbjJdL6mJgwHq-Ix3GtJyvkbbIMO-ihZzpw38DFCKPfB03XHU5enGa8a1SFlo1R51JuU-OTgjbBezc052o2JDGMFb4ycL4lP-car69MxMsD6OxiLtzbVFtor1Mttghls42aYt-LfCVIBM6CC2W8pjFECCcB93IM2-6drznh_LjyEmekQo3J7_VMxlXwFq7_Uf8EQ1ACzFObKZHzSJ9AAVaMMFu0hMf9EDBk2e64SID73z0XQiKnuCK8DO1AdUHhVbo8A9vjuMGQXyTZ-_LSWG36wdxyE-5kSPiBfy4a6p5__Vice5_o_VFVfpXar4DPHCItZvdr5Rgc_aC3iKXbp1L0pEAxo1gzJkU3aqzaYDtMBTL
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freetrx.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 200 ab5178f2ada47dac0d3762936662c70c.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4407217601433664615/media/ Frame 809E 10 KB
10 KB 21ms
20ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4407217601433664615/media/ab5178f2ada47dac0d3762936662c70c.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a294fb01e23f26937037c04f35db5072ff1c004eaf22c570fc09f4d301fdd97

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 16 Jun 2023 00:00:39 GMT
x-content-type-options: nosniff
age: 52598
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9751
x-xss-protection: 0
last-modified: Fri, 09 Jun 2023 09:23:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 15 Jun 2024 00:00:39 GMT

GET
H3 200 f56b9872a6e7f631a6e11be3a2ef3367.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4407217601433664615/media/ Frame 809E 12 KB
12 KB 23ms
22ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4407217601433664615/media/f56b9872a6e7f631a6e11be3a2ef3367.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81aa9f088b7206f94b41f98462ef20e8478d02987773eece00e2d2a68ecb89ee

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 16 Jun 2023 01:45:33 GMT
x-content-type-options: nosniff
age: 46304
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12614
x-xss-protection: 0
last-modified: Fri, 09 Jun 2023 09:23:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 15 Jun 2024 01:45:33 GMT

GET
H3 200 6de03723bf6b85205512e3cb99cbeb01.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4407217601433664615/media/ Frame 809E 11 KB
11 KB 25ms
25ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4407217601433664615/media/6de03723bf6b85205512e3cb99cbeb01.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e725e33322470b6c14a941cdb66b02d1252e93736456e18d7ba2212a352fc5e0

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 16 Jun 2023 06:20:26 GMT
x-content-type-options: nosniff
age: 29811
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11097
x-xss-protection: 0
last-modified: Fri, 09 Jun 2023 09:23:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 15 Jun 2024 06:20:26 GMT

GET
H3 200 2250591e63998890262e557544440042.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4407217601433664615/media/ Frame 809E 5 KB
5 KB 21ms
21ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4407217601433664615/media/2250591e63998890262e557544440042.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1da3d65a8ddd75e83893887530e36d723e300b1fb28fb377e5c2e9dcf021122b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 16 Jun 2023 08:45:39 GMT
x-content-type-options: nosniff
age: 21098
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5063
x-xss-protection: 0
last-modified: Fri, 09 Jun 2023 09:23:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 15 Jun 2024 08:45:39 GMT

