freefire.ammonline.in Open in urlscan Pro
148.251.153.114 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://freefire.ammonline.in/
Effective URL:
https://freefire.ammonline.in/
Submission: On February 22 via api (February 22nd 2024, 9:12:59 pm UTC) from US — Scanned from DE

Summary HTTP 104 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 15 IPs in 6 countries across 13 domains to perform 104 HTTP transactions. The main IP is 148.251.153.114, located in Germany and belongs to HETZNER-AS, DE. The main domain is freefire.ammonline.in.
TLS certificate: Issued by R3 on January 25th 2024. Valid for: 3 months.

This is the only time freefire.ammonline.in was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 32	148.251.153.114 148.251.153.114	24940 (HETZNER-AS) (HETZNER-AS)
22	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1 10	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
2	35.214.149.91 35.214.149.91	15169 (GOOGLE) (GOOGLE)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:f2e:e7e1:e949:d33b	16509 (AMAZON-02) (AMAZON-02)
1 4	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	37.157.6.237 37.157.6.237	198622 (ADFORM) (ADFORM)
2 3	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
104	15

32 148.251.153.114 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: server541.iseencloud.net

freefire.ammonline.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.214.149.91 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 91.149.214.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:f2e:e7e1:e949:d33b (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.237 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.184.8.90 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 tpc.googlesyndication.com — Cisco Umbrella Rank: 158	611 KB
32	ammonline.in 1 redirects freefire.ammonline.in	2 MB
14	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 cm.g.doubleclick.net — Cisco Umbrella Rank: 264	143 KB
10	gstatic.com www.gstatic.com fonts.gstatic.com	120 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	4 KB
3	creativecdn.com 2 redirects creativecdn.com — Cisco Umbrella Rank: 502 cm.creativecdn.com — Cisco Umbrella Rank: 1938	2 KB
3	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	815 B
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 131
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 612	1 KB
2	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 378	470 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 622	363 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 536	714 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 797	463 B
104	13

	Domain	Requested by
32	freefire.ammonline.in	1 redirects freefire.ammonline.in
22	pagead2.googlesyndication.com	freefire.ammonline.in pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
15	tpc.googlesyndication.com	freefire.ammonline.in googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
10	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com freefire.ammonline.in googleads.g.doubleclick.net
7	www.gstatic.com	freefire.ammonline.in googleads.g.doubleclick.net
4	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net
4	fonts.googleapis.com	googleads.g.doubleclick.net freefire.ammonline.in
3	fonts.gstatic.com	fonts.googleapis.com
3	www.google.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
2	www.googleadservices.com
2	creativecdn.com	2 redirects
2	c1.adform.net	2 redirects
2	x.bidswitch.net	googleads.g.doubleclick.net
1	cm.creativecdn.com
1	dis.criteo.com	googleads.g.doubleclick.net
1	pr-bh.ybp.yahoo.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
104	17

This site contains links to these domains. Also see Links.

Domain
adorethemes.com

Subject Issuer	Validity	Valid
freefire.ammonline.in R3	`2024-01-25` - `2024-04-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
quantserve.com R3	`2023-12-27` - `2024-03-26`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-08` - `2024-05-07`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://freefire.ammonline.in/
Frame ID: 1CA8ACA2EAA62E467CBDFE32ED18D4EE
Requests: 42 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3285865141693599&output=html&adk=1812271804&adf=3025194257&lmt=1708636375&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ffreefire.ammonline.in%2F&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708636375380&bpp=2&bdt=318&idt=226&shv=r20240221&mjsv=m202402150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5681040343134&frm=20&pv=2&ga_vid=601978532.1708636376&ga_sid=1708636376&ga_hid=754359742&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081152%2C42532523%2C44795921%2C44809004%2C95322748%2C95324581%2C95325069%2C95320377%2C31080991%2C95324155%2C95324161&oid=2&pvsid=686135501654896&tmod=121358345&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=236
Frame ID: AD0346F54BC4B9BD326F91D110A30896
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3285865141693599&output=html&h=280&slotname=2455889015&adk=1992973437&adf=1082655397&pi=t.ma~as.2455889015&w=1200&fwrn=4&fwrnh=100&lmt=1708636375&rafmt=1&format=1200x280&url=https%3A%2F%2Ffreefire.ammonline.in%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708636375382&bpp=1&bdt=320&idt=239&shv=r20240221&mjsv=m202402150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5681040343134&frm=20&pv=1&ga_vid=601978532.1708636376&ga_sid=1708636376&ga_hid=754359742&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=165&ady=431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081152%2C42532523%2C44795921%2C44809004%2C95322748%2C95324581%2C95325069%2C95320377%2C31080991%2C95324155%2C95324161&oid=2&pvsid=686135501654896&tmod=121358345&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=242
Frame ID: C79DEF82B2DD95DEB5D60D2BC30F45F0
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3285865141693599&output=html&h=280&adk=2767623100&adf=226233620&pi=t.aa~a.697687507~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1708636376&rafmt=1&to=qs&pwprc=1520704538&format=1200x280&url=https%3A%2F%2Ffreefire.ammonline.in%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708636376357&bpp=1&bdt=1295&idt=-M&shv=r20240221&mjsv=m202402150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=2&correlator=5681040343134&frm=20&pv=1&ga_vid=601978532.1708636376&ga_sid=1708636376&ga_hid=754359742&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081152%2C42532523%2C44795921%2C44809004%2C95322748%2C95324581%2C95325069%2C95320377%2C31080991%2C95324155%2C95324161&oid=2&pvsid=686135501654896&tmod=121358345&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2
Frame ID: 4E8539ABABED416AC0B3831A7A3E08A7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3285865141693599&output=html&h=280&adk=43866455&adf=3204789416&pi=t.aa~a.50636243~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1708636376&rafmt=1&to=qs&pwprc=1520704538&format=1200x280&url=https%3A%2F%2Ffreefire.ammonline.in%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708636376357&bpp=1&bdt=1295&idt=-M&shv=r20240221&mjsv=m202402150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=3&correlator=5681040343134&frm=20&pv=1&ga_vid=601978532.1708636376&ga_sid=1708636376&ga_hid=754359742&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3865&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081152%2C42532523%2C44795921%2C44809004%2C95322748%2C95324581%2C95325069%2C95320377%2C31080991%2C95324155%2C95324161&oid=2&pvsid=686135501654896&tmod=121358345&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=4
Frame ID: 3693A66ED6487545022FE82FA0184A18
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3285865141693599&output=html&h=280&adk=3803512932&adf=1548155025&pi=t.aa~a.1486099375~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1708636376&rafmt=1&to=qs&pwprc=1520704538&format=1200x280&url=https%3A%2F%2Ffreefire.ammonline.in%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708636376357&bpp=1&bdt=1295&idt=0&shv=r20240221&mjsv=m202402150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=4&correlator=5681040343134&frm=20&pv=1&ga_vid=601978532.1708636376&ga_sid=1708636376&ga_hid=754359742&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081152%2C42532523%2C44795921%2C44809004%2C95322748%2C95324581%2C95325069%2C95320377%2C31080991%2C95324155%2C95324161&oid=2&pvsid=686135501654896&tmod=121358345&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=7
Frame ID: 7524D924DA7C30E1A82F37DBC913D9CC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Frame ID: 7A9D5611B86033C4E7FDD3044CE9BF4C
Requests: 6 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: BD9F714FACC9D2009829E90C1DCB29DE
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6DE8C9E8CBDABE9BAB606F693E63419D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/p5fnC8UiJgY_rpObzZ9ptSWDjQ2aRmww7Wqd7-i_gkQ.js
Frame ID: 9A6D8573F6324CE2DE896F09B3B99830
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/p5fnC8UiJgY_rpObzZ9ptSWDjQ2aRmww7Wqd7-i_gkQ.js
Frame ID: 16188D989A018B7A4B6017E725ED3262
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F951E394B227A5DCE1E76EE97AD6DDDC
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/p5fnC8UiJgY_rpObzZ9ptSWDjQ2aRmww7Wqd7-i_gkQ.js
Frame ID: 899C575FD2F077251CD184A854D58A93
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 38177BBD6778AA83AA9FA342F758287D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A724EB41846B17CBC531F3FFE3194C00
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Free Diamond In Free Fire - Free Fire Free Diamond Tricks

Page URL History Show full URLs

http://freefire.ammonline.in/ HTTP 301
https://freefire.ammonline.in/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

104
Requests

95 %
HTTPS

56 %
IPv6

13
Domains

17
Subdomains

15
IPs

6
Countries

2930 kB
Transfer

4964 kB
Size

13
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://adorethemes.com/
Title: Adore Themes

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://freefire.ammonline.in/ HTTP 301
https://freefire.ammonline.in/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 83

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOB3eZEFW8PD69tSC3j5Y14&google_cver=1&google_push=AXcoOmTecPoH_UvD8gJ1rdFHnYMK7CLqseDM4uO7mfBNDCUOw2eu_4y4OoT0bsbv9QAkG7dp9Gaqj2n_n9ZP01LtUIgdsyTPpTSNVBiW HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTecPoH_UvD8gJ1rdFHnYMK7CLqseDM4uO7mfBNDCUOw2eu_4y4OoT0bsbv9QAkG7dp9Gaqj2n_n9ZP01LtUIgdsyTPpTSNVBiW&google_hm=eS1nOGs2Njc5RTJwSFdOS2oyNFQyTWxyYm5SX3dkMVMxOX5B

Request Chain 86

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJ1ucQ1-Ci4khGAqjQUX-bA&google_cver=1&google_push=AXcoOmTI_2dTL-SB5hdGhjTSL4kwRgZwhYLMpq20Fr8MR5uQsry8GnoAgVD29uT-XwuPg_WfL_2x9fFqk5d-9fzjMKY-oiVr41WwS3Zu HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJ1ucQ1-Ci4khGAqjQUX-bA&google_cver=1&google_push=AXcoOmTI_2dTL-SB5hdGhjTSL4kwRgZwhYLMpq20Fr8MR5uQsry8GnoAgVD29uT-XwuPg_WfL_2x9fFqk5d-9fzjMKY-oiVr41WwS3Zu HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDE3ODIwMTA0MjYwMTYxMzUzMA&google_push=AXcoOmTI_2dTL-SB5hdGhjTSL4kwRgZwhYLMpq20Fr8MR5uQsry8GnoAgVD29uT-XwuPg_WfL_2x9fFqk5d-9fzjMKY-oiVr41WwS3Zu

