urlscan.io logo urlscan.io
SecurityTrails logo

cashandfreedom4u.ws Open in urlscan Pro
64.70.19.52  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://hdnaxd-gyvl-xyz.cdn.ampproject.org/c/hdnaxd.gyvl.xyz
Effective URL: http://cashandfreedom4u.ws/index.php/?sponsor=jsanfran25
Submission: On September 02 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 4 countries across 14 domains to perform 41 HTTP transactions. The main IP is 64.70.19.52, located in United States and belongs to CENTURYLINK-LEGACY-SAVVIS, US. The main domain is cashandfreedom4u.ws.
This is the only time cashandfreedom4u.ws was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

6    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
hdnaxd-gyvl-xyz.cdn.ampproject.org
cdn.ampproject.org
d2rzfyo6vcbyqa-cloudfront-net.cdn.ampproject.org
1    2600:9000:214f:2000:e:fd13:2480:93a1 (United States)

ASN16509 (AMAZON-02, US)
d2rzfyo6vcbyqa.cloudfront.net
1    51.254.78.230 (Ireland)

ASN16276 (OVH, FR)
PTR: ip230.ip-51-254-78.eu
pejm.2trust.top
2    35.241.19.31 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 31.19.241.35.bc.googleusercontent.com
www.trapnexjet.com
4    64.70.19.52 (United States)

ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US)
PTR: mailrelay.52.website.ws
cashandfreedom4u.ws
1    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
translate.google.com
6    2a00:1450:4001:81e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
translate.googleapis.com
1    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
5    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
2    104.22.52.65 (United States)

ASN13335 (CLOUDFLARENET, US)
www.statcounter.com
c.statcounter.com
9    2.21.36.164 (France)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-21-36-164.deploy.static.akamaitechnologies.com
s7.addthis.com
v1.addthisedge.com
m.addthis.com
api-public.addthis.com
1    104.108.145.172 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-172.deploy.static.akamaitechnologies.com
z.moatads.com
2    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:816::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a03:2880:f01c:800e:face:b00c:0:2 (Ireland)

ASN32934 (FACEBOOK, US)
graph.facebook.com
2    129.146.196.240 (United States)

ASN31898 (ORACLE-BMC-31898, US)
api-public-oci-origin.addthis.com
Domain Requested by
6 www.youtube.com cashandfreedom4u.ws
6 translate.googleapis.com translate.google.com
translate.googleapis.com
srcdoc
cashandfreedom4u.ws
5 s7.addthis.com 1 redirects cashandfreedom4u.ws
s7.addthis.com
4 cashandfreedom4u.ws cashandfreedom4u.ws
4 cdn.ampproject.org hdnaxd-gyvl-xyz.cdn.ampproject.org
cdn.ampproject.org
2 api-public-oci-origin.addthis.com cashandfreedom4u.ws
2 api-public.addthis.com 2 redirects
2 graph.facebook.com s7.addthis.com
2 www.gstatic.com translate.googleapis.com
cashandfreedom4u.ws
2 www.trapnexjet.com 2 redirects
1 www.google.com cashandfreedom4u.ws
1 m.addthis.com s7.addthis.com
1 v1.addthisedge.com s7.addthis.com
1 z.moatads.com s7.addthis.com
1 c.statcounter.com www.statcounter.com
1 www.statcounter.com cashandfreedom4u.ws
1 translate.google.com cashandfreedom4u.ws
1 pejm.2trust.top 1 redirects
1 d2rzfyo6vcbyqa-cloudfront-net.cdn.ampproject.org
1 d2rzfyo6vcbyqa.cloudfront.net cdn.ampproject.org
1 hdnaxd-gyvl-xyz.cdn.ampproject.org
41 21

This site contains links to these domains. Also see Links.

Domain
website.ws
www.website.ws
freedom.ws
testimonials.ws
udimi.com
www.addthis.com
Subject Issuer Validity Valid
misc-sni.google.com
GTS CA 1O1		 2020-08-11 -
2020-11-03		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2020-05-26 -
2021-04-21		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-08-11 -
2020-11-03		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-08-11 -
2020-11-03		 3 months crt.sh
us-dallas.statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2019-11-22 -
2020-10-29		 a year crt.sh
odc-prod-01.oracle.com
DigiCert Secure Site ECC CA-1		 2020-07-22 -
2021-10-13		 a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2020-01-17 -
2021-03-17		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2020-08-11 -
2020-11-03		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-08-19 -
2020-11-11		 3 months crt.sh
*.addthis.com
DigiCert SHA2 Secure Server CA		 2019-02-04 -
2021-02-03		 2 years crt.sh

This page contains 12 frames:

Primary Page: http://cashandfreedom4u.ws/index.php/?sponsor=jsanfran25
Frame ID: AEFF877ADA3506DDE23991D49A3D5F44
Requests: 31 HTTP requests in this frame

Frame: https://d2rzfyo6vcbyqa.cloudfront.net/iframe.html
Frame ID: 11B9849140E885FBDBDCD91CFD9932E1
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/fFa2FkkMl2Q?autoplay=1;rel=0&controls=0&modestbranding=0&wmode=opaque&vq=&rel=0
Frame ID: 2512BF826DE9887DDEF08CACD2C88E82
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/o5_fuu5f6b0?wmode=opaque&showinfo=0&autoplay=0&controls=1&modestbranding=1&vq=&rel=0
Frame ID: 64E4E7DD4B80FA47E8C52C74DA98B8FA
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/sC8cL9xKd7M?wmode=opaque&showinfo=0&autoplay=0&controls=1&modestbranding=1&vq=&rel=0
Frame ID: 7D1FF2BF6F50AE092CE8011ECF786E55
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/QG0ocRe-pqk?wmode=opaque&showinfo=0&autoplay=0&controls=1&modestbranding=1&vq=&rel=0
Frame ID: D05ABBC1B2BA1F6CFA2B6ACEDE938537
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Jpb8CE0PG54?wmode=opaque&showinfo=0&autoplay=0&controls=1&modestbranding=1&vq=&rel=0
Frame ID: 3C739405F9F5B046DC6E53C1D4916D60
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/M-IubgZGp_I?wmode=opaque&showinfo=0&autoplay=0&controls=1&modestbranding=1&vq=&rel=0
Frame ID: B2C95CA0A6C1ABAC109186BEAE60B795
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 7198A1DEAB91A555784B09003777B080
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: F5DECDDE7324B4E6373A30D01FF10A67
Requests: 1 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_static/css/translateelement.css
Frame ID: BF47316390C5AC78C654E6C9756BB7D0
Requests: 1 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback
Frame ID: 4D784B113C842AAF8E2EF6C205A93F05
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://hdnaxd-gyvl-xyz.cdn.ampproject.org/c/hdnaxd.gyvl.xyz Page URL
  2. http://pejm.2trust.top/ HTTP 302
    https://www.trapnexjet.com/DGL476/2C7N4F4/ HTTP 302
    https://www.trapnexjet.com/DGL476/2G5L7SX/?__rpt=0&__po=771&__ptid=ba5cb18ef9ff407b9e283c594c146020&__r... HTTP 302
    http://cashandfreedom4u.ws/index.php/?sponsor=jsanfran25 Page URL