Verdicts & Comments Add Verdict or Comment

346 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
freetrx.fun/	1970-01-20 12:35:33	Name: ci_session Value: 5ad38d6d099039080922b073ae351b2d470acae9
.dtscout.com/	1970-01-20 12:35:31	Name: m Value: 1
.dtscout.com/	1970-01-20 12:35:40	Name: oa Value: 1
.dtscout.com/	1970-01-20 14:59:26	Name: df Value: 1686926233
.freetrx.fun/	1970-01-20 14:45:02	Name: _gcl_au Value: 1.1.1515515999.1686926233
.doubleclick.net/	1970-01-20 12:35:27	Name: test_cookie Value: CheckForPermission
.freetrx.fun/	1970-01-20 12:35:28	Name: __cf_bm Value: gOsc8_fN9A2LwBIymgJptaWNqW_lsB8ZcWSr_wckN0o-1686926233-0-AV8QoiKDz2rZa+LwhTYyQDHpOXXIvEm6F5BLVXCsUNso2yvMfkv5hMb8HGBtouP80Q==
.freetrx.fun/	1970-01-20 21:57:02	Name: __gads Value: ID=74e6e7b513da15a9-22c3cd9c99e10010:T=1686926233:RT=1686926233:S=ALNI_MbhNxkHCaBytzoySg2D-GKCMnjUrQ
.freetrx.fun/	1970-01-20 21:57:02	Name: __gpi Value: UID=00000c4fd09cedaa:T=1686926233:RT=1686926233:S=ALNI_MYIp9mtZg8P-TcubI2njWVH97yhOA
freetrx.fun/	1970-01-20 22:11:26	Name: bitmedia_fid Value: eyJmaWQiOiJlMzFkOTgxZjBhZGI2NzRlMGEwZWMyOWFmZTU2ZDZmYiIsImZpZG5vdWEiOiIxY2YzZjVjN2M2Mzk4OWEyNzhiODU1NzU0N2QxZDMzMSJ9
ntvpwpush.com/	1970-01-20 13:18:38	Name: fp Value: null
ntvpwpush.com/	1970-01-20 13:18:38	Name: refdomain Value:
ntvpwpush.com/	1970-01-20 13:18:38	Name: mm Value: false
ntvpwpush.com/	1970-01-20 13:18:38	Name: gyr Value: 0
ntvpwpush.com/	1970-01-20 13:18:38	Name: ad_tags Value: Faucet%2CInstant%2CPayout%2CZone%2CFTRX%2CFaucet
ntvpwpush.com/	1970-01-20 13:18:38	Name: tag_ab Value: b
ntvpwpush.com/	1970-01-20 13:18:38	Name: timezone Value: 0
ntvpwpush.com/	1970-01-20 13:18:38	Name: utm1 Value:
ntvpwpush.com/	1970-01-20 13:18:38	Name: utm2 Value:
ntvpwpush.com/	1970-01-20 13:18:38	Name: utm4 Value:
ntvpwpush.com/	1970-01-20 13:18:38	Name: accel Value: 0
ntvpwpush.com/	1970-01-20 13:18:38	Name: screen_resolution Value: 1600x1200
.doubleclick.net/	1970-01-20 12:35:29	Name: DSID Value: NO_DATA
fp.metricswpsh.com/	1970-01-20 21:21:02	Name: id Value: 14557534973545894187

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://tags.orquideassp.com/tag/11545 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://tags.orquideassp.com/tag/11545 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://tags.orquideassp.com/tag/9362 Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: https://tags.orquideassp.com/tag/11539 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://tags.orquideassp.com/tag/11539 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