Request Chain 87

https://creativecdn.com/cm-notify?pi=adxab&google_gid=CAESEPb4YqGB_-l3fo_X7ncTAxo&google_cver=1&google_push=AXcoOmRHR_s_iI0rooYsomNAUc5ALv5SMnCJnsIqnHeuTIsmsAENexh6rHEZ8nC7YiwrSQbQevDt5S1GJ43kZAojRnYWZjWlXUK5Eocddw HTTP 302
https://creativecdn.com/cm-notify?pi=adxab&google_gid=CAESEPb4YqGB_-l3fo_X7ncTAxo&google_cver=1&google_push=AXcoOmRHR_s_iI0rooYsomNAUc5ALv5SMnCJnsIqnHeuTIsmsAENexh6rHEZ8nC7YiwrSQbQevDt5S1GJ43kZAojRnYWZjWlXUK5Eocddw&tc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_ula=5153224&google_hm=ekOQsoibuxRBsf3zYxfaR-RDaP_miwjqqG6BhCfW-7A&pi=adx&pi=adxab&google_gid=CAESEPb4YqGB_-l3fo_X7ncTAxo&google_cver=1&google_push=AXcoOmRHR_s_iI0rooYsomNAUc5ALv5SMnCJnsIqnHeuTIsmsAENexh6rHEZ8nC7YiwrSQbQevDt5S1GJ43kZAojRnYWZjWlXUK5Eocddw&tc=1 HTTP 302
https://cm.creativecdn.com/adx/cm?v=2&pi=adx&pi=adxab&tc=1&google_error=5

Request Chain 91

https://googleads.g.doubleclick.net/pagead/adview?ai=C5rrr2LjXZcyzIOCAid4Pu7i9mAaqsJHmdOu9qaPBEaTn8u2VAhABIJetjElglQKgAav43-0CyAEJqQKVQJRmhS2yPqgDAcgDywSqBIUCT9CVG1A-yG4wNLdzf1z63TJq265xZUQXKbWNcQj8m58ckyf6x8O0V7uEH982CGkvHfh3nx9KwM7h0Ol83ThC1q44B2-n8OY7Niz3ky6-QrXn9FANvH5vFId26sttt1x23HpvzgO_6qqaDIbAUfxg6gMnoRySArksJXnOPpeJKOfSKqtPqRmR6s8_Lb5GblEO8xR7sDqw6EilxT2wDvB49KVVOUdPgejWd0m6QAs7lL9-qvjZOTR3BjKhlXT8V8W48NHDZFuDcG7WyiJqXaF-80GJUWmMNO3n40qNwtrt02m-ly7YV8TCBPKPEt1KF47c6S1KLUDmq3eJ7UZJWQCp2Z675s7hwASjsIX-xASIBb-arMNLkgUECAQYAZIFBAgFGASgBi6AB72HoJIBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAemvhvYBwDyBwQQoeYj0ggmCIDhgBAQARgfMgKqAjoJgECAgISAgIQISL39wTpY2oCPwu6_hAOaCTdodHRwczovL3d3dy5zdGFja2l0LmRlL2RlL3Byb2R1a3Qvc3RhY2tpdC1tb25nb2RiLWZsZXgvgAoByAsBuBPkA9gTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0zMjg1ODY1MTQxNjkzNTk5GAA&sigh=N4SsiD3aYHY&uach_m=%5BUACH%5D&ase=2&cid=CAQSPAAvHhf_zhyLqjNorNuLgWJn5OxR70fGD_Qxtt1Yr5Lhi7Q2q0HVwJBHg7cOX_i1VdJextre4k3wkhiCrhgB&template_id=484&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215960096919549532743%22,%22debug_reporting%22:true,%22destination%22:%22https://stackit.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22767032363%22],%2222%22:[%22true%22],%224%22:[%2202-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224327332357768964737%22}&andc=true

104 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
freefire.ammonline.in/
Redirect Chain

http://freefire.ammonline.in/
https://freefire.ammonline.in/

69 KB
12 KB

570ms
482ms

Document
text/html

148.251.153.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://freefire.ammonline.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.153.114 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: server541.iseencloud.net
Software: LiteSpeed / PHP/7.2.34
Resource Hash: bdc304fb0d3de14d2a6f75885e3ed939cdf63cfe8b55769d8e53a7658eb72284

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 22 Feb 2024 21:12:55 GMT
link: <https://freefire.ammonline.in/wp-json/>; rel="https://api.w.org/"
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.2.34

Redirect headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 707
content-type: text/html
date: Thu, 22 Feb 2024 21:12:54 GMT
location: https://freefire.ammonline.in/
server: LiteSpeed

GET
H2 200 style.min.css
freefire.ammonline.in/wp-includes/css/dist/block-library/ 108 KB
13 KB 45ms
43ms Stylesheet
text/css 148.251.153.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://freefire.ammonline.in/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3
Requested by: Host: freefire.ammonline.in
URL: https://freefire.ammonline.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.153.114 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: server541.iseencloud.net
Software: LiteSpeed /
Resource Hash: 0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freefire.ammonline.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:12:55 GMT
content-encoding: br
last-modified: Wed, 31 Jan 2024 14:14:13 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13600
expires: Thu, 29 Feb 2024 21:12:55 GMT

GET
H2 200 front_style.css
freefire.ammonline.in/wp-content/plugins/stickyadsbar/css/ 1 KB
480 B 87ms
85ms Stylesheet
text/css 148.251.153.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://freefire.ammonline.in/wp-content/plugins/stickyadsbar/css/front_style.css?ver=6.4.3
Requested by: Host: freefire.ammonline.in
URL: https://freefire.ammonline.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.153.114 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: server541.iseencloud.net
Software: LiteSpeed /
Resource Hash: fb2f873ab97c1e53286bdf23b5b28d17c38ba9e8f6a58d4d30f82a72a3c36046

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freefire.ammonline.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:12:55 GMT
content-encoding: br
last-modified: Fri, 17 Feb 2023 10:19:45 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 424
expires: Thu, 29 Feb 2024 21:12:55 GMT

GET
H2 200 5d01dba1418605a8e28e98e4cee65136.css
freefire.ammonline.in/wp-content/fonts/ 7 KB
669 B 90ms
88ms Stylesheet
text/css 148.251.153.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://freefire.ammonline.in/wp-content/fonts/5d01dba1418605a8e28e98e4cee65136.css
Requested by: Host: freefire.ammonline.in
URL: https://freefire.ammonline.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.153.114 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: server541.iseencloud.net
Software: LiteSpeed /
Resource Hash: aa690a627d2a30d05c34abf707d561c00f898a24258454688f6c65ac7fabe049

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freefire.ammonline.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:12:55 GMT
content-encoding: br
last-modified: Thu, 27 Oct 2022 08:44:21 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 613
expires: Thu, 29 Feb 2024 21:12:55 GMT

GET
H2 200 slick.min.css
freefire.ammonline.in/wp-content/themes/collective-news/assets/css/ 1 KB
449 B 83ms
82ms Stylesheet
text/css 148.251.153.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://freefire.ammonline.in/wp-content/themes/collective-news/assets/css/slick.min.css?ver=1.8.0
Requested by: Host: freefire.ammonline.in
URL: https://freefire.ammonline.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.153.114 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: server541.iseencloud.net
Software: LiteSpeed /
Resource Hash: caf46c90f4c85259ea326f121c4ae6d20e113f9efeb9756dabe4f8b374d087d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freefire.ammonline.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:12:55 GMT
content-encoding: br
last-modified: Wed, 26 Oct 2022 19:19:37 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 393
expires: Thu, 29 Feb 2024 21:12:55 GMT

GET
H2 200 fontawesome.min.css
freefire.ammonline.in/wp-content/themes/collective-news/assets/css/ 58 KB
12 KB 89ms
87ms Stylesheet
text/css 148.251.153.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://freefire.ammonline.in/wp-content/themes/collective-news/assets/css/fontawesome.min.css?ver=1.8.0
Requested by: Host: freefire.ammonline.in
URL: https://freefire.ammonline.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.153.114 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: server541.iseencloud.net
Software: LiteSpeed /
Resource Hash: b5e38de32d149f2263d86a25f0db6e63418e296f5c42f004f1ad157b5062db96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freefire.ammonline.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:12:55 GMT
content-encoding: br
last-modified: Wed, 26 Oct 2022 19:19:37 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 12374
expires: Thu, 29 Feb 2024 21:12:55 GMT

GET
H2 200 endless-river.min.css
freefire.ammonline.in/wp-content/themes/collective-news/assets/css/ 538 B
228 B 89ms
88ms Stylesheet
text/css 148.251.153.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://freefire.ammonline.in/wp-content/themes/collective-news/assets/css/endless-river.min.css?ver=1.8.0
Requested by: Host: freefire.ammonline.in
URL: https://freefire.ammonline.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.153.114 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: server541.iseencloud.net
Software: LiteSpeed /
Resource Hash: af8e228d0e1f26bdccc4cc9f575c7c028e752775568623eb3a48c974dcd46a20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freefire.ammonline.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:12:55 GMT
content-encoding: br
last-modified: Wed, 26 Oct 2022 19:19:37 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 195
expires: Thu, 29 Feb 2024 21:12:55 GMT

GET
H2 200 blocks.min.css
freefire.ammonline.in/wp-content/themes/collective-news/assets/css/ 12 KB
2 KB 89ms
87ms Stylesheet
text/css 148.251.153.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://freefire.ammonline.in/wp-content/themes/collective-news/assets/css/blocks.min.css?ver=6.4.3
Requested by: Host: freefire.ammonline.in
URL: https://freefire.ammonline.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.153.114 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: server541.iseencloud.net
Software: LiteSpeed /
Resource Hash: dbaf719b79ad5dc5eeb08a4b32bdf1efc8645a980bfabb9120007fc00fe890bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freefire.ammonline.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:12:55 GMT
content-encoding: br
last-modified: Wed, 26 Oct 2022 19:19:37 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2123
expires: Thu, 29 Feb 2024 21:12:55 GMT

GET
H2 200 style.css
freefire.ammonline.in/wp-content/themes/collective-news/ 137 KB
19 KB 84ms
82ms Stylesheet
text/css 148.251.153.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://freefire.ammonline.in/wp-content/themes/collective-news/style.css?ver=1.0.0
Requested by: Host: freefire.ammonline.in
URL: https://freefire.ammonline.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.153.114 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: server541.iseencloud.net
Software: LiteSpeed /
Resource Hash: a1f50102d9602421b3c30d1ec91165a040af289e61598394ba135a2028014a16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freefire.ammonline.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:12:55 GMT
content-encoding: br
last-modified: Wed, 26 Oct 2022 19:19:41 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 19099
expires: Thu, 29 Feb 2024 21:12:55 GMT

GET
H2 200 jquery.min.js Show response
freefire.ammonline.in/wp-includes/js/jquery/ 86 KB
29 KB 85ms
84ms Script
application/javascript 148.251.153.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://freefire.ammonline.in/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: freefire.ammonline.in
URL: https://freefire.ammonline.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.153.114 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: server541.iseencloud.net
Software: LiteSpeed /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freefire.ammonline.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:12:55 GMT
content-encoding: br
last-modified: Tue, 07 Nov 2023 21:32:19 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 29744
expires: Thu, 29 Feb 2024 21:12:55 GMT