Page Statistics

41
Requests

80 %
HTTPS

56 %
IPv6

14
Domains

21
Subdomains

15
IPs

4
Countries

543 kB
Transfer

1486 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://hdnaxd-gyvl-xyz.cdn.ampproject.org/c/hdnaxd.gyvl.xyz Page URL
  2. http://pejm.2trust.top/ HTTP 302
    https://www.trapnexjet.com/DGL476/2C7N4F4/ HTTP 302
    https://www.trapnexjet.com/DGL476/2G5L7SX/?__rpt=0&__po=771&__ptid=ba5cb18ef9ff407b9e283c594c146020&__rpa=1&__rc=1&sub1=&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=9 HTTP 302
    http://cashandfreedom4u.ws/index.php/?sponsor=jsanfran25 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • http://s7.addthis.com/js/300/addthis_widget.js HTTP 308
  • https://s7.addthis.com/js/300/addthis_widget.js
Request Chain 37
  • http://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fcashandfreedom4u.ws%2Findex.php%2F%3Fsponsor%3Djsanfran25&callback=_ate.cbs.rcb_h5200 HTTP 308
  • https://api-public-oci-origin.addthis.com/url/shares.json?url=http%3A%2F%2Fcashandfreedom4u.ws%2Findex.php%2F%3Fsponsor%3Djsanfran25&callback=_ate.cbs.rcb_h5200
Request Chain 39
  • http://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fcashandfreedom4u.ws%2Findex.php%2F%3Fsponsor%3Djsanfran25&callback=_ate.cbs.rcb_57id0 HTTP 308
  • https://api-public-oci-origin.addthis.com/url/shares.json?url=https%3A%2F%2Fcashandfreedom4u.ws%2Findex.php%2F%3Fsponsor%3Djsanfran25&callback=_ate.cbs.rcb_57id0

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
hdnaxd.gyvl.xyz
hdnaxd-gyvl-xyz.cdn.ampproject.org/c/ 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hdnaxd-gyvl-xyz.cdn.ampproject.org/c/hdnaxd.gyvl.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db4843d77be2a974fad9c8e7846742c18e52f6d6349ed5a9bf94d705975a38a3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src 'sha256-5CxqAdDXlHviOy7zxeRpMobzRK/JNpLvkS+k8Zj3L3A=' 'sha256-FIBGC/wl1Qfnh2Fb5NPFHmRty7BHJdDpWW1FZ8egppI=' 'sha256-dKn2nAtwgzaaXC8ZM58hhldxNyeuu4qrzW4H9//9YMA=' blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
hdnaxd-gyvl-xyz.cdn.ampproject.org
:scheme
https
:path
/c/hdnaxd.gyvl.xyz
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
nel
{"report_to":"nel","max_age":604800,"success_fraction":0.05}
report-to
{"group":"nel","max_age":604800,"endpoints":[{"url":"https://beacons.gcp.gvt2.com/nel/upload-nel"},{"url":"https://beacons.gvt2.com/nel/upload-nel"}]}
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
br
content-type
text/html
x-page-speed
0.9.10.99-9999
link
<https://cdn.ampproject.org/rtv/002008220050001/v0.js>; rel=preload; as=script
access-control-allow-origin
http://hdnaxd.gyvl.xyz
content-security-policy
default-src * blob: data:; script-src 'sha256-5CxqAdDXlHviOy7zxeRpMobzRK/JNpLvkS+k8Zj3L3A=' 'sha256-FIBGC/wl1Qfnh2Fb5NPFHmRty7BHJdDpWW1FZ8egppI=' 'sha256-dKn2nAtwgzaaXC8ZM58hhldxNyeuu4qrzW4H9//9YMA=' blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-length
2580
date
Wed, 02 Sep 2020 13:21:29 GMT
expires
Wed, 02 Sep 2020 13:21:29 GMT
cache-control
private, max-age=120
last-modified
Wed, 02 Sep 2020 11:59:09 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
v0.js
cdn.ampproject.org/rtv/002008220050001/ 		255 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/002008220050001/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5bc40d17c4e9c33685a70452d109d313fc1857b1e24e95bc74c604542493d4af
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hdnaxd-gyvl-xyz.cdn.ampproject.org/c/hdnaxd.gyvl.xyz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
133075
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70355
x-xss-protection
0
server
sffe
date
Tue, 01 Sep 2020 00:23:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"db6b80e8dafb83ae"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Sep 2021 00:23:34 GMT
amp-iframe-0.1.js
cdn.ampproject.org/rtv/002008220050001/v0/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/002008220050001/v0/amp-iframe-0.1.js
Requested by
Host: hdnaxd-gyvl-xyz.cdn.ampproject.org
URL: https://hdnaxd-gyvl-xyz.cdn.ampproject.org/c/hdnaxd.gyvl.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62343740dda3e199fa4fda10793ddb37e6a4f9e720dc361501d2a79ce8f82c46
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hdnaxd-gyvl-xyz.cdn.ampproject.org/c/hdnaxd.gyvl.xyz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
133075
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7348
x-xss-protection
0
server
sffe
date
Tue, 01 Sep 2020 00:23:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"fd2b9d3df7ccffd1"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Sep 2021 00:23:34 GMT
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/002008220050001/v0/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/002008220050001/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/002008220050001/v0.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a633b1451f3c5e5ea43efc2f6e5d995791b293440903610f41156bba396134a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://hdnaxd-gyvl-xyz.cdn.ampproject.org
Referer
https://hdnaxd-gyvl-xyz.cdn.ampproject.org/c/hdnaxd.gyvl.xyz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
133075
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2571
x-xss-protection
0
server
sffe
date
Tue, 01 Sep 2020 00:23:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4a64b21f492fd04a"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Sep 2021 00:23:34 GMT
iframe.html
d2rzfyo6vcbyqa.cloudfront.net/ Frame 11B9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://d2rzfyo6vcbyqa.cloudfront.net/iframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/002008220050001/v0/amp-iframe-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:2000:e:fd13:2480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