795bb4615e.3cbc749ccf.com
9186bf9778.cca63f7d30.com
acceptable.a-ads.com
adservice.google.com
audit-tcfv2.cmp.quantcast.com
boot.pbstck.com
cdn.bmcdn5.com
cdn.jsdelivr.net
cdn.pbstck.com
cdn.tynt.com
cdnjs.cloudflare.com
claim.fun
cmp.quantcast.com
cp.mndsrv.com
cryptocoinsad.com
d3u598arehftfk.cloudfront.net
de.tynt.com
fonts.googleapis.com
fonts.gstatic.com
fp.metricswpsh.com
freetrx.fun
googleads.g.doubleclick.net
hbagency.it
i.ibb.co
ic.tynt.com
img.adqva.com
js.canstrm.com
js.wpshsdk.com
ntvpwpush.com
pagead2.googlesyndication.com
partner.googleadservices.com
pp.mndsrv.com
quantcast.mgr.consensu.org
rt183.surfe.pro
rules.quantcount.com
s-img.adskeeper.com
secure.quantserve.com
servicer.adqva.com
ss.mndsrv.com
static.bmcdn5.com
static.surfe.pro
supertruco.com
t.dtscout.com
tags.orquideassp.com
test.cmp.quantcast.com
tpc.googlesyndication.com
use.fontawesome.com
waust.at
whos.amung.us
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.pokania.com
www.pokebtc.com
zerads.com
157.90.84.242
162.19.58.159
172.64.151.83
176.9.28.133
176.9.77.232
18.198.226.87
192.0.78.146
199.241.100.27
2600:9000:223c:ae00:6:44e3:f8c0:93a1
2600:9000:223f:b200:1f:946:f000:21
2600:9000:2240:6600:9:46dc:4700:93a1
2600:9000:2240:ba00:9:46dc:4700:93a1
2600:9000:225e:8400:3:a4cd:8380:93a1
2600:9000:2491:ca00:2:e529:700:93a1
2606:4700:10::6816:4aab
2606:4700:10::ac43:1997
2606:4700:20::681a:507
2606:4700:20::681a:807
2606:4700:20::ac43:4427
2606:4700:21::8d65:780a
2606:4700:3030::ac43:b3c9
2606:4700:3031::6815:2dfb
2606:4700:3035::ac43:97b9
2606:4700::6811:180e
2606:4700::6812:82e
2606:4700:e2::ac40:840f
2606:4700:e6::ac40:c021
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:803::2008
2a00:1450:4001:806::2002
2a00:1450:4001:812::2003
2a00:1450:4001:827::2002
2a00:1450:4001:828::200a
2a00:1450:4001:829::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2002
2a00:1450:4001:831::2004
2a01:4f8:c0:2343::2
2a02:4780:a:761:0:199c:170d:8
2a04:4e42:400::485
2a06:98c1:3121::3
45.133.44.52
45.133.44.53
67.202.105.31
67.202.105.34
92.204.136.218
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
025a694da100b6f79fd00f9922e6a126b0b479873a8a54ad56bb191cd7a535c4
025c36bce8d03d5331e01b67713aab16f47053358b923633fac5721a4ea9bf14
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8
06e2d106cc61d385386d46603bf20c19b090c3710d649fcd563433fa63f9d810
06edb2a0f91c7326150a593b226f04bd1e5c1d8f107e0794753b2f608524073a
073a619dd22d64d0db9f60ef8199b7b216a9efba06a4bc40fd319ebbf3611bc0
08b3915e89a975cbdfc69129e80e7f13191a09aa940696aa3de726eb3d943a53
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0abb0ff2de787bbe7df0008b49a99a09dd5e8eac35a3826cf287f69a44f1b848
0b4e9db6469cd291e6710eb04ba112bd603c9d504bae2af0d3c0896676bad2dc
103a02e7d27f4a02b014b9b0270378a3235fe387432a0bd8b922211fe0d16c5f
111753909b1ff79010b3b68264ddd5096e7fa537b7417f6c614b686faaabcdca
12a96d6aa7b52f5355ecb267c30d60a4124dbd79571b03ab18714d3dd5b532f9
136c5c2d764abed6f0998886a3edd474d74711688dde7a8d90b7e41c42f15648
138d351d33c6d9b7b0cf61e937c3da66b13459ac0f11cc6796a6bb5a8cfa3d44
143ed1a9638431acf4ec165beedf294a67871bd94580d09f01fe41887458ba3b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
188efb3210377ba8f48b43637e08a2f703a0dc95fca0aed4c5b6f4f3dd324151
1bc700d32be90dfa5d34daebe9871de7ad23439b20172d6bfe273b47ce08cae5
1da3d65a8ddd75e83893887530e36d723e300b1fb28fb377e5c2e9dcf021122b
1db231eb61ab4d9a3c523d01727eb4a4bcbe62b5059d383f7910d03e1e2b276c
24b05a7f551a61746572b9c72e45608f295268e9e69bcbb27ffeaa3c2c9669ca
252020519b9481bc71c10e8ba9fc22d687d4718b5dde817ce56b6e26b0353076
26c6b253d74f84feade601e3155b6dea6655e6838dfdd9f0499f9a1387c5bf46