GET
H2 200 jquery-migrate.min.js Show response
freefire.ammonline.in/wp-includes/js/jquery/ 13 KB
5 KB 87ms
86ms Script
application/javascript 148.251.153.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://freefire.ammonline.in/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: freefire.ammonline.in
URL: https://freefire.ammonline.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.153.114 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: server541.iseencloud.net
Software: LiteSpeed /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freefire.ammonline.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:12:55 GMT
content-encoding: br
last-modified: Wed, 09 Aug 2023 09:07:30 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4678
expires: Thu, 29 Feb 2024 21:12:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 153 KB
51 KB 128ms
68ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3285865141693599

Requested by

Host: freefire.ammonline.in
URL: https://freefire.ammonline.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

80e7df40706b98af0642339f97f7729d5d098614c9d94fbec96bb44dc4dc8f91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freefire.ammonline.in/
Origin: https://freefire.ammonline.in
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:12:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51864
x-xss-protection: 0
server: cafe
etag: 16924964263483977044
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Thu, 22 Feb 2024 21:12:55 GMT

GET
H2 200 navigation.min.js Show response
freefire.ammonline.in/wp-content/themes/collective-news/assets/js/ 1 KB
499 B 131ms
130ms Script
application/javascript 148.251.153.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://freefire.ammonline.in/wp-content/themes/collective-news/assets/js/navigation.min.js?ver=1.0.0
Requested by: Host: freefire.ammonline.in
URL: https://freefire.ammonline.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.153.114 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: server541.iseencloud.net
Software: LiteSpeed /
Resource Hash: e41a7f04a7ee5039f882bc018d3f8123784cb1e6039be786e139a8df36d55621

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freefire.ammonline.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:12:55 GMT
content-encoding: br
last-modified: Wed, 26 Oct 2022 19:19:40 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 443
expires: Thu, 29 Feb 2024 21:12:55 GMT

GET
H2 200 slick.min.js Show response
freefire.ammonline.in/wp-content/themes/collective-news/assets/js/ 43 KB
10 KB 89ms
88ms Script
application/javascript 148.251.153.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://freefire.ammonline.in/wp-content/themes/collective-news/assets/js/slick.min.js?ver=1.8.0
Requested by: Host: freefire.ammonline.in
URL: https://freefire.ammonline.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.153.114 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: server541.iseencloud.net
Software: LiteSpeed /
Resource Hash: a1a49c85ae2db19ca7ad2bd54a706a632f8c9534c609acee3388f116df3bc53d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freefire.ammonline.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:12:55 GMT
content-encoding: br
last-modified: Wed, 26 Oct 2022 19:19:41 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 10036
expires: Thu, 29 Feb 2024 21:12:55 GMT

GET
H2 200 endless-river.min.js Show response
freefire.ammonline.in/wp-content/themes/collective-news/assets/js/ 2 KB
832 B 130ms
129ms Script
application/javascript 148.251.153.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://freefire.ammonline.in/wp-content/themes/collective-news/assets/js/endless-river.min.js?ver=1.8.0
Requested by: Host: freefire.ammonline.in
URL: https://freefire.ammonline.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.153.114 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: server541.iseencloud.net
Software: LiteSpeed /
Resource Hash: df4c28cc9cbaea711348a4efeb70f3bed5d72535e43f41b2a4ab11ac6de17941

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freefire.ammonline.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:12:55 GMT
content-encoding: br
last-modified: Wed, 26 Oct 2022 19:19:41 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 800
expires: Thu, 29 Feb 2024 21:12:55 GMT

GET
H2 200 custom.min.js Show response
freefire.ammonline.in/wp-content/themes/collective-news/assets/js/ 10 KB
2 KB 132ms
131ms Script
application/javascript 148.251.153.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://freefire.ammonline.in/wp-content/themes/collective-news/assets/js/custom.min.js?ver=1.0.0
Requested by: Host: freefire.ammonline.in
URL: https://freefire.ammonline.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.153.114 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: server541.iseencloud.net
Software: LiteSpeed /
Resource Hash: beaa4e20abc3a3d0d09715c0edf0670624a39512cbb2f52d85d7faf295f9c2b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freefire.ammonline.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:12:55 GMT
content-encoding: br
last-modified: Wed, 26 Oct 2022 19:19:40 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1690
expires: Thu, 29 Feb 2024 21:12:55 GMT

GET
H2 200 smush-lazy-load.min.js Show response
freefire.ammonline.in/wp-content/plugins/wp-smushit/app/assets/js/ 8 KB
4 KB 132ms
132ms Script
application/javascript 148.251.153.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://freefire.ammonline.in/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js?ver=3.12.5
Requested by: Host: freefire.ammonline.in
URL: https://freefire.ammonline.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.153.114 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: server541.iseencloud.net
Software: LiteSpeed /
Resource Hash: f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freefire.ammonline.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:12:55 GMT
content-encoding: br
last-modified: Fri, 24 Feb 2023 13:55:43 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3544
expires: Thu, 29 Feb 2024 21:12:55 GMT

GET
BLOB 200
OK 74e298ca-1c17-45ad-ba61-9c26e6a00e53
https://freefire.ammonline.in/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://freefire.ammonline.in/74e298ca-1c17-45ad-ba61-9c26e6a00e53
Requested by: Host: freefire.ammonline.in
URL: https://freefire.ammonline.in/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 cropped-Rose-Gold-Brush-Glitter-Feminine-Boutique-Circle-Logo.png
freefire.ammonline.in/wp-content/uploads/2022/10/ 39 KB
39 KB 122ms
122ms Image
image/png 148.251.153.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freefire.ammonline.in/wp-content/uploads/2022/10/cropped-Rose-Gold-Brush-Glitter-Feminine-Boutique-Circle-Logo.png
Requested by: Host: freefire.ammonline.in
URL: https://freefire.ammonline.in/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 148.251.153.114 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: server541.iseencloud.net
Software: LiteSpeed /
Resource Hash: fdb4dc37905969400d132343ac4e12473c8b0620dc724c8c5e444d946e4ab38d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freefire.ammonline.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:12:55 GMT
last-modified: Mon, 31 Oct 2022 18:23:04 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 39960
expires: Thu, 29 Feb 2024 21:12:55 GMT

GET
H3 200 17b29-16388567511718-1920.webp
freefire.ammonline.in/wp-content/uploads/2022/10/ 174 KB
175 KB 158ms
158ms Image
image/webp 148.251.153.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freefire.ammonline.in/wp-content/uploads/2022/10/17b29-16388567511718-1920.webp
Requested by: Host: freefire.ammonline.in
URL: https://freefire.ammonline.in/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 148.251.153.114 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: server541.iseencloud.net
Software: LiteSpeed /
Resource Hash: 831b9054fc3204290e086ab1fc1e447a23de2fa6b34c284916e54ad176e066f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freefire.ammonline.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:12:55 GMT
last-modified: Sat, 22 Oct 2022 08:20:37 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 178672
expires: Thu, 29 Feb 2024 21:12:55 GMT

GET
H3 200 cropped-unnamed.png
freefire.ammonline.in/wp-content/uploads/2022/10/ 185 KB
185 KB 52ms
52ms Image
image/png 148.251.153.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freefire.ammonline.in/wp-content/uploads/2022/10/cropped-unnamed.png
Requested by: Host: freefire.ammonline.in
URL: https://freefire.ammonline.in/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 148.251.153.114 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: server541.iseencloud.net
Software: LiteSpeed /
Resource Hash: 20da84c2e78605471493256c265aa2a0507d6a6556028327f10d0b1a3ed09bbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freefire.ammonline.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:12:55 GMT
last-modified: Thu, 27 Oct 2022 08:40:08 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 189488
expires: Thu, 29 Feb 2024 21:12:55 GMT

GET
H3 200 Google-Play-Redeem-Code.png
freefire.ammonline.in/wp-content/uploads/2022/10/ 9 KB
9 KB 51ms
51ms Image
image/png 148.251.153.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freefire.ammonline.in/wp-content/uploads/2022/10/Google-Play-Redeem-Code.png
Requested by: Host: freefire.ammonline.in
URL: https://freefire.ammonline.in/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 148.251.153.114 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: server541.iseencloud.net
Software: LiteSpeed /
Resource Hash: 167f43e4e455b0d188fe18268463efd5cb09a03e7980f2b2ebe7acbfe6e2068b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freefire.ammonline.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:12:55 GMT
last-modified: Sat, 22 Oct 2022 08:16:27 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 9649
expires: Thu, 29 Feb 2024 21:12:55 GMT

GET
H3 200 7Auwp_0qiz-afTLGLQ.woff2
freefire.ammonline.in/wp-content/fonts/muli/ 30 KB
31 KB 45ms
45ms Font
font/woff2 148.251.153.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://freefire.ammonline.in/wp-content/fonts/muli/7Auwp_0qiz-afTLGLQ.woff2
Requested by: Host: freefire.ammonline.in
URL: https://freefire.ammonline.in/wp-content/fonts/5d01dba1418605a8e28e98e4cee65136.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 148.251.153.114 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: server541.iseencloud.net
Software: LiteSpeed /
Resource Hash: 2a04078f9550381b5148170ceaf5b378a1b31ed8274c6d0094aeba6f599462cc

Request headers

Referer: https://freefire.ammonline.in/wp-content/fonts/5d01dba1418605a8e28e98e4cee65136.css
Origin: https://freefire.ammonline.in
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:12:55 GMT
last-modified: Wed, 26 Oct 2022 19:23:46 GMT
server: LiteSpeed
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 31196
expires: Thu, 29 Feb 2024 21:12:55 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
freefire.ammonline.in/wp-content/fonts/roboto/ 15 KB
16 KB 80ms
80ms Font
font/woff2 148.251.153.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://freefire.ammonline.in/wp-content/fonts/roboto/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by: Host: freefire.ammonline.in
URL: https://freefire.ammonline.in/wp-content/fonts/5d01dba1418605a8e28e98e4cee65136.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 148.251.153.114 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: server541.iseencloud.net
Software: LiteSpeed /
Resource Hash: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Request headers

Referer: https://freefire.ammonline.in/wp-content/fonts/5d01dba1418605a8e28e98e4cee65136.css
Origin: https://freefire.ammonline.in
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:12:55 GMT
last-modified: Wed, 26 Oct 2022 19:23:47 GMT
server: LiteSpeed
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 15860
expires: Thu, 29 Feb 2024 21:12:55 GMT

GET
H3 200 fa-solid-900.woff2
freefire.ammonline.in/wp-content/themes/collective-news/assets/webfonts/ 76 KB
77 KB 88ms
88ms Font
font/woff2 148.251.153.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://freefire.ammonline.in/wp-content/themes/collective-news/assets/webfonts/fa-solid-900.woff2
Requested by: Host: freefire.ammonline.in
URL: https://freefire.ammonline.in/wp-content/themes/collective-news/assets/css/fontawesome.min.css?ver=1.8.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 148.251.153.114 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: server541.iseencloud.net
Software: LiteSpeed /
Resource Hash: 9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Request headers