:method
GET
:authority
d2rzfyo6vcbyqa.cloudfront.net
:scheme
https
:path
/iframe.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hdnaxd-gyvl-xyz.cdn.ampproject.org/c/hdnaxd.gyvl.xyz
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://hdnaxd-gyvl-xyz.cdn.ampproject.org/c/hdnaxd.gyvl.xyz

Response headers

status
200
content-type
text/html
content-length
175
date
Wed, 02 Sep 2020 11:22:55 GMT
last-modified
Sat, 29 Aug 2020 14:58:21 GMT
etag
"b2e48d32dceb656c699664a5124e1572"
accept-ranges
bytes
server
AmazonS3
x-cache
Hit from cloudfront
via
1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
zobA4YuYbPpjcyeDdAc_ccQ41fwbgUYHFKWiKs5_QmcJOnmUG7PeTQ==
age
7115
rolling.gif
d2rzfyo6vcbyqa-cloudfront-net.cdn.ampproject.org/ii/w56/s/d2rzfyo6vcbyqa.cloudfront.net/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzfyo6vcbyqa-cloudfront-net.cdn.ampproject.org/ii/w56/s/d2rzfyo6vcbyqa.cloudfront.net/rolling.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4cdfeedf13935ed902081f4f428478ec73580d2e64f0e5242911a2714f09548b
Security Headers
Name Value
Content-Security-Policy default-src 'none'; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hdnaxd-gyvl-xyz.cdn.ampproject.org/c/hdnaxd.gyvl.xyz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src 'none'; report-uri https://csp.withgoogle.com/csp/amp
x-content-type-options
nosniff
last-modified
Sat, 29 Aug 2020 15:01:45 GMT
server
sffe
date
Wed, 02 Sep 2020 13:21:29 GMT
content-type
image/gif
status
200
cache-control
private, max-age=120
content-disposition
attachment
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49100
x-xss-protection
0
expires
Wed, 02 Sep 2020 13:21:29 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/002008220050001/v0/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/002008220050001/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/002008220050001/v0.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d20057a07ae5b72e1b7482f80e4f97ed9a1302661747cb51f097fe0b5c508a15
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://hdnaxd-gyvl-xyz.cdn.ampproject.org
Referer
https://hdnaxd-gyvl-xyz.cdn.ampproject.org/c/hdnaxd.gyvl.xyz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
133074
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3717
x-xss-protection
0
server
sffe
date
Tue, 01 Sep 2020 00:23:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"eddefa27de6755e4"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Sep 2021 00:23:35 GMT
Primary Request /
cashandfreedom4u.ws/index.php/
Redirect Chain
  • http://pejm.2trust.top/
  • https://www.trapnexjet.com/DGL476/2C7N4F4/
  • https://www.trapnexjet.com/DGL476/2G5L7SX/?__rpt=0&__po=771&__ptid=ba5cb18ef9ff407b9e283c594c146020&__rpa=1&__rc=1&sub1=&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=9
  • http://cashandfreedom4u.ws/index.php/?sponsor=jsanfran25
17 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://cashandfreedom4u.ws/index.php/?sponsor=jsanfran25
Protocol
HTTP/1.1
Server
64.70.19.52 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
mailrelay.52.website.ws
Software
nginx/0.7.65 / PHP/5.3.5
Resource Hash
603b704374267bee67e2b1f208e5fa2e013c36ae4a59b3c5da9d578ea1719d2f

Request headers

Host
cashandfreedom4u.ws
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx/0.7.65
Date
Wed, 02 Sep 2020 13:21:31 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/5.3.5

Redirect headers

status
302
server
nginx
date
Wed, 02 Sep 2020 13:21:30 GMT
content-type
text/html; charset=utf-8
content-length
79
location
http://cashandfreedom4u.ws/index.php/?sponsor=jsanfran25
set-cookie
uniqueClick_2G5L7SX=06ca6e49-e61d-4dd5-b78c-aecc0c8c20ac:1599052890; Path=/; Expires=Fri, 02 Oct 2020 13:21:30 GMT; Secure; SameSite=None transaction_id=345cdd93cc584b27a7f9813f2ebcf15c; Path=/; Expires=Tue, 01 Dec 2020 13:21:30 GMT; Secure; SameSite=None
vary
Origin
x-eflow-request-id
13f6576c-faa8-47c7-afa0-6b8c35397586
via
1.1 google
alt-svc
clear
element.js
translate.google.com/translate_a/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Requested by
Host: cashandfreedom4u.ws
URL: http://cashandfreedom4u.ws/index.php/?sponsor=jsanfran25
Protocol
HTTP/1.1
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
d70199c0771d63b5796fbb7691f5746c31b9d34ab023780f52f62eb10222b3ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://cashandfreedom4u.ws/index.php/?sponsor=jsanfran25
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Sep 2020 13:21:31 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
HTTP server (unknown)
Content-Language
en
Cache-Control
no-cache, must-revalidate
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
794
X-XSS-Protection
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
watch-video.png
cashandfreedom4u.ws/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cashandfreedom4u.ws/images/watch-video.png
Requested by
Host: cashandfreedom4u.ws
URL: http://cashandfreedom4u.ws/index.php/?sponsor=jsanfran25
Protocol
HTTP/1.1
Server
64.70.19.52 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
mailrelay.52.website.ws
Software
nginx/0.7.65 /
Resource Hash
350f70f1491afd81b29c6631253311d0528ff244b4f1e35be5d86fc2b6eab26d

Request headers

Referer
http://cashandfreedom4u.ws/index.php/?sponsor=jsanfran25
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 02 Sep 2020 13:21:31 GMT
Last-Modified
Mon, 13 Mar 2017 01:31:41 GMT
Server
nginx/0.7.65
ETag
"9c49035-285e-54a92ac6bb749"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10334
arrowblue.png
cashandfreedom4u.ws/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cashandfreedom4u.ws/images/arrowblue.png
Requested by
Host: cashandfreedom4u.ws
URL: http://cashandfreedom4u.ws/index.php/?sponsor=jsanfran25
Protocol
HTTP/1.1
Server
64.70.19.52 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
mailrelay.52.website.ws
Software
nginx/0.7.65 /
Resource Hash
f6194a1ed199cf2d85bf213ae0fa42fa050862a5dbd41316e1c0766986fb130a