2a4c2efee597e82f8d7476b1ba4d0b96af2c548f65fe0849f08f2d3a2b39cc0c
2dd548f87f1e0c7cc046b0895552a7b4c25bc92c47bb8b9b53081f492241ab76
2dde6b081659ee9b5d2bd6fc1b0463d5daebd60cc5f51db1cdb58f21a5854424
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d1a8b234ef7e3fcd967fe38bb63298be8faf869e0dcd5352c330ed5c18964b
32aae5c43fa382dde29a65f39d86fa0060c44d9dafa9adc7ecc3a0efebd2f75c
3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c
3605f94c4674b73f60b20d9f3069eca84cc8d3d3370fc91de0cd9bc6d7e44a90
3732c1b69385794cba9a27e536edc67d5763e658e50744a8dc21497897e03059
392ce57102cbbb0a075837c2cd5faa91009369859842c5f6b26acba2820f9bdc
39a8ab5609f4a07be775b1091c2a91b1c8aab955361bd28b1c34da137b2d8063
3d12e091388496d7bca308a2fd40b5984e99c854246bff3164d29506756aec74
444a5df71eb146dcdb605e4ff56b10811f27c31dce28cbf5dee37858f6e577ad
44f8f908467e4a0a3b1b0ca71f6042c67dccebe72de3c82f0824380692093963
462bfb2a11aeef0c1c5c88861f3d9d56711256810f7290056f13b53c4eae6e1e
4af737f0d9b4d0f7ea8d3bdedef8cca3498b08c1acb62e0b7fe212a751a2f8c3
4b0f43a41a22937586d9dcfb1a83acb9e352846843188049c87613a17f688fbb
505ad707b1e5393e241b2a68ef278ed069d2c685f660d8d166927fd343767787
53082ac01970252c5540950e4460f4a6a76cd0785b28e2baa1c8b9caf08c3c94
53daca580d3f9d8d5ceca8d366e9bf23d952a04ccec7d6321a30813eab1a4084
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5811af6b95ce409b00865c836719791822336e838a1280a36b2323a7732a91ef
5a294fb01e23f26937037c04f35db5072ff1c004eaf22c570fc09f4d301fdd97
5cfe6bd59f0db86d5ca34ef51bb50d954b91e46d4c84b6f7be3ef03e579d3d51
603c57f113e498ba5805cfcafaf70ffb75159203bd32cac9d363b5540a2fb60a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62841916c11c839fde303ac3573a2514637f6de51f8a3d5b7bb47adbdd250575
62abb2acb82a1832beb6f7f01a455cc6101d6593963c744771434fc23cac2266
634bdefb7556c6d66dd18b54785288b3f86b453f791a5a66254779b2bbdd1479
635cbd5c4f2676a4f9287331eddb4fdae18114878cf9f45fefc068922628f368
6500f7835a2323775cb4c894af2f8c7506ab6266809823cd23c1de35e6b63e77
670f6a774e46fdb4672ec410b164f24cf883d5afcb2ef4c88084eb62df070092
6a32d199c7a1da6a9caa2921025843c48c8a57d39fac661b596e9b9ca79098bc
6ab1a51be5b306a14f87e7ad6923911a3620d8cd452b04860860986cabc291af
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b814d02958e339eaad22839ea7a29d3ade9071a5e9df9ce065def22ab595936
6c8f81e139f698036111f532ca695b38184ac78c443b122b81b63eb72aeeeaba
6ca59ef5115f985c9b5070de7bae45d0a1c629540bbcb9a7e6fb68a2389777fd
6e76e8f648d5be7aa7790a3a8d884aaa2d813f4eaa2d32da97edc8ecae87cf2f
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
709aeb9f541d0d14b76b7f0b93fc0d3e2431736b099b2c1b4de92a571d387fdd
71b58c684e74f8b8a72eeab2d19b447554b3245f65c7331b7a518f4a2bee555f
7208300e27f4249d18cd55cb0dfe1a94a362adf6af4309883a6d85595823abcb
739f0b1eed0e422f12edd5dff5a0677e595a95780eb16e2180b7ccf5a5ea70f0
746b795285b8b75c72d73afff7292a7fac46f177f54593339978276cd68dc931
74f7db1c98d42be3145c1ba9988d5d59d072a87785c243ab6d56f35b4022ef6e
757bee2792e9a9d34105e3ebf7fa31e149c93c153adc4212b4a03a811d41bd5b
79c604c6827f6891d0565994ae6fc3ee01e655486bc8ff5f589f05df786455b5
7bf6a15ffbbb990860172cde63d3ddd4763bbf066ef48e2cebac8290810046d7
7e25df8e43cd5cb9c48026af01f0d5c1b2de5e25a5212b8c26a719020e10f8b7
7f044f2ee9a12e9cb79571e1157be389d9ee137211608260596fdb5d7c1fda54
813317bf73afbf03dfc44f7f1c1b14329709b141b4062f82e12f0ae48cdb4149
81aa9f088b7206f94b41f98462ef20e8478d02987773eece00e2d2a68ecb89ee
854f47fda466ed9d7e0d438a80c3f7049575d373d5887aca71313da2b795c739
8a64910872e140c9fdee68753b9a8a8c6ade93b2e55be7cf91dbcf060b314fe8
8a98a819a8492ffd0f399a8e454db87a44835e50bf38d7220b5ef7e373fd3f6d
9285a80d8ab5865b3c84926cf203f1b3d15667d275a88f64dcfeb83d9ed2d316