Referer: https://freefire.ammonline.in/wp-content/themes/collective-news/assets/css/fontawesome.min.css?ver=1.8.0
Origin: https://freefire.ammonline.in
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:12:55 GMT
last-modified: Wed, 26 Oct 2022 19:19:38 GMT
server: LiteSpeed
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 78268
expires: Thu, 29 Feb 2024 21:12:55 GMT

GET
H3 200 fa-regular-400.woff2
freefire.ammonline.in/wp-content/themes/collective-news/assets/webfonts/ 13 KB
13 KB 116ms
116ms Font
font/woff2 148.251.153.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://freefire.ammonline.in/wp-content/themes/collective-news/assets/webfonts/fa-regular-400.woff2
Requested by: Host: freefire.ammonline.in
URL: https://freefire.ammonline.in/wp-content/themes/collective-news/assets/css/fontawesome.min.css?ver=1.8.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 148.251.153.114 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: server541.iseencloud.net
Software: LiteSpeed /
Resource Hash: e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca

Request headers

Referer: https://freefire.ammonline.in/wp-content/themes/collective-news/assets/css/fontawesome.min.css?ver=1.8.0
Origin: https://freefire.ammonline.in
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:12:55 GMT
last-modified: Wed, 26 Oct 2022 19:19:39 GMT
server: LiteSpeed
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13224
expires: Thu, 29 Feb 2024 21:12:55 GMT

GET
H3 200 loader.gif
freefire.ammonline.in/wp-content/themes/collective-news/assets/ 88 KB
88 KB 148ms
148ms Image
image/gif 148.251.153.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freefire.ammonline.in/wp-content/themes/collective-news/assets/loader.gif
Requested by: Host: freefire.ammonline.in
URL: https://freefire.ammonline.in/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 148.251.153.114 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: server541.iseencloud.net
Software: LiteSpeed /
Resource Hash: afbc2aaf1a512aabb64b23add647fcbbeb1864d3626f23ecddfb41d277417ccc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freefire.ammonline.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:12:55 GMT
last-modified: Wed, 26 Oct 2022 19:19:40 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 90247
expires: Thu, 29 Feb 2024 21:12:55 GMT

GET
H3 200 FreeFire_Skin_TheStreets-1536x864-1.jpg
freefire.ammonline.in/wp-content/uploads/2022/12/ 125 KB
125 KB 109ms
108ms Image
image/jpeg 148.251.153.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freefire.ammonline.in/wp-content/uploads/2022/12/FreeFire_Skin_TheStreets-1536x864-1.jpg
Requested by: Host: freefire.ammonline.in
URL: https://freefire.ammonline.in/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 148.251.153.114 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: server541.iseencloud.net
Software: LiteSpeed /
Resource Hash: 970b2c0d5a67640ff89678061839b6a571b76be2ff1afc266f1e457c902ea6fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freefire.ammonline.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:12:55 GMT
last-modified: Fri, 30 Dec 2022 03:56:51 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 128343
expires: Thu, 29 Feb 2024 21:12:55 GMT

GET
H3 200 FreeFire_Skin_GalaxyDino-1536x864-1.jpg
freefire.ammonline.in/wp-content/uploads/2022/12/ 203 KB
203 KB 146ms
146ms Image
image/jpeg 148.251.153.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freefire.ammonline.in/wp-content/uploads/2022/12/FreeFire_Skin_GalaxyDino-1536x864-1.jpg
Requested by: Host: freefire.ammonline.in
URL: https://freefire.ammonline.in/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 148.251.153.114 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: server541.iseencloud.net
Software: LiteSpeed /
Resource Hash: b977f134762a2eb9565c8c385664c4051366e58bbd1d3d5fbc7995e76afa5136

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freefire.ammonline.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:12:55 GMT
last-modified: Fri, 30 Dec 2022 01:50:40 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 207474
expires: Thu, 29 Feb 2024 21:12:55 GMT

GET
H3 200 wp-emoji-release.min.js Show response
freefire.ammonline.in/wp-includes/js/ 18 KB
5 KB 144ms
144ms Script
application/javascript 148.251.153.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://freefire.ammonline.in/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3
Requested by: Host: freefire.ammonline.in
URL: https://freefire.ammonline.in/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 148.251.153.114 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: server541.iseencloud.net
Software: LiteSpeed /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freefire.ammonline.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:12:55 GMT
content-encoding: br
last-modified: Wed, 29 Mar 2023 21:15:44 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4651
expires: Thu, 29 Feb 2024 21:12:55 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402150101/ 407 KB
138 KB 133ms
80ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3285865141693599&plah=freefire.ammonline.in&aplac=true

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3285865141693599

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3bfbdd25b0a0cf2bdb65138e70e8632c4c948d9eca8cf1b3e3a739b2a921dea6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freefire.ammonline.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:12:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141347
x-xss-protection: 0
server: cafe
etag: 3497252100184386149
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 22 Feb 2024 21:12:55 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AD03 210 KB
55 KB 662ms
609ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3285865141693599&output=html&adk=1812271804&adf=3025194257&lmt=1708636375&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ffreefire.ammonline.in%2F&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708636375380&bpp=2&bdt=318&idt=226&shv=r20240221&mjsv=m202402150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5681040343134&frm=20&pv=2&ga_vid=601978532.1708636376&ga_sid=1708636376&ga_hid=754359742&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081152%2C42532523%2C44795921%2C44809004%2C95322748%2C95324581%2C95325069%2C95320377%2C31080991%2C95324155%2C95324161&oid=2&pvsid=686135501654896&tmod=121358345&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=236

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3285865141693599&plah=freefire.ammonline.in&aplac=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df32cdebd4d17f51b2d20e0138535bf7ea0eabcd8dfe238b14f48ae973920170

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freefire.ammonline.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 56195
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Feb 2024 21:12:56 GMT
expires: Thu, 22 Feb 2024 21:12:56 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 54ms
54ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=loader&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: freefire.ammonline.in
URL: https://freefire.ammonline.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freefire.ammonline.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Feb 2024 21:12:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 55ms
54ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=loader&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: freefire.ammonline.in
URL: https://freefire.ammonline.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freefire.ammonline.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Feb 2024 21:12:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C79D 120 KB
41 KB 1139ms
1093ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3285865141693599&output=html&h=280&slotname=2455889015&adk=1992973437&adf=1082655397&pi=t.ma~as.2455889015&w=1200&fwrn=4&fwrnh=100&lmt=1708636375&rafmt=1&format=1200x280&url=https%3A%2F%2Ffreefire.ammonline.in%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708636375382&bpp=1&bdt=320&idt=239&shv=r20240221&mjsv=m202402150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5681040343134&frm=20&pv=1&ga_vid=601978532.1708636376&ga_sid=1708636376&ga_hid=754359742&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=165&ady=431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081152%2C42532523%2C44795921%2C44809004%2C95322748%2C95324581%2C95325069%2C95320377%2C31080991%2C95324155%2C95324161&oid=2&pvsid=686135501654896&tmod=121358345&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=242

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdecf186b06c21819f46ec6d692cc604da4fc37d1f52d67e45e9cefe0f71cad2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freefire.ammonline.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 41418
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Feb 2024 21:12:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402150101/ 166 KB
56 KB 73ms
73ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402150101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b48b400adbd95cfd0ce19e35fed7d6303704913b22f2a0d8de01a4a461b66092

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freefire.ammonline.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:12:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57358
x-xss-protection: 0
server: cafe
etag: 15107835892249985834
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Feb 2024 21:12:56 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4E85 850 B
704 B 562ms
562ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3285865141693599&output=html&h=280&adk=2767623100&adf=226233620&pi=t.aa~a.697687507~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1708636376&rafmt=1&to=qs&pwprc=1520704538&format=1200x280&url=https%3A%2F%2Ffreefire.ammonline.in%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708636376357&bpp=1&bdt=1295&idt=-M&shv=r20240221&mjsv=m202402150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=2&correlator=5681040343134&frm=20&pv=1&ga_vid=601978532.1708636376&ga_sid=1708636376&ga_hid=754359742&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081152%2C42532523%2C44795921%2C44809004%2C95322748%2C95324581%2C95325069%2C95320377%2C31080991%2C95324155%2C95324161&oid=2&pvsid=686135501654896&tmod=121358345&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43e75dcd4d9cd0498a5244a676b51f8ddbf93a83a3925e16c4a1f05aa3297f1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freefire.ammonline.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 405
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Feb 2024 21:12:56 GMT
expires: Thu, 22 Feb 2024 21:12:56 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3693 117 KB
41 KB 593ms
593ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3285865141693599&output=html&h=280&adk=43866455&adf=3204789416&pi=t.aa~a.50636243~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1708636376&rafmt=1&to=qs&pwprc=1520704538&format=1200x280&url=https%3A%2F%2Ffreefire.ammonline.in%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708636376357&bpp=1&bdt=1295&idt=-M&shv=r20240221&mjsv=m202402150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=3&correlator=5681040343134&frm=20&pv=1&ga_vid=601978532.1708636376&ga_sid=1708636376&ga_hid=754359742&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3865&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081152%2C42532523%2C44795921%2C44809004%2C95322748%2C95324581%2C95325069%2C95320377%2C31080991%2C95324155%2C95324161&oid=2&pvsid=686135501654896&tmod=121358345&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce4a77d717c205c37a7b29583a10accef9f841d7c8bf0128a71c34f36b21ff9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freefire.ammonline.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41666
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Feb 2024 21:12:56 GMT
expires: Thu, 22 Feb 2024 21:12:56 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7524 850 B
707 B 481ms
481ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3285865141693599&output=html&h=280&adk=3803512932&adf=1548155025&pi=t.aa~a.1486099375~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1708636376&rafmt=1&to=qs&pwprc=1520704538&format=1200x280&url=https%3A%2F%2Ffreefire.ammonline.in%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708636376357&bpp=1&bdt=1295&idt=0&shv=r20240221&mjsv=m202402150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=4&correlator=5681040343134&frm=20&pv=1&ga_vid=601978532.1708636376&ga_sid=1708636376&ga_hid=754359742&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081152%2C42532523%2C44795921%2C44809004%2C95322748%2C95324581%2C95325069%2C95320377%2C31080991%2C95324155%2C95324161&oid=2&pvsid=686135501654896&tmod=121358345&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=7

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c0ae6bf735036583e048832679af3ee44befca7f67434d3aeeae361efc88bb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freefire.ammonline.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 408
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Feb 2024 21:12:56 GMT
expires: Thu, 22 Feb 2024 21:12:56 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 54ms
54ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pflna&evt=place&vh=1200&eid=44759876%2C44759927%2C44759837%2C31081152%2C42532523%2C44795921%2C44809004%2C95322748%2C95324581%2C95325069%2C95320377%2C31080991%2C95324155%2C95324161&hl=hi&pvc=686135501654896