Request headers

Referer
http://cashandfreedom4u.ws/index.php/?sponsor=jsanfran25
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 02 Sep 2020 13:21:31 GMT
Last-Modified
Thu, 12 Oct 2017 14:05:45 GMT
Server
nginx/0.7.65
ETag
"9c42d9b-298e-55b5a095b0348"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10638
getstarted-button.gif
cashandfreedom4u.ws/images/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cashandfreedom4u.ws/images/getstarted-button.gif
Requested by
Host: cashandfreedom4u.ws
URL: http://cashandfreedom4u.ws/index.php/?sponsor=jsanfran25
Protocol
HTTP/1.1
Server
64.70.19.52 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
mailrelay.52.website.ws
Software
nginx/0.7.65 /
Resource Hash
fe5522c1cc4ca70ece5bda38fe4f194a5ab8c1dfff9166f9f5b367520199f392

Request headers

Referer
http://cashandfreedom4u.ws/index.php/?sponsor=jsanfran25
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 02 Sep 2020 13:21:31 GMT
Last-Modified
Sun, 01 Feb 2015 19:35:57 GMT
Server
nginx/0.7.65
ETag
"72d2cf6-7a81-50e0bf26933a5"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
31361
translateelement.css
translate.googleapis.com/translate_static/css/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/translate_static/css/translateelement.css
Requested by
Host: translate.google.com
URL: http://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6149f95c1ebdde5391898e22a79821a810336f6bd74318291b4f49f23fbf0fa8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://cashandfreedom4u.ws/index.php/?sponsor=jsanfran25
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 02 Sep 2020 13:03:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1084
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3619
x-xss-protection
0
last-modified
Wed, 12 Feb 2020 21:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 02 Sep 2020 14:03:27 GMT
main.js
translate.googleapis.com/translate_static/js/element/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/translate_static/js/element/main.js
Requested by
Host: translate.google.com
URL: http://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4174af2a69329fd7bfbfb06dd5f2ea7b082b7d47ebb1bd6a36fe9035d2a41e92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://cashandfreedom4u.ws/index.php/?sponsor=jsanfran25
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 02 Sep 2020 13:02:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1171
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1593
x-xss-protection
0
last-modified
Thu, 14 May 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 02 Sep 2020 14:02:00 GMT
fFa2FkkMl2Q
www.youtube.com/embed/ Frame 2512 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/fFa2FkkMl2Q?autoplay=1;rel=0&controls=0&modestbranding=0&wmode=opaque&vq=&rel=0
Requested by
Host: cashandfreedom4u.ws
URL: http://cashandfreedom4u.ws/index.php/?sponsor=jsanfran25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/fFa2FkkMl2Q?autoplay=1;rel=0&controls=0&modestbranding=0&wmode=opaque&vq=&rel=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://cashandfreedom4u.ws/index.php/?sponsor=jsanfran25
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://cashandfreedom4u.ws/index.php/?sponsor=jsanfran25

Response headers

status
200
x-content-type-options
nosniff
content-encoding
br
content-length
10728
strict-transport-security
max-age=31536000
content-type
text/html; charset=utf-8
expires
Tue, 27 Apr 1971 19:44:06 GMT
cache-control
no-cache
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
date
Wed, 02 Sep 2020 13:21:31 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
set-cookie
VISITOR_INFO1_LIVE=un28sdNXQAk; path=/; domain=.youtube.com; secure; expires=Mon, 01-Mar-2021 13:21:31 GMT; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Wed, 02-Sep-2020 13:51:31 GMT VISITOR_INFO1_LIVE=un28sdNXQAk; path=/; domain=.youtube.com; secure; expires=Mon, 01-Mar-2021 13:21:31 GMT; httponly; samesite=None YSC=gFtOHTMzBxs; path=/; domain=.youtube.com; secure; httponly; samesite=None
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
element_main.js
translate.googleapis.com/element/TE_20200506_00/e/js/element/ 		238 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/element/TE_20200506_00/e/js/element/element_main.js
Requested by
Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/js/element/main.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18b91aa55babf6a41b67ad376266712f9e07172f8ec8c6d06904f622f15527c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://cashandfreedom4u.ws/index.php/?sponsor=jsanfran25
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 02 Sep 2020 12:15:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3942
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87186
x-xss-protection
0
last-modified
Wed, 06 May 2020 18:47:58 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 02 Sep 2021 12:15:49 GMT
o5_fuu5f6b0
www.youtube.com/embed/ Frame 64E4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/o5_fuu5f6b0?wmode=opaque&showinfo=0&autoplay=0&controls=1&modestbranding=1&vq=&rel=0
Requested by
Host: cashandfreedom4u.ws
URL: http://cashandfreedom4u.ws/index.php/?sponsor=jsanfran25
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/o5_fuu5f6b0?wmode=opaque&showinfo=0&autoplay=0&controls=1&modestbranding=1&vq=&rel=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://cashandfreedom4u.ws/index.php/?sponsor=jsanfran25
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
VISITOR_INFO1_LIVE=un28sdNXQAk; YSC=gFtOHTMzBxs
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://cashandfreedom4u.ws/index.php/?sponsor=jsanfran25

Response headers

status
200
strict-transport-security
max-age=31536000
content-length
10803
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
x-content-type-options
nosniff
content-encoding
br
expires
Tue, 27 Apr 1971 19:44:06 GMT
cache-control
no-cache
content-type
text/html; charset=utf-8
date
Wed, 02 Sep 2020 13:21:31 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
set-cookie
GPS=1; path=/; domain=.youtube.com; expires=Wed, 02-Sep-2020 13:51:31 GMT
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sC8cL9xKd7M
www.youtube.com/embed/ Frame 7D1F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/sC8cL9xKd7M?wmode=opaque&showinfo=0&autoplay=0&controls=1&modestbranding=1&vq=&rel=0
Requested by
Host: cashandfreedom4u.ws
URL: http://cashandfreedom4u.ws/index.php/?sponsor=jsanfran25
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/sC8cL9xKd7M?wmode=opaque&showinfo=0&autoplay=0&controls=1&modestbranding=1&vq=&rel=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://cashandfreedom4u.ws/index.php/?sponsor=jsanfran25
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
VISITOR_INFO1_LIVE=un28sdNXQAk; YSC=gFtOHTMzBxs
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://cashandfreedom4u.ws/index.php/?sponsor=jsanfran25

Response headers

status
200
strict-transport-security
max-age=31536000
cache-control
no-cache
content-type
text/html; charset=utf-8
content-encoding
br
expires
Tue, 27 Apr 1971 19:44:06 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-length
10653
x-content-type-options
nosniff
date
Wed, 02 Sep 2020 13:21:31 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
set-cookie
GPS=1; path=/; domain=.youtube.com; expires=Wed, 02-Sep-2020 13:51:31 GMT
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
QG0ocRe-pqk
www.youtube.com/embed/ Frame D05A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/QG0ocRe-pqk?wmode=opaque&showinfo=0&autoplay=0&controls=1&modestbranding=1&vq=&rel=0
Requested by
Host: cashandfreedom4u.ws
URL: http://cashandfreedom4u.ws/index.php/?sponsor=jsanfran25
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/QG0ocRe-pqk?wmode=opaque&showinfo=0&autoplay=0&controls=1&modestbranding=1&vq=&rel=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://cashandfreedom4u.ws/index.php/?sponsor=jsanfran25
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
VISITOR_INFO1_LIVE=un28sdNXQAk; YSC=gFtOHTMzBxs
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://cashandfreedom4u.ws/index.php/?sponsor=jsanfran25