99af8158d8126e37f203ccdd03f8de404770639d4911be90fd32f0e10e715e33
9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b840e80840dc925b011e8e5dc85ad29af0b3c5d852103b1e578e9c82fa9d31
a649d13dae46d7ac7044b05e17257687096577cc2e3b8ac8990ef48dd8fa6875
ab80f37b78f7b46dd6692610d353a20d410561554adb21605ea24f2b06bdbba1
ad22181291ddb371eb4359ad0c5887c25ece808425f2383011d8c6e7cfa4b71c
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b14ef09e5d084f7cb785998d54d37e486619c9b9527e72776a7c9d2b7e85c828
b1804777ba20dafab3f354093af8b20442bec0eb61b2d34ea8a735a3bfefa278
b448993aabcbe3b62434d2c6611ad5d04bf9e94854c87bc24c914aa7a02c02d3
b9e4783e4958f48e72530af7d3abf338fae673a880dc1a546dd7e499dfd3ee1a
ba77213c3a26f4c5e4e9a9252b72b7d8c9cbffc6bb23efd5961c53486f56d236
bb36670fcbe378e37b5ecc4d239a9e3a84b6dd5ba0617fdfa14b1af8e969b451
bb7dfe59c593e0c564fbd1a53e4cc936c4791e3ffe140471e803fb25f689f7ca
c2cf03ea96115afe0d4018bfc61f664ab1e5c75702542345d9a8aedd42a6f4c9
c47b7f6b678f1a9be54dbc587c3df8900ce1611fff266967a07b91d9809f3659
c4988271486d7942dec3bfcd183a5e9381dcb4cdc3b4a9c4e2ad5b3dcfcb5008
c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a
c4ecd51f989ba54fcb5e250a48bc51a71b7a8af892039ac22c14544efa12d227
c5046fb759e8845a518bd28e9396435e82493fa071c107b822f4ef441fb63a99
ccd818ef2f3cafaf22ffc06e52d0e4a6f9f2f766bf88721b8461a1b71dfc6d77
d0f3143f3ecea93e92391e08de3461a779d9c5094241779ccf1b57665a081133
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d3b4b0b4dc15a09b65a425fff5c8cb734fd4ea3bc2828ef16e7bee8c829174fc
d6eeced513e69e1ac89ce78dcf11108ee15d4a0e3ac647ffaefa8cc8d729059c
d877a0b297013c95a0c6bf59c502a3d5f1e61f20d64e307dbead9b09d954c75c
db091352fcaa3462cce0ff4e640ff4e7c00fe32c076340c600f934498cc34ff3
e119d54f77ab175a1af13b742102c9062ce8db77ac8c104e4beb1246c7bd035f
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e725e33322470b6c14a941cdb66b02d1252e93736456e18d7ba2212a352fc5e0
e82a7b71089b7cf96089fe5b22e139dbba36297d28cfa8d0e840e9d116c79c11
e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3
e967828146b91def4b3d68fa3fa7d6c069c39a6e713bfea10ba247d010477fa6
ea99ff0c6eca23b9ffe62d1fa2fc6654edd7b284a51062c2335243b339c3b6e4
eb168fe9924e629e2da0b3a2c4c9bbce18ae9d19719cd45572c4c7acb112e30b
eb644f290f0fb1ea074d5a52e431e49cf9fa4adc1b345e7719d0d27a3fe78c9a
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ebc3a7fd60aaed829245b3e010a91bfbd59619f4b302e31151875685cd01cc96
f19f0b839b4f0a879b574e4e49b04995872fc6d8fb88f7cf35d6f21e197a4671
f22061853568d37b9b8f4775622b90ad1a559a4fbbfb22491226f883c1b7fad7
f24251f2c97427d7777234c44a9493d33c22682e2dde22bd1f4f4c87dc766aeb
f28ac64647542f51cc710b676f8dc6c5343ea77247f7c715f8f828dc397c3cce
f5b7cca93edaff23020330b201d45def46d287db5da3a1222bf0875958a9adeb
f85e41d9e1647f47a98a6ed8d82a4e316c984fd573a42843a2be2834c938904c
fe02c6f5a37c72317bbd729b31e3b19ad08e8ccf0f22c2553f3417353d9d63b1
feaf27fdddabe92bfbbe2a1493c53a3bf017fd225854c3e7c1dd2539da667ea5
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
ff4c07f1e5cbcfdcfeabb37e8c1dc21d3edc5e3e20edd2d3da16ab5aa22bc600
ffa1ba6ffe17da339de304d3672c86df235b1872ac08abb48c1e0a52f6a26995

freetrx.fun Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

184 Requests

99 %HTTPS

72 %IPv6

43 Domains

55 Subdomains

46 IPs

4 Countries

5222 kBTransfer

8986 kBSize

24 Cookies

1 Outgoing links

Redirected requests

184 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

freetrx.fun Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

184
Requests

99 %
HTTPS

72 %
IPv6

43
Domains

55
Subdomains

46
IPs

4
Countries

5222 kB
Transfer

8986 kB
Size

24
Cookies

184 HTTP transactions
7 data transactions