Requested by

Host: freefire.ammonline.in
URL: https://freefire.ammonline.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freefire.ammonline.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Feb 2024 21:12:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup_inhead_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/ Frame 7A9D 9 KB
4 KB 24ms
24ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4d94af534c700b4cc663a664528a8578fb4f73f09df71d98f331f70ae8f101b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freefire.ammonline.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 7151
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4202
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Feb 2024 19:13:45 GMT
etag: 16527497774665505917
expires: Thu, 07 Mar 2024 19:13:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 7A9D 5 KB
767 B 89ms
35ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 22 Feb 2024 21:12:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 22 Feb 2024 19:29:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 22 Feb 2024 21:12:56 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame BD9F 14 KB
2 KB 81ms
34ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: freefire.ammonline.in
URL: https://freefire.ammonline.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 22 Feb 2024 21:12:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 22 Feb 2024 20:06:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 22 Feb 2024 21:12:56 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame BD9F 2 KB
903 B 92ms
36ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: freefire.ammonline.in
URL: https://freefire.ammonline.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 23:07:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79556
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Mar 2024 23:07:00 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/ Frame BD9F 23 KB
9 KB 93ms
37ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/abg_lite_fy2021.js

Requested by

Host: freefire.ammonline.in
URL: https://freefire.ammonline.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec1d799ea15ca9389d9dcd1f5d5c9698d612204464a24020099137878484a168

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 23:05:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79642
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8988
x-xss-protection: 0
server: cafe
etag: 12564770436581814922
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Mar 2024 23:05:34 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6DE8 143 B
166 B 25ms
25ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: freefire.ammonline.in
URL: https://freefire.ammonline.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1727
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Feb 2024 20:44:09 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame BD9F 3 KB
1 KB 92ms
36ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/window_focus_fy2021.js

Requested by

Host: freefire.ammonline.in
URL: https://freefire.ammonline.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 23:01:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79901
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Mar 2024 23:01:15 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame BD9F 20 KB
8 KB 82ms
27ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: freefire.ammonline.in
URL: https://freefire.ammonline.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 23:01:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79901
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8211
x-xss-protection: 0
server: cafe
etag: 3968847549730513390
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Mar 2024 23:01:15 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame BD9F 204 KB
61 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: freefire.ammonline.in
URL: https://freefire.ammonline.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48639bd7695fc270e23859d9b74231f49bc78f05e3a96ed0332a9b0b80d8c2e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 20:38:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2073
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62854
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 22 Feb 2024 21:38:23 GMT

GET
H2 200 c0f9635aabdd33ab086e3930fa461563.js Show response
www.gstatic.com/mysidia/ Frame BD9F 36 KB
15 KB 82ms
26ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c0f9635aabdd33ab086e3930fa461563.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: freefire.ammonline.in
URL: https://freefire.ammonline.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 07:44:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 134932
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15250
x-xss-protection: 0
last-modified: Fri, 16 Feb 2024 00:22:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 21 May 2024 07:44:04 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/elements/html/ Frame 7A9D 15 KB
6 KB 107ms
54ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b61d8691097f35768bf7d91d6cd291fcfb2bb2cb5334ae145faf11e652e0ef6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 23:51:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76890
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6496
x-xss-protection: 0
server: cafe
etag: 2240975554753911238
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Mar 2024 23:51:26 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7A9D 205 B
296 B 87ms
33ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 23:53:15 GMT
x-content-type-options: nosniff
age: 163181
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 19 Feb 2025 23:53:15 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7A9D 604 B
920 B 86ms
33ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 04:03:39 GMT
x-content-type-options: nosniff
age: 148157
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 20 Feb 2025 04:03:39 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/elements/html/ Frame 7A9D 22 KB
9 KB 82ms
30ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce8c05a7248a3803ffc6d3a871f42b125e2358c700a59e082501d81d5c94400b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 23:51:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76890
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9139
x-xss-protection: 0
server: cafe
etag: 14231659491099539135
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Mar 2024 23:51:26 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6DE8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

33ms
32ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Feb 2024 21:12:56 GMT
expires: Thu, 22 Feb 2024 21:12:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Feb 2024 21:12:56 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 p5fnC8UiJgY_rpObzZ9ptSWDjQ2aRmww7Wqd7-i_gkQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 9A6D 51 KB
19 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/p5fnC8UiJgY_rpObzZ9ptSWDjQ2aRmww7Wqd7-i_gkQ.js

Requested by

Host: freefire.ammonline.in
URL: https://freefire.ammonline.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a797e70bc52226063fae939bcd9f69b525838d0d9a466c30ed6a9defe8bf8244

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 14:08:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 198296
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19860
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Feb 2025 14:08:00 GMT

GET
H2 200 5d115d22c534f80a76417856e32eef9c.js Show response
www.gstatic.com/mysidia/ Frame C79D 8 KB
4 KB 29ms
27ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5d115d22c534f80a76417856e32eef9c.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3285865141693599&output=html&h=280&slotname=2455889015&adk=1992973437&adf=1082655397&pi=t.ma~as.2455889015&w=1200&fwrn=4&fwrnh=100&lmt=1708636375&rafmt=1&format=1200x280&url=https%3A%2F%2Ffreefire.ammonline.in%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708636375382&bpp=1&bdt=320&idt=239&shv=r20240221&mjsv=m202402150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5681040343134&frm=20&pv=1&ga_vid=601978532.1708636376&ga_sid=1708636376&ga_hid=754359742&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=165&ady=431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081152%2C42532523%2C44795921%2C44809004%2C95322748%2C95324581%2C95325069%2C95320377%2C31080991%2C95324155%2C95324161&oid=2&pvsid=686135501654896&tmod=121358345&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=242

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04fa628bda6f9b1ab5f71827ce6c71e8c6ad495a3a5a0ed8858c6f5b2f0513ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 07:59:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 133983
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3749
x-xss-protection: 0
last-modified: Tue, 13 Feb 2024 01:25:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 21 May 2024 07:59:53 GMT

GET
H2 200 39b1936085524998ebfc7677a2ba517e.js Show response
www.gstatic.com/mysidia/ Frame C79D 10 KB
4 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/39b1936085524998ebfc7677a2ba517e.js?tag=text/vanilla_highlight_ms

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1a9b4d4a874d9284ffcbc5f13a10e05dbfc8697abedafdaa52f0b86d6e345b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 07:33:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 135588
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4466
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 19:17:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 21 May 2024 07:33:08 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C79D 14 KB
1 KB 37ms
36ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 22 Feb 2024 21:12:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 22 Feb 2024 20:57:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 22 Feb 2024 21:12:56 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame C79D 2 KB
822 B 30ms
29ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 23:21:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78714
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Mar 2024 23:21:02 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/ Frame C79D 23 KB
9 KB 29ms
27ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec1d799ea15ca9389d9dcd1f5d5c9698d612204464a24020099137878484a168

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 23:01:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79901
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8988
x-xss-protection: 0
server: cafe
etag: 12564770436581814922
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Mar 2024 23:01:15 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame C79D 3 KB
1 KB 31ms
29ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 23:21:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78714
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Mar 2024 23:21:02 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame C79D 20 KB
8 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 23:21:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78715
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8211
x-xss-protection: 0
server: cafe
etag: 3968847549730513390
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Mar 2024 23:21:01 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame C79D 204 KB
61 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48639bd7695fc270e23859d9b74231f49bc78f05e3a96ed0332a9b0b80d8c2e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 20:38:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2073
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62854
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 22 Feb 2024 21:38:23 GMT

GET
H2 200 c0f9635aabdd33ab086e3930fa461563.js Show response
www.gstatic.com/mysidia/ Frame C79D 36 KB
15 KB 29ms
27ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c0f9635aabdd33ab086e3930fa461563.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 07:44:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 134932
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15250
x-xss-protection: 0
last-modified: Fri, 16 Feb 2024 00:22:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 21 May 2024 07:44:04 GMT

GET
DATA 200
OK truncated
/ Frame C79D 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa9bfb3e8295537577e78f241f76648ad07dda6841731daaecb59ca62e275d0c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame C79D 33 KB
34 KB 90ms
28ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 04:54:54 GMT
x-content-type-options: nosniff
age: 145082
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Feb 2025 04:54:54 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C79D 0
0 63ms
63ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cw8k917jXZZvUM5Whid4PvJyb-Ai7jKPMdaTp6JvcEdnZHhABIJetjElglQKgAfOP-6kpyAEBqQKVQJRmhS2yPqgDAcgDywSqBI8CT9CtW-ldJJNrPFWXX-8qjelszdr5D76Zq5IUpu0wN4JmK33DtMdFdtFg4eEvCJNFpaYWlSYTOlWCW9PUTsCI6AcB2ztWh2jRD3bWLl2L9-Jc3YHFHVR_xjd-k0Qsl51F_8KJaoqUGdqCYYu0B0qkJj5KGFfRhJ2DanERYr9HuezLeCy5hQTfLSuUOOXVKdej0hbJQXCrK4p66p_faNmceOlaWXKV3yN5UKNbSUO7xWO8u-_PRXncd22UVtroHthoKOT01df5X4mhEnjNqEFSPKh-jvRY3o6IqJxnXy2cyklCGa0m5yioARYYDZLgVZNohkJQncr2F9fT3Boylt3IRxMXv4cb-PzrGwO_BbbHkMAEsri8z6AEiAXK-IvlS5IFBAgEGAGSBQQIBRgEgAfzx8uJBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4b2AcB8gcEEL2wCdIIKQiR4YBwEAEYHzIF64uAgCA6CYBAgICAgICECEi9_cE6WIqn5cHuv4QDmgmfAWh0dHBzOi8vZGUuc2hvZmFzdC5jb20vZHNyP3E9d2FyZWhvdXNlJTIwbWFuYWdlbWVudCUyMHNvZnR3YXJlJmFzaWQ9c2ZfY2g0MzUmZGU9YyZzY2xpZD0wLTI0MDE1JmdjbGlkPXtnY2xpZH0mcmFjPWJlc3QlMjB3YXJlaG91c2UlMjBtYW5hZ2VtZW50JTIwc29mdHdhcmUmYWM9MoAKAcgLAdgTDIgUAdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0zMjg1ODY1MTQxNjkzNTk5GAA&sigh=tV2goKNzWwY&uach_m=%5BUACH%5D&ase=2&cbvp=2&vis=1&nis=5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3285865141693599&output=html&h=280&slotname=2455889015&adk=1992973437&adf=1082655397&pi=t.ma~as.2455889015&w=1200&fwrn=4&fwrnh=100&lmt=1708636375&rafmt=1&format=1200x280&url=https%3A%2F%2Ffreefire.ammonline.in%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708636375382&bpp=1&bdt=320&idt=239&shv=r20240221&mjsv=m202402150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5681040343134&frm=20&pv=1&ga_vid=601978532.1708636376&ga_sid=1708636376&ga_hid=754359742&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=165&ady=431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081152%2C42532523%2C44795921%2C44809004%2C95322748%2C95324581%2C95325069%2C95320377%2C31080991%2C95324155%2C95324161&oid=2&pvsid=686135501654896&tmod=121358345&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=242
Attribution-Reporting-Eligible: event-source
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 22 Feb 2024 21:12:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 p5fnC8UiJgY_rpObzZ9ptSWDjQ2aRmww7Wqd7-i_gkQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 1618 51 KB
19 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/p5fnC8UiJgY_rpObzZ9ptSWDjQ2aRmww7Wqd7-i_gkQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a797e70bc52226063fae939bcd9f69b525838d0d9a466c30ed6a9defe8bf8244