Response headers

status
200
expires
Tue, 27 Apr 1971 19:44:06 GMT
x-content-type-options
nosniff
content-length
10685
cache-control
no-cache
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding
br
date
Wed, 02 Sep 2020 13:21:31 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
set-cookie
GPS=1; path=/; domain=.youtube.com; expires=Wed, 02-Sep-2020 13:51:31 GMT
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Jpb8CE0PG54
www.youtube.com/embed/ Frame 3C73 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/Jpb8CE0PG54?wmode=opaque&showinfo=0&autoplay=0&controls=1&modestbranding=1&vq=&rel=0
Requested by
Host: cashandfreedom4u.ws
URL: http://cashandfreedom4u.ws/index.php/?sponsor=jsanfran25
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/Jpb8CE0PG54?wmode=opaque&showinfo=0&autoplay=0&controls=1&modestbranding=1&vq=&rel=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://cashandfreedom4u.ws/index.php/?sponsor=jsanfran25
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
VISITOR_INFO1_LIVE=un28sdNXQAk; YSC=gFtOHTMzBxs
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://cashandfreedom4u.ws/index.php/?sponsor=jsanfran25

Response headers

status
200
content-encoding
br
strict-transport-security
max-age=31536000
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-length
10789
x-content-type-options
nosniff
content-type
text/html; charset=utf-8
cache-control
no-cache
expires
Tue, 27 Apr 1971 19:44:06 GMT
date
Wed, 02 Sep 2020 13:21:31 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
set-cookie
GPS=1; path=/; domain=.youtube.com; expires=Wed, 02-Sep-2020 13:51:31 GMT
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
M-IubgZGp_I
www.youtube.com/embed/ Frame B2C9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/M-IubgZGp_I?wmode=opaque&showinfo=0&autoplay=0&controls=1&modestbranding=1&vq=&rel=0
Requested by
Host: cashandfreedom4u.ws
URL: http://cashandfreedom4u.ws/index.php/?sponsor=jsanfran25
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/M-IubgZGp_I?wmode=opaque&showinfo=0&autoplay=0&controls=1&modestbranding=1&vq=&rel=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://cashandfreedom4u.ws/index.php/?sponsor=jsanfran25
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
VISITOR_INFO1_LIVE=un28sdNXQAk; YSC=gFtOHTMzBxs
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://cashandfreedom4u.ws/index.php/?sponsor=jsanfran25

Response headers

status
200
content-length
10733
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cache-control
no-cache
strict-transport-security
max-age=31536000
content-encoding
br
content-type
text/html; charset=utf-8
expires
Tue, 27 Apr 1971 19:44:06 GMT
date
Wed, 02 Sep 2020 13:21:31 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
set-cookie
GPS=1; path=/; domain=.youtube.com; expires=Wed, 02-Sep-2020 13:51:31 GMT
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
counter.js
www.statcounter.com/counter/ 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.statcounter.com/counter/counter.js
Requested by
Host: cashandfreedom4u.ws
URL: http://cashandfreedom4u.ws/index.php/?sponsor=jsanfran25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a0116ebf81ada1c55fff029551462c6b810c9ba01d814f5e54e5541f30a9a23

Request headers

Referer
http://cashandfreedom4u.ws/index.php/?sponsor=jsanfran25
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 02 Sep 2020 13:21:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 21 Aug 2020 15:01:35 GMT
server
cloudflare
age
32721
etag
W/"5f3fe1cf-8be9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=43200
cf-ray
5cc788df5e720d32-ARN
cf-request-id
04f093df9b00000d324b06c200000001
expires
Wed, 02 Sep 2020 16:16:11 GMT
addthis_widget.js
s7.addthis.com/js/300/
Redirect Chain
  • http://s7.addthis.com/js/300/addthis_widget.js
  • https://s7.addthis.com/js/300/addthis_widget.js
353 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: cashandfreedom4u.ws
URL: http://cashandfreedom4u.ws/index.php/?sponsor=jsanfran25
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.36.164 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-21-36-164.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
eb12a261a24e54883613710a4c12f4d9205f634ca1a29d1df07f90105a93e746
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
http://cashandfreedom4u.ws/index.php/?sponsor=jsanfran25
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Thu, 04 Jun 2020 15:49:19 GMT
server
nginx/1.15.8
etag
W/"5ed917ff-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
status
200
cache-control
public, max-age=600
date
Wed, 02 Sep 2020 13:21:32 GMT
x-host
s7.addthis.com
content-length
116324

Redirect headers

Date
Wed, 02 Sep 2020 13:21:32 GMT
Server
nginx/1.15.8
X-Distribution
99
Content-Type
text/html
Location
https://s7.addthis.com/js/300/addthis_widget.js
X-Host
s7.addthis.com
Connection
keep-alive
Content-Length
171
t.php
c.statcounter.com/ 		162 B
575 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?sc_project=11469728&java=1&security=3c0d96d1&u1=63908FC009644F48303B846600DC455B&sc_rum_f_s=0&sc_rum_f_e=2241&sc_rum_e_s=2245&sc_rum_e_e=2250&sc_random=0.8701798284372417&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=http%3A//cashandfreedom4u.ws/index.php/%3Fsponsor%3Djsanfran25&t=GDI%20-%20Global%20Domains%20International%20-%20GDI%20Action%20Power%20Team&rcat=d&rdom=d&rdomg=new&bb=1&sc_snum=1&sess=a9e962&p=0&invisible=1&get_config=true
Requested by
Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0564d20c6662fa83c89b22ef3e1185cede3d6e4dfbc1525e936930e8ea58fb13