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 14:08:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 198296
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19860
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Feb 2025 14:08:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 3693 4 KB
679 B 41ms
40ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3285865141693599&output=html&h=280&adk=43866455&adf=3204789416&pi=t.aa~a.50636243~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1708636376&rafmt=1&to=qs&pwprc=1520704538&format=1200x280&url=https%3A%2F%2Ffreefire.ammonline.in%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708636376357&bpp=1&bdt=1295&idt=-M&shv=r20240221&mjsv=m202402150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=3&correlator=5681040343134&frm=20&pv=1&ga_vid=601978532.1708636376&ga_sid=1708636376&ga_hid=754359742&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3865&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081152%2C42532523%2C44795921%2C44809004%2C95322748%2C95324581%2C95325069%2C95320377%2C31080991%2C95324155%2C95324161&oid=2&pvsid=686135501654896&tmod=121358345&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8753541a3a44842cd815d81c4f8c589e0a0d763112d622f3088cd6f064e825fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 22 Feb 2024 21:12:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 22 Feb 2024 21:00:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 22 Feb 2024 21:12:56 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame 3693 2 KB
856 B 29ms
28ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 23:07:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79556
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Mar 2024 23:07:00 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/16991933886776486446/ Frame 3693 9 KB
10 KB 29ms
29ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16991933886776486446/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

138d911f18d1cac8e9a9bfb37411ebd32ba3b66f59267c4e33e7f6adbe814cf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

expires: Wed, 19 Feb 2025 19:38:50 GMT
date: Tue, 20 Feb 2024 19:38:50 GMT
x-content-type-options: nosniff
age: 178446
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9585
x-xss-protection: 0
last-modified: Tue, 13 Jun 2023 14:21:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 7555237140520559535
tpc.googlesyndication.com/simgad/ Frame 3693 974 B
1 KB 33ms
33ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7555237140520559535?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

689b906e6cda19dd2560b87f5545a7375e4a36b30bade2c31fc8d78f9fbf8b9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

expires: Thu, 20 Feb 2025 15:19:43 GMT
date: Wed, 21 Feb 2024 15:19:43 GMT
x-content-type-options: nosniff
age: 107593
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 974
x-xss-protection: 0
last-modified: Tue, 24 May 2022 15:28:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/ Frame 3693 23 KB
9 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec1d799ea15ca9389d9dcd1f5d5c9698d612204464a24020099137878484a168

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 23:05:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79642
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8988
x-xss-protection: 0
server: cafe
etag: 12564770436581814922
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Mar 2024 23:05:34 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame 3693 3 KB
1 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 23:01:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79902
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Mar 2024 23:01:15 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F951 1 KB
643 B 35ms
34ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 50262
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Feb 2024 07:15:15 GMT
etag: 48472445140208031
expires: Fri, 23 Feb 2024 07:15:15 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame 3693 20 KB
8 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 23:01:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79902
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8211
x-xss-protection: 0
server: cafe
etag: 3968847549730513390
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Mar 2024 23:01:15 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 3693 0
0 38ms
37ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS3WQk34S8MbdI5c6J1IBufnUibY0S7SBCUy2aG7_AAzrbhxnXFr8AvVEt4rQSYV0A96OG9twIGiEQEspeya6TLhWi5og
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3285865141693599&output=html&h=280&adk=43866455&adf=3204789416&pi=t.aa~a.50636243~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1708636376&rafmt=1&to=qs&pwprc=1520704538&format=1200x280&url=https%3A%2F%2Ffreefire.ammonline.in%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708636376357&bpp=1&bdt=1295&idt=-M&shv=r20240221&mjsv=m202402150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=3&correlator=5681040343134&frm=20&pv=1&ga_vid=601978532.1708636376&ga_sid=1708636376&ga_hid=754359742&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3865&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081152%2C42532523%2C44795921%2C44809004%2C95322748%2C95324581%2C95325069%2C95320377%2C31080991%2C95324155%2C95324161&oid=2&pvsid=686135501654896&tmod=121358345&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 3693 204 KB
61 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48639bd7695fc270e23859d9b74231f49bc78f05e3a96ed0332a9b0b80d8c2e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 20:38:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2074
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62854
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 22 Feb 2024 21:38:23 GMT

GET
H3 200 c0f9635aabdd33ab086e3930fa461563.js Show response
www.gstatic.com/mysidia/ Frame 3693 36 KB
15 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c0f9635aabdd33ab086e3930fa461563.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 07:44:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 134933
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15250
x-xss-protection: 0
last-modified: Fri, 16 Feb 2024 00:22:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 21 May 2024 07:44:04 GMT

GET
DATA 200
OK truncated
/ Frame 3693 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de22e9868b7913f2f6c015f3eef17a0c90cac089718a2de4913f8307bb2dea8d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame F951 35 B
463 B 82ms
28ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMiI2Wm1HCyljFT6jcYXIs4&google_cver=1&google_push=AXcoOmS7Q3oPmCN1z7Gqs310-lPx0TlXiyMb2zzX87b_JH4XStFbxTDgMZv95kfRvkqAKaXjEP-AJNgNCTR81rdfdMwvxxBSLZv3nrez

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Feb 2024 21:12:57 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame F951 43 B
235 B 140ms
40ms Image
image/gif 35.214.149.91
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEEoPyieX-CbO7i9XgTpoCOs&google_cver=1&google_push=AXcoOmT_UyWVdGPCBYJmE9T_04TOiYRukfbktNi3AaBociAkJemZpegws0-CSur2FDNnCG4X_QOGo2KoUayYByF7SGrb7s5SFnLSNG6q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3285865141693599&output=html&h=280&adk=43866455&adf=3204789416&pi=t.aa~a.50636243~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1708636376&rafmt=1&to=qs&pwprc=1520704538&format=1200x280&url=https%3A%2F%2Ffreefire.ammonline.in%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708636376357&bpp=1&bdt=1295&idt=-M&shv=r20240221&mjsv=m202402150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=3&correlator=5681040343134&frm=20&pv=1&ga_vid=601978532.1708636376&ga_sid=1708636376&ga_hid=754359742&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3865&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081152%2C42532523%2C44795921%2C44809004%2C95322748%2C95324581%2C95325069%2C95320377%2C31080991%2C95324155%2C95324161&oid=2&pvsid=686135501654896&tmod=121358345&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 91.149.214.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date: Thu, 22 Feb 2024 21:12:57 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F951
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOB3eZEFW8PD69tSC3j5Y14&google_cver=1&google_push=AXcoOmTecPoH_UvD8gJ1rdFHnYMK7CLqseDM4uO7mfBNDCUOw2eu_4y4OoT0bsbv9QAkG7dp9Gaqj2n_n9ZP01LtUIgdsyT...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTecPoH_UvD8gJ1rdFHnYMK7CLqseDM4uO7mfBNDCUOw2eu_4y4OoT0bsbv9QAkG7dp9Gaqj2n_n9ZP01LtUIgdsyTPpTSNVBiW&google_hm=eS1nOGs2Njc5RTJwSF...

170 B
329 B

43ms
43ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTecPoH_UvD8gJ1rdFHnYMK7CLqseDM4uO7mfBNDCUOw2eu_4y4OoT0bsbv9QAkG7dp9Gaqj2n_n9ZP01LtUIgdsyTPpTSNVBiW&google_hm=eS1nOGs2Njc5RTJwSFdOS2oyNFQyTWxyYm5SX3dkMVMxOX5B

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Feb 2024 21:12:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 22 Feb 2024 21:12:57 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTecPoH_UvD8gJ1rdFHnYMK7CLqseDM4uO7mfBNDCUOw2eu_4y4OoT0bsbv9QAkG7dp9Gaqj2n_n9ZP01LtUIgdsyTPpTSNVBiW&google_hm=eS1nOGs2Njc5RTJwSFdOS2oyNFQyTWxyYm5SX3dkMVMxOX5B
content-length: 0

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame F951 43 B
235 B 140ms
41ms Image
image/gif 35.214.149.91
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESEEoPyieX-CbO7i9XgTpoCOs&google_cver=1&google_push=AXcoOmRETj1LvXq93nP5eJMBkRHt4tz9dEMuV24RIgXdfYPW5DTvXQmyLOmQUD6iAJiDUjQMkmF3CU_sRdw3ofdGAsQD-wTk72nd1bQ0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3285865141693599&output=html&h=280&adk=43866455&adf=3204789416&pi=t.aa~a.50636243~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1708636376&rafmt=1&to=qs&pwprc=1520704538&format=1200x280&url=https%3A%2F%2Ffreefire.ammonline.in%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708636376357&bpp=1&bdt=1295&idt=-M&shv=r20240221&mjsv=m202402150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=3&correlator=5681040343134&frm=20&pv=1&ga_vid=601978532.1708636376&ga_sid=1708636376&ga_hid=754359742&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3865&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081152%2C42532523%2C44795921%2C44809004%2C95322748%2C95324581%2C95325069%2C95320377%2C31080991%2C95324155%2C95324161&oid=2&pvsid=686135501654896&tmod=121358345&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 91.149.214.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date: Thu, 22 Feb 2024 21:12:57 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame F951 43 B
363 B 121ms
35ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQHNUHwoWhqoPMjeOz4PJSmeUvrwKGvLtHw5KtGlNl70O69EhMN3EJPk4C4_zInawamCK_hEmOGEG-6yu_p_9FFBysAoTFNNd-p&google_gid=CAESEJL6lvZ-V7A1LvW9PwMR09M&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Feb 2024 21:12:56 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 196027
expires: Thu, 22 Feb 2024 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F951
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJ1ucQ1-Ci4khGAqjQUX-bA&google_cver=1&google_push=AXcoOmTI_2dTL-SB5hdGhjTSL4kwRgZwhYLMpq20Fr8MR5uQsry8GnoAgVD29uT-XwuPg_WfL_2x9fFq...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJ1ucQ1-Ci4khGAqjQUX-bA&google_cver=1&google_push=AXcoOmTI_2dTL-SB5hdGhjTSL4kwRgZwhYLMpq20Fr8MR5uQsry8GnoAgVD29uT-XwuPg_WfL_2...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDE3ODIwMTA0MjYwMTYxMzUzMA&google_push=AXcoOmTI_2dTL-SB5hdGhjTSL4kwRgZwhYLMpq20Fr8MR5uQsry8GnoAgVD29uT-XwuPg_WfL_2x9f...