Request headers

Referer
http://cashandfreedom4u.ws/index.php/?sponsor=jsanfran25
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray
5cc788dfcf8d0d32-ARN
date
Wed, 02 Sep 2020 13:21:32 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-origin
http://cashandfreedom4u.ws
access-control-allow-credentials
true
content-type
application/json
cf-request-id
04f093dfd800000d324b073200000001
expires
Mon, 26 Jul 1997 05:00:00 GMT
moatframe.js
z.moatads.com/addthismoatframe568911941483/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.108.145.172 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-172.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer
http://cashandfreedom4u.ws/index.php/?sponsor=jsanfran25
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 02 Sep 2020 13:21:32 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
191C384BD08D2989
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=44061
accept-ranges
bytes
content-length
948
x-amz-id-2
/Y8Yj/DqLNS2pI1SPlp4cWcg3IlspJAynuwPI5L3vSGxaNJQvodByoZJc97qcmeVSMm8xcdrWW0=
_ate.track.config_resp
v1.addthisedge.com/live/boost/nepe/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.addthisedge.com/live/boost/nepe/_ate.track.config_resp
Requested by
Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.36.164 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-21-36-164.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a3afa8a76148fc20c2afa1a2ed4b7e6e94f99c0921bfc2cc628c0e60414ac564

Request headers

Referer
http://cashandfreedom4u.ws/index.php/?sponsor=jsanfran25
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 02 Sep 2020 13:21:32 GMT
content-encoding
gzip
etag
76842563--gzip
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
status
200
cache-control
public, max-age=60, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-length
1891
300lo.json
m.addthis.com/live/red_lojson/ 		90 B
250 B 		Script
General
Check archive.org
Download Go to
Full URL
https://m.addthis.com/live/red_lojson/300lo.json?si=5f4f9c5c58900c02&bkl=0&bl=1&pdt=2236&sid=5f4f9c5c58900c02&pub=nepe&rev=v8.28.7-wp&ln=en&pc=men&cb=0&ab=-&dp=cashandfreedom4u.ws&fp=index.php%2F%3Fsponsor%3Djsanfran25&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=gdi%2Cbest%20gdi%20team%2Cgdi%20action%20power%20team%2Cglobal%20domains%20international%2Cmake%20money%20online%2Cbest%20way%20to%20make%20money%20online%2C2019%2C2020&colc=1599052892443&jsl=0&uvs=5f4f9c5c316d4c72000&skipb=1&callback=addthis.cbs.jsonp__156612107324098470
Requested by
Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.36.164 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-21-36-164.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c02d2a252c9a98c25794f5ff8ae04152f55ca1a6a18943acc5c6a9e71a79c8fa

Request headers

Referer
http://cashandfreedom4u.ws/index.php/?sponsor=jsanfran25
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
pragma
no-cache
date
Wed, 02 Sep 2020 13:21:32 GMT
cache-control
max-age=0, no-cache, no-store, no-transform
content-disposition
attachment; filename=1.txt
content-length
90
content-type
application/javascript;charset=utf-8
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 7198 		0
0
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame F5DE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Requested by
Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.36.164 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-21-36-164.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:method
GET
:authority
s7.addthis.com
:scheme
https
:path
/static/sh.f48a1a04fe8dbf021b4cda1d.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://cashandfreedom4u.ws/index.php/?sponsor=jsanfran25
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://cashandfreedom4u.ws/index.php/?sponsor=jsanfran25

Response headers

status
200
server
nginx/1.15.8
content-type
text/html
last-modified
Mon, 09 Sep 2019 15:34:57 GMT
etag
W/"5d767121-1115f"
timing-allow-origin
*
cache-control
public, max-age=86313600
p3p
CP="NON ADM OUR DEV IND COM STA"
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
content-length
25412
date
Wed, 02 Sep 2020 13:21:32 GMT
vary
Accept-Encoding
x-host
s7.addthis.com
custom-messages.5799ddf75a30812a3d49.js
s7.addthis.com/static/ 		114 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/custom-messages.5799ddf75a30812a3d49.js
Requested by
Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.36.164 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-21-36-164.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
e08ee0a0555b2527719a5d5581fb11ae492e0a111be1f89ceedd3b51e995c7c5
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
http://cashandfreedom4u.ws/index.php/?sponsor=jsanfran25
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Thu, 04 Jun 2020 15:49:19 GMT
server
nginx/1.15.8
etag
W/"5ed917ff-1c9fc"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=86313600
date
Wed, 02 Sep 2020 13:21:32 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
28521
layers.33f5b85045a5f2308467.js
s7.addthis.com/static/ 		263 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/layers.33f5b85045a5f2308467.js
Requested by
Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.36.164 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-21-36-164.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
137e41c449677deb7c8da3afde63fc781b095bb028f78b789be44192e8e3f4be
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
http://cashandfreedom4u.ws/index.php/?sponsor=jsanfran25
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Thu, 04 Jun 2020 15:49:19 GMT
server
nginx/1.15.8
etag
W/"5ed917ff-41b9f"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=86313600
date
Wed, 02 Sep 2020 13:21:32 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
77540
translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/product/2x/translate_24dp.png
Requested by
Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://translate.googleapis.com/translate_static/css/translateelement.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Sep 2020 11:08:17 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
94395
vary
Origin
content-type
image/png
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1847
x-xss-protection
0
expires
Wed, 01 Sep 2021 11:08:17 GMT
translateelement.css
translate.googleapis.com/translate_static/css/ Frame BF47 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/translate_static/css/translateelement.css
Requested by
Host: translate.googleapis.com
URL: https://translate.googleapis.com/element/TE_20200506_00/e/js/element/element_main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6149f95c1ebdde5391898e22a79821a810336f6bd74318291b4f49f23fbf0fa8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://cashandfreedom4u.ws/index.php/?sponsor=jsanfran25
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 02 Sep 2020 13:03:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1085
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3619
x-xss-protection
0
last-modified
Wed, 12 Feb 2020 21:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 02 Sep 2020 14:03:27 GMT
translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 		825 B
914 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/product/1x/translate_24dp.png
Requested by
Host: cashandfreedom4u.ws
URL: http://cashandfreedom4u.ws/index.php/?sponsor=jsanfran25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://cashandfreedom4u.ws/index.php/?sponsor=jsanfran25
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 31 Aug 2020 10:24:05 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
183447
vary
Origin
content-type
image/png
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
825
x-xss-protection
0
expires
Tue, 31 Aug 2021 10:24:05 GMT
cleardot.gif
www.google.com/images/ 		43 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/cleardot.gif
Requested by
Host: cashandfreedom4u.ws
URL: http://cashandfreedom4u.ws/index.php/?sponsor=jsanfran25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://cashandfreedom4u.ws/index.php/?sponsor=jsanfran25
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Sep 2020 13:21:32 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
translate.googleapis.com/translate_a/ Frame 4D78 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-O/466WtoymCgMrFmLSra9Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 02 Sep 2020 13:21:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
script-src 'report-sample' 'nonce-O/466WtoymCgMrFmLSra9Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
expires
Mon, 01 Jan 1990 00:00:00 GMT
te_ctrl3.gif
translate.googleapis.com/translate_static/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://translate.googleapis.com/translate_static/img/te_ctrl3.gif
Requested by
Host: cashandfreedom4u.ws
URL: http://cashandfreedom4u.ws/index.php/?sponsor=jsanfran25
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d228d0256370863119c043f1e5ca8f3930f6999bd9f250434b6d8935f45dc171
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://cashandfreedom4u.ws/index.php/?sponsor=jsanfran25
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 31 Aug 2020 09:06:11 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
188121
content-type
image/gif
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1412
x-xss-protection
0
expires
Tue, 31 Aug 2021 09:06:11 GMT
/
graph.facebook.com/ 		97 B
720 B 		Script
General
Check archive.org
Download Go to
Full URL
http://graph.facebook.com/?id=http%3A%2F%2Fcashandfreedom4u.ws%2Findex.php%2F%3Fsponsor%3Djsanfran25&fields=og_object%7Bengagement%7D&callback=_ate.cbs.rcb_6qwh0
Requested by
Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol
HTTP/1.1
Server
2a03:2880:f01c:800e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d7f03a5ba2a843729c23d8d036a5b18dd1cf1078bd7f425feb59636583bd94b1