170 B
232 B

44ms
44ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDE3ODIwMTA0MjYwMTYxMzUzMA&google_push=AXcoOmTI_2dTL-SB5hdGhjTSL4kwRgZwhYLMpq20Fr8MR5uQsry8GnoAgVD29uT-XwuPg_WfL_2x9fFqk5d-9fzjMKY-oiVr41WwS3Zu

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Feb 2024 21:12:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 22 Feb 2024 21:12:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDE3ODIwMTA0MjYwMTYxMzUzMA&google_push=AXcoOmTI_2dTL-SB5hdGhjTSL4kwRgZwhYLMpq20Fr8MR5uQsry8GnoAgVD29uT-XwuPg_WfL_2x9fFqk5d-9fzjMKY-oiVr41WwS3Zu
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

cm
cm.creativecdn.com/adx/ Frame F951
Redirect Chain

https://creativecdn.com/cm-notify?pi=adxab&google_gid=CAESEPb4YqGB_-l3fo_X7ncTAxo&google_cver=1&google_push=AXcoOmRHR_s_iI0rooYsomNAUc5ALv5SMnCJnsIqnHeuTIsmsAENexh6rHEZ8nC7YiwrSQbQevDt5S1GJ43kZAojR...
https://creativecdn.com/cm-notify?pi=adxab&google_gid=CAESEPb4YqGB_-l3fo_X7ncTAxo&google_cver=1&google_push=AXcoOmRHR_s_iI0rooYsomNAUc5ALv5SMnCJnsIqnHeuTIsmsAENexh6rHEZ8nC7YiwrSQbQevDt5S1GJ43kZAojR...
https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_ula=5153224&google_hm=ekOQsoibuxRBsf3zYxfaR-RDaP_miwjqqG6BhCfW-7A&pi=adx&pi=adxab&google_gid=CAESEPb4YqGB_-l3fo_X7ncTAxo&google_cver=1...
https://cm.creativecdn.com/adx/cm?v=2&pi=adx&pi=adxab&tc=1&google_error=5

42 B
260 B

75ms
45ms

Image
image/gif

185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.creativecdn.com/adx/cm?v=2&pi=adx&pi=adxab&tc=1&google_error=5
Protocol: H2
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 22 Feb 2024 21:12:57 GMT, Thu, 22 Feb 2024 21:12:57 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 42
vary: Accept-Encoding
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 22 Feb 2024 21:12:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.creativecdn.com/adx/cm?v=2&pi=adx&pi=adxab&tc=1&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 286
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame F951 0
130 B 124ms
35ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lnaxn6n6YR7cD310GzavSws95pF3hRV0AkI75jimCG8CU_cbm0TkIVogvHNGG2k8k01hf-aA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:12:57 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3693 16 KB
16 KB 26ms
26ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 07:46:32 GMT
x-content-type-options: nosniff
age: 134785
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Feb 2025 07:46:32 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3693 15 KB
15 KB 32ms
32ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 07:34:45 GMT
x-content-type-options: nosniff
age: 135492
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Feb 2025 07:34:45 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 3693
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C5rrr2LjXZcyzIOCAid4Pu7i9mAaqsJHmdOu9qaPBEaTn8u2VAhABIJetjElglQKgAav43-0CyAEJqQKVQJRmhS2yPqgDAcgDywSqBIUCT9CVG1A-yG4wNLdzf1z63TJq265xZUQXKbWNcQj...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215960096919549532743%22,%22debug_reporting%22:true,%22destination%22:%22https://stackit.de%22,%22event_report_window%22:%2...

0
0

150ms
69ms

Fetch
text/css

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215960096919549532743%22,%22debug_reporting%22:true,%22destination%22:%22https://stackit.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22767032363%22],%2222%22:[%22true%22],%224%22:[%2202-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224327332357768964737%22}&andc=true

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:12:57 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"15960096919549532743","debug_reporting":true,"destination":"https://stackit.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["767032363"],"22":["true"],"4":["02-22"],"6":["true"]},"priority":"500","source_event_id":"4327332357768964737"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 22 Feb 2024 21:12:57 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 22 Feb 2024 21:12:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"15960096919549532743","debug_reporting":true,"destination":"https://stackit.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["767032363"],"22":["true"],"4":["02-22"],"6":["true"]},"priority":"500","source_event_id":"4327332357768964737"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 73ms
73ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240221&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0702e1924cb5d493b8182a68cf3a74efef1c425a4a2bf94e13b46a6352372810

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freefire.ammonline.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:12:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12394
x-xss-protection: 0

GET
H3 200 p5fnC8UiJgY_rpObzZ9ptSWDjQ2aRmww7Wqd7-i_gkQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 899C 51 KB
19 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/p5fnC8UiJgY_rpObzZ9ptSWDjQ2aRmww7Wqd7-i_gkQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a797e70bc52226063fae939bcd9f69b525838d0d9a466c30ed6a9defe8bf8244

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 14:08:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 198297
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19860
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Feb 2025 14:08:00 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 135ms
67ms Preflight
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 22 Feb 2024 21:12:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freefire.ammonline.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:12:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 22 Feb 2024 21:12:57 GMT

GET
H3 200 FreeFire_Skin_GalaxyDino-1536x864-1.jpg
freefire.ammonline.in/wp-content/uploads/2022/12/ 203 KB
203 KB 37ms
37ms Image
image/jpeg 148.251.153.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freefire.ammonline.in/wp-content/uploads/2022/12/FreeFire_Skin_GalaxyDino-1536x864-1.jpg
Requested by: Host: freefire.ammonline.in
URL: https://freefire.ammonline.in/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js?ver=3.12.5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 148.251.153.114 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: server541.iseencloud.net
Software: LiteSpeed /
Resource Hash: b977f134762a2eb9565c8c385664c4051366e58bbd1d3d5fbc7995e76afa5136

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freefire.ammonline.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:12:57 GMT
last-modified: Fri, 30 Dec 2022 01:50:40 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 207474
expires: Thu, 29 Feb 2024 21:12:57 GMT

GET
H3 200 indian-bike-game-1200x568-1.jpeg
freefire.ammonline.in/wp-content/uploads/2022/11/ 125 KB
125 KB 42ms
42ms Image
image/jpeg 148.251.153.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freefire.ammonline.in/wp-content/uploads/2022/11/indian-bike-game-1200x568-1.jpeg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 148.251.153.114 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: server541.iseencloud.net
Software: LiteSpeed /
Resource Hash: daad8f5ecfd20644959be30d8aa8f66d15a882eed6b494738132a54ee60a9e95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freefire.ammonline.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:12:57 GMT
last-modified: Wed, 30 Nov 2022 11:07:58 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 127509
expires: Thu, 29 Feb 2024 21:12:57 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3817 13 KB
5 KB 27ms
27ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freefire.ammonline.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 20074
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 22 Feb 2024 15:38:23 GMT
expires: Fri, 21 Feb 2025 15:38:23 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A724 829 B
559 B 36ms
36ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cb19a62d49b6bcd27c26cdb9ef2b9180cf0e984eb1db6e1053aada5e28cef45b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NabzhFCxMp-eMjOl1HuTWQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://freefire.ammonline.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-NabzhFCxMp-eMjOl1HuTWQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 22 Feb 2024 21:12:57 GMT
expires: Thu, 22 Feb 2024 21:12:57 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 BoEj1MRYnOy5BSN5ElbJySd6MGFyYBWT_ZtkFEIAVvM.js Show response
pagead2.googlesyndication.com/bg/ Frame 3817 39 KB
15 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BoEj1MRYnOy5BSN5ElbJySd6MGFyYBWT_ZtkFEIAVvM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068123d4c4589cecb90523791256c9c9277a306172601593fd9b6414420056f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 15:38:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20073
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15302
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Feb 2025 15:38:24 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A724 0
0 59ms
59ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240221&jk=686135501654896&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3817 0
10 B 31ms
31ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?XGHA0g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:12:57 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 Government-ban-application-2023.png
freefire.ammonline.in/wp-content/uploads/2023/02/ 648 KB
648 KB 46ms
46ms Image
image/png 148.251.153.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freefire.ammonline.in/wp-content/uploads/2023/02/Government-ban-application-2023.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 148.251.153.114 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: server541.iseencloud.net
Software: LiteSpeed /
Resource Hash: 54f9ba8d3f7c040a00b17e38b94747e475a369d65366d1231cda036a59fd33d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freefire.ammonline.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:12:57 GMT
last-modified: Wed, 08 Feb 2023 06:21:12 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 663425
expires: Thu, 29 Feb 2024 21:12:57 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 57ms
57ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240221&jk=686135501654896&bg=!UVKlUh3NAAZ3BdUuVwU7ADQBe5WfOBd6BnpH_MH89x5H114DWVtyu8Iebx2nnCQuYlqgPxOLeTaGkYvQHQFUUoGIrC2FAgAAACxSAAAAAmgBB5kDBkepRX8l5LDBfg-uHRct2FWHuS3HbWJp8mnr1DH9E6A-eMiRQD0QpZRVfKpSAYJrYdY_PfutYZ9Bn1mPDOE6mb6aq6PNRpb5Fz92eV7EImoLnWdvpTDiURbOstl-xyvrnZMLn-99Bv28WeqjphEcyECQRXyrbO3MNej7_Nr8CBJV0Zj_Ev05-PAN-k21IK5OKaGcPBrf_0PRH7XkNi-MBPIKF985fiuCfoTDoYK5kjMeJxlFZHq99_OqwNoJanNL2y9JxOhRG5XTEGQUSmy777wbuMNT-ssyPm1Pk7qwaO_TKlVU55v0_3R-swUepK6qXRzNZw9TIGNle4HrDrsYfXx9a52Bcdb7NdTdzTD3K5LY-OOxaHJoQpcBjnW1J_WiHhWvlU5RreYq9QyMb2pNAGdcP8FVuZT7felPa9CWMLJKZDzY2damD5SChFYP5AN2L6kg8L9JrBRHFr5QHWHGEytngnTzm7PaX5MAdh4ovCN_MSdtvvHiHSAGI8cXuaGgNh_BqwrB6gpOaww4dMp7B_A7O03D5lh-OW1PlgfZ5dVPMTz783iKuIZTW2ncHd7fne80b_CovRYJsoVbbrJe_PRURRRNFD2Dx724AoHqSG5IrQzixqQNZO9UMLqOcnDUwmu1Xi72sISxxWekXMU8YGUeD1BxwKgdICwl1uGQ8Zoz5Z3MwbTIcgXWszzb_5351QmgaOAvALQhCLyhkJiTOodNsGKDkrkYZohNG24cSnoXuMQvR0Z9vdGaZd0AWuaO7hRcVwZFxcnVg3HDiwhnysNKryOHsnkBSpp5LCwATjYThIGfBFGF9dramw3X4HlHzdfCYVYOgWr_cjaTDLLQft_OzYnlTHV7qeh9dXq9MnU1DBxk9C1m9s-kvBDIQYzrCC9O7c7iEXWQZasMAA3BkcsCVjyGQMFJK0FB06ZC34ljSSYMaTV1PlYvOkfwJRXQDz0uE3xrVsg2Cg6NejW4c85L7vnWKDAvRsxtU5Ao78vUV-wbiCpdiyKkba46DORcmGuxZGc8wA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freefire.ammonline.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C79D 42 B
64 B 58ms
58ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsssHyT8vSrUtTfE-Lf9lEa8Wzx4yiq_Tcq9PB50zwDCAxVemITriR1ZbM61ut7lmjHxO9QF-VM3gSvFuprILZIIU_DAdar-HrA3gZq9N68WVc3zdojruovwEYSEYfICQ43ESRLM78cAiiCACZRCo5JBRNvMDuoz9AOzkFbq2g&sig=Cg0ArKJSzNGYdIwVVQcyEAE&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240220&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1992973437&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=456917600&rst=1708636375625&rpt=1234&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Feb 2024 21:12:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ammonline.in/	1970-01-21 03:58:52	Name: __gads Value: ID=9912a697bb653c1e:T=1708636375:RT=1708636375:S=ALNI_MZMxHWm9F4NBG1qHAhpXgyJvnW8zQ
.ammonline.in/	1970-01-21 03:58:52	Name: __gpi Value: UID=00000d5f53b0938c:T=1708636375:RT=1708636375:S=ALNI_MYpeE0ramtHSUmpTDJcBIr5BT41cA
.ammonline.in/	1970-01-20 22:56:28	Name: __eoi Value: ID=f75853a6978c4b31:T=1708636375:RT=1708636375:S=AA-AfjYWw7-ABSTeZFzfC9HGPp8U
.doubleclick.net/	1970-01-20 18:37:19	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-21 03:58:52	Name: IDE Value: AHWqTUkosN2pu_K4qaNCf8xD-MXqBV672kr2zn7q4nMHWcQwr7Hzaf0h8bkKqPSUkEo
.quantserve.com/	1970-01-20 20:46:52	Name: d Value: ECkBCQGaK4EA
.quantserve.com/	1970-01-21 04:07:30	Name: mc Value: 65d7b8d9-18170-74a9c-fe5ba
.adform.net/	1970-01-20 19:19:01	Name: C Value: 1
.creativecdn.com/	1970-01-21 03:22:52	Name: g Value: YoK3K56ITP4fmXsvh8QS_1708636377154
.creativecdn.com/	1970-01-21 03:22:52	Name: ts Value: 1708636377
.yahoo.com/	1970-01-21 03:23:13	Name: A3 Value: d=AQABBNm412UCEG0UZ22cMdqoRZEevVNkN1QFEgEBAQEK2WXhZQAAAAAA_eMAAA&S=AQAAAmAimFGVO-dcEOJDO3Z7O0Y
.adform.net/	1970-01-20 20:03:40	Name: uid Value: 4178201042601613530
.googleadservices.com/	1970-01-20 20:46:52	Name: ar_debug Value: 1