Request headers

Referer
http://cashandfreedom4u.ws/index.php/?sponsor=jsanfran25
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
X-FB-Debug
EbXjiUEF30CbJYjJuRu+nbEDWxFRDwJr3i2UZaCV+LeIwfzlIC/n9NWMaIuZPI7qKRH7bWoHqQYElGgYl+5HEQ==
x-fb-trace-id
DorGXbUSryy
ETag
"0d6ec0dace4b085a7de5abd6d63451406ebea5d8"
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
x-fb-request-id
ArY7qfoFQ1xPSXiYznEq7DB
Cache-Control
private, no-cache, no-store, must-revalidate
Date
Wed, 02 Sep 2020 13:21:32 GMT
x-fb-rev
1002607704
Connection
keep-alive
Alt-Svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
Content-Length
97
facebook-api-version
v3.1
Expires
Sat, 01 Jan 2000 00:00:00 GMT
shares.json
api-public-oci-origin.addthis.com/url/
Redirect Chain
  • http://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fcashandfreedom4u.ws%2Findex.php%2F%3Fsponsor%3Djsanfran25&callback=_ate.cbs.rcb_h5200
  • https://api-public-oci-origin.addthis.com/url/shares.json?url=http%3A%2F%2Fcashandfreedom4u.ws%2Findex.php%2F%3Fsponsor%3Djsanfran25&callback=_ate.cbs.rcb_h5200
36 B
315 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api-public-oci-origin.addthis.com/url/shares.json?url=http%3A%2F%2Fcashandfreedom4u.ws%2Findex.php%2F%3Fsponsor%3Djsanfran25&callback=_ate.cbs.rcb_h5200
Requested by
Host: cashandfreedom4u.ws
URL: http://cashandfreedom4u.ws/index.php/?sponsor=jsanfran25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
129.146.196.240 , United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx/1.15.8 /
Resource Hash
7525385e314c29f062b6af157f99c8ba0a0d3260e90d6bb493b5c67e1bab03ed
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
http://cashandfreedom4u.ws/index.php/?sponsor=jsanfran25
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 02 Sep 2020 13:21:33 GMT
surrogate-key
cashandfreedom4u.ws/index.php/?sponsor=jsanfran25
last-modified
Wed, 02 Sep 2020 13:21:33 GMT
server
nginx/1.15.8
vary
Accept-Encoding
content-type
application/json
status
200
cache-control
no-transform, must-revalidate, max-age=0, s-maxage=3600
strict-transport-security
max-age=15724800; includeSubDomains
content-length
36

Redirect headers

Location
https://api-public-oci-origin.addthis.com/url/shares.json?url=http%3A%2F%2Fcashandfreedom4u.ws%2Findex.php%2F%3Fsponsor%3Djsanfran25&callback=_ate.cbs.rcb_h5200
Date
Wed, 02 Sep 2020 13:21:33 GMT
Server
nginx/1.15.8
Connection
keep-alive
Content-Length
171
Content-Type
text/html
/
graph.facebook.com/ 		98 B
721 B 		Script
General
Check archive.org
Download Go to
Full URL
http://graph.facebook.com/?id=https%3A%2F%2Fcashandfreedom4u.ws%2Findex.php%2F%3Fsponsor%3Djsanfran25&fields=og_object%7Bengagement%7D&callback=_ate.cbs.rcb_jnv80
Requested by
Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol
HTTP/1.1
Server
2a03:2880:f01c:800e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d572aead267d3719dcfa08164cd8dead08b92e2e02d43b462a0e44227b001c5a

Request headers

Referer
http://cashandfreedom4u.ws/index.php/?sponsor=jsanfran25
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
X-FB-Debug
kSiuoi2inbuszQA7VgTPrwU3qZzjFM553i90aZKm810p24LITxYrH3PPkZunJmnzzOqQ/N8zCmcLQ6scO3mgdg==
x-fb-trace-id
HDIZliGaRrq
ETag
"4ffb618241eb71ec91e884e1b40d59c96bfbabe3"
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
x-fb-request-id
AAHRPmL6CeCC6MB6wjJ-e8F
Cache-Control
private, no-cache, no-store, must-revalidate
Date
Wed, 02 Sep 2020 13:21:32 GMT
x-fb-rev
1002607704
Connection
keep-alive
Alt-Svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
Content-Length
98
facebook-api-version
v3.1
Expires
Sat, 01 Jan 2000 00:00:00 GMT
shares.json
api-public-oci-origin.addthis.com/url/
Redirect Chain
  • http://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fcashandfreedom4u.ws%2Findex.php%2F%3Fsponsor%3Djsanfran25&callback=_ate.cbs.rcb_57id0
  • https://api-public-oci-origin.addthis.com/url/shares.json?url=https%3A%2F%2Fcashandfreedom4u.ws%2Findex.php%2F%3Fsponsor%3Djsanfran25&callback=_ate.cbs.rcb_57id0
36 B
316 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api-public-oci-origin.addthis.com/url/shares.json?url=https%3A%2F%2Fcashandfreedom4u.ws%2Findex.php%2F%3Fsponsor%3Djsanfran25&callback=_ate.cbs.rcb_57id0
Requested by
Host: cashandfreedom4u.ws
URL: http://cashandfreedom4u.ws/index.php/?sponsor=jsanfran25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
129.146.196.240 , United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx/1.15.8 /
Resource Hash
a396c867dee6bd9b8052073d117e5c1c820e2fb3c0b8d2cba5b113822aff22b9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
http://cashandfreedom4u.ws/index.php/?sponsor=jsanfran25
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 02 Sep 2020 13:21:33 GMT
surrogate-key
cashandfreedom4u.ws/index.php/?sponsor=jsanfran25
last-modified
Wed, 02 Sep 2020 13:21:33 GMT
server
nginx/1.15.8
vary
Accept-Encoding
content-type
application/json
status
200
cache-control
no-transform, must-revalidate, max-age=0, s-maxage=3600
strict-transport-security
max-age=15724800; includeSubDomains
content-length
36

Redirect headers

Location
https://api-public-oci-origin.addthis.com/url/shares.json?url=https%3A%2F%2Fcashandfreedom4u.ws%2Findex.php%2F%3Fsponsor%3Djsanfran25&callback=_ate.cbs.rcb_57id0
Date
Wed, 02 Sep 2020 13:21:33 GMT
Server
nginx/1.15.8
Connection
keep-alive
Content-Length
171
Content-Type
text/html
truncated
/ 		443 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

Referer
http://cashandfreedom4u.ws/index.php/?sponsor=jsanfran25
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s7.addthis.com
URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes object| llopt1 function| googleTranslateElementInit object| google number| sc_project number| sc_invisible string| sc_security function| _statcounter function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto object| addthis_config object| addthis_share boolean| __@@##MUH object| closure_lm_295919 object| _atw string| addthis_exclude boolean| addthis_use_personalization string| addthis_options_default string| addthis_options_rank string| addthis_options object| __callbacks number| len

2 Cookies

Domain/Path Name / Value
.addthis.com/ Name: loc
Value: MDAwMDBFVVNFMEMyMzk4MTk3ODE2NDAwMDBDSA==
.addthis.com/ Name: uvc
Value: 1%7C36

1 Console Messages

Source Level URL
Text
console-api info URL: https://cdn.ampproject.org/rtv/002008220050001/v0.js(Line 529)
Message:
Powered by AMP ⚡ HTML – Version 2008220050001 https://hdnaxd-gyvl-xyz.cdn.ampproject.org/c/hdnaxd.gyvl.xyz

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * blob: data:; script-src 'sha256-5CxqAdDXlHviOy7zxeRpMobzRK/JNpLvkS+k8Zj3L3A=' 'sha256-FIBGC/wl1Qfnh2Fb5NPFHmRty7BHJdDpWW1FZ8egppI=' 'sha256-dKn2nAtwgzaaXC8ZM58hhldxNyeuu4qrzW4H9//9YMA=' blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options nosniff
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-public-oci-origin.addthis.com
api-public.addthis.com
c.statcounter.com
cashandfreedom4u.ws
cdn.ampproject.org
d2rzfyo6vcbyqa-cloudfront-net.cdn.ampproject.org
d2rzfyo6vcbyqa.cloudfront.net
graph.facebook.com
hdnaxd-gyvl-xyz.cdn.ampproject.org
m.addthis.com
pejm.2trust.top
s7.addthis.com
translate.google.com
translate.googleapis.com
v1.addthisedge.com
www.google.com
www.gstatic.com
www.statcounter.com
www.trapnexjet.com
www.youtube.com
z.moatads.com
s7.addthis.com
104.108.145.172
104.22.52.65
129.146.196.240
2.21.36.164
2600:9000:214f:2000:e:fd13:2480:93a1
2a00:1450:4001:801::200e
2a00:1450:4001:806::200e
2a00:1450:4001:808::2001
2a00:1450:4001:809::2003
2a00:1450:4001:80b::200e
2a00:1450:4001:816::2004
2a00:1450:4001:81e::200a
2a03:2880:f01c:800e:face:b00c:0:2
35.241.19.31
51.254.78.230
64.70.19.52
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0564d20c6662fa83c89b22ef3e1185cede3d6e4dfbc1525e936930e8ea58fb13
137e41c449677deb7c8da3afde63fc781b095bb028f78b789be44192e8e3f4be
13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101
18b91aa55babf6a41b67ad376266712f9e07172f8ec8c6d06904f622f15527c9
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
350f70f1491afd81b29c6631253311d0528ff244b4f1e35be5d86fc2b6eab26d
4174af2a69329fd7bfbfb06dd5f2ea7b082b7d47ebb1bd6a36fe9035d2a41e92
4cdfeedf13935ed902081f4f428478ec73580d2e64f0e5242911a2714f09548b
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
5bc40d17c4e9c33685a70452d109d313fc1857b1e24e95bc74c604542493d4af
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
603b704374267bee67e2b1f208e5fa2e013c36ae4a59b3c5da9d578ea1719d2f
6149f95c1ebdde5391898e22a79821a810336f6bd74318291b4f49f23fbf0fa8
62343740dda3e199fa4fda10793ddb37e6a4f9e720dc361501d2a79ce8f82c46
7525385e314c29f062b6af157f99c8ba0a0d3260e90d6bb493b5c67e1bab03ed
7a633b1451f3c5e5ea43efc2f6e5d995791b293440903610f41156bba396134a
9a0116ebf81ada1c55fff029551462c6b810c9ba01d814f5e54e5541f30a9a23
a396c867dee6bd9b8052073d117e5c1c820e2fb3c0b8d2cba5b113822aff22b9
a3afa8a76148fc20c2afa1a2ed4b7e6e94f99c0921bfc2cc628c0e60414ac564
c02d2a252c9a98c25794f5ff8ae04152f55ca1a6a18943acc5c6a9e71a79c8fa
d20057a07ae5b72e1b7482f80e4f97ed9a1302661747cb51f097fe0b5c508a15
d228d0256370863119c043f1e5ca8f3930f6999bd9f250434b6d8935f45dc171
d572aead267d3719dcfa08164cd8dead08b92e2e02d43b462a0e44227b001c5a
d70199c0771d63b5796fbb7691f5746c31b9d34ab023780f52f62eb10222b3ab
d7f03a5ba2a843729c23d8d036a5b18dd1cf1078bd7f425feb59636583bd94b1
db4843d77be2a974fad9c8e7846742c18e52f6d6349ed5a9bf94d705975a38a3
e08ee0a0555b2527719a5d5581fb11ae492e0a111be1f89ceedd3b51e995c7c5
eb12a261a24e54883613710a4c12f4d9205f634ca1a29d1df07f90105a93e746
f6194a1ed199cf2d85bf213ae0fa42fa050862a5dbd41316e1c0766986fb130a
fe5522c1cc4ca70ece5bda38fe4f194a5ab8c1dfff9166f9f5b367520199f392