36 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://freefire.ammonline.in/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freefire.ammonline.in/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freefire.ammonline.in/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freefire.ammonline.in/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freefire.ammonline.in/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freefire.ammonline.in/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freefire.ammonline.in/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freefire.ammonline.in/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freefire.ammonline.in/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freefire.ammonline.in/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freefire.ammonline.in/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freefire.ammonline.in/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freefire.ammonline.in/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freefire.ammonline.in/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freefire.ammonline.in/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freefire.ammonline.in/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freefire.ammonline.in/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freefire.ammonline.in/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freefire.ammonline.in/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freefire.ammonline.in/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freefire.ammonline.in/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freefire.ammonline.in/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freefire.ammonline.in/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freefire.ammonline.in/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freefire.ammonline.in/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freefire.ammonline.in/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freefire.ammonline.in/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freefire.ammonline.in/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freefire.ammonline.in/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freefire.ammonline.in/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freefire.ammonline.in/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freefire.ammonline.in/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freefire.ammonline.in/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freefire.ammonline.in/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freefire.ammonline.in/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freefire.ammonline.in/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c1.adform.net
cm.creativecdn.com
cm.g.doubleclick.net
cms.quantserve.com
creativecdn.com
dis.criteo.com
fonts.googleapis.com
fonts.gstatic.com
freefire.ammonline.in
googleads.g.doubleclick.net
pagead2.googlesyndication.com
pr-bh.ybp.yahoo.com
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.gstatic.com
x.bidswitch.net
142.250.181.226
142.250.185.194
148.251.153.114
178.250.1.9
185.184.8.90
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:829::2001
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2003
2a00:1450:4001:831::2002
2a05:d018:d29:3602:f2e:e7e1:e949:d33b
35.214.149.91
37.157.6.237
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
04fa628bda6f9b1ab5f71827ce6c71e8c6ad495a3a5a0ed8858c6f5b2f0513ff
068123d4c4589cecb90523791256c9c9277a306172601593fd9b6414420056f3
0702e1924cb5d493b8182a68cf3a74efef1c425a4a2bf94e13b46a6352372810
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247
138d911f18d1cac8e9a9bfb37411ebd32ba3b66f59267c4e33e7f6adbe814cf3
167f43e4e455b0d188fe18268463efd5cb09a03e7980f2b2ebe7acbfe6e2068b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
20da84c2e78605471493256c265aa2a0507d6a6556028327f10d0b1a3ed09bbe
2a04078f9550381b5148170ceaf5b378a1b31ed8274c6d0094aeba6f599462cc
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3bfbdd25b0a0cf2bdb65138e70e8632c4c948d9eca8cf1b3e3a739b2a921dea6
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
43e75dcd4d9cd0498a5244a676b51f8ddbf93a83a3925e16c4a1f05aa3297f1b
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d
48639bd7695fc270e23859d9b74231f49bc78f05e3a96ed0332a9b0b80d8c2e4
4b61d8691097f35768bf7d91d6cd291fcfb2bb2cb5334ae145faf11e652e0ef6
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54f9ba8d3f7c040a00b17e38b94747e475a369d65366d1231cda036a59fd33d5
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
689b906e6cda19dd2560b87f5545a7375e4a36b30bade2c31fc8d78f9fbf8b9e
80e7df40706b98af0642339f97f7729d5d098614c9d94fbec96bb44dc4dc8f91
831b9054fc3204290e086ab1fc1e447a23de2fa6b34c284916e54ad176e066f7
8753541a3a44842cd815d81c4f8c589e0a0d763112d622f3088cd6f064e825fd
8c0ae6bf735036583e048832679af3ee44befca7f67434d3aeeae361efc88bb3
970b2c0d5a67640ff89678061839b6a571b76be2ff1afc266f1e457c902ea6fe
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1a49c85ae2db19ca7ad2bd54a706a632f8c9534c609acee3388f116df3bc53d
a1f50102d9602421b3c30d1ec91165a040af289e61598394ba135a2028014a16
a4d94af534c700b4cc663a664528a8578fb4f73f09df71d98f331f70ae8f101b
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
a797e70bc52226063fae939bcd9f69b525838d0d9a466c30ed6a9defe8bf8244
aa690a627d2a30d05c34abf707d561c00f898a24258454688f6c65ac7fabe049
aa9bfb3e8295537577e78f241f76648ad07dda6841731daaecb59ca62e275d0c
af8e228d0e1f26bdccc4cc9f575c7c028e752775568623eb3a48c974dcd46a20
afbc2aaf1a512aabb64b23add647fcbbeb1864d3626f23ecddfb41d277417ccc
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1a9b4d4a874d9284ffcbc5f13a10e05dbfc8697abedafdaa52f0b86d6e345b9
b48b400adbd95cfd0ce19e35fed7d6303704913b22f2a0d8de01a4a461b66092
b5e38de32d149f2263d86a25f0db6e63418e296f5c42f004f1ad157b5062db96
b977f134762a2eb9565c8c385664c4051366e58bbd1d3d5fbc7995e76afa5136
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bdc304fb0d3de14d2a6f75885e3ed939cdf63cfe8b55769d8e53a7658eb72284
bdecf186b06c21819f46ec6d692cc604da4fc37d1f52d67e45e9cefe0f71cad2
beaa4e20abc3a3d0d09715c0edf0670624a39512cbb2f52d85d7faf295f9c2b3
caf46c90f4c85259ea326f121c4ae6d20e113f9efeb9756dabe4f8b374d087d1
cb19a62d49b6bcd27c26cdb9ef2b9180cf0e984eb1db6e1053aada5e28cef45b
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ce4a77d717c205c37a7b29583a10accef9f841d7c8bf0128a71c34f36b21ff9f
ce8c05a7248a3803ffc6d3a871f42b125e2358c700a59e082501d81d5c94400b
daad8f5ecfd20644959be30d8aa8f66d15a882eed6b494738132a54ee60a9e95
dbaf719b79ad5dc5eeb08a4b32bdf1efc8645a980bfabb9120007fc00fe890bc
de22e9868b7913f2f6c015f3eef17a0c90cac089718a2de4913f8307bb2dea8d
df32cdebd4d17f51b2d20e0138535bf7ea0eabcd8dfe238b14f48ae973920170
df4c28cc9cbaea711348a4efeb70f3bed5d72535e43f41b2a4ab11ac6de17941
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41a7f04a7ee5039f882bc018d3f8123784cb1e6039be786e139a8df36d55621
e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca
e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360
ec1d799ea15ca9389d9dcd1f5d5c9698d612204464a24020099137878484a168
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fb2f873ab97c1e53286bdf23b5b28d17c38ba9e8f6a58d4d30f82a72a3c36046
fdb4dc37905969400d132343ac4e12473c8b0620dc724c8c5e444d946e4ab38d

freefire.ammonline.in Open in urlscan Pro 148.251.153.114 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

104 Requests

95 %HTTPS

56 %IPv6

13 Domains

17 Subdomains

15 IPs

6 Countries

2930 kBTransfer

4964 kBSize

13 Cookies

1 Outgoing links

Page URL History

Redirected requests

104 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

freefire.ammonline.in Open in urlscan Pro
148.251.153.114 Public Scan

Screenshot
Live screenshot

Full Image

104
Requests

95 %
HTTPS

56 %
IPv6

13
Domains

17
Subdomains

15
IPs

6
Countries

2930 kB
Transfer

4964 kB
Size

13
Cookies

104 HTTP transactions
3 data transactions