freefirebrr.online Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://freefirebrr.online/
Effective URL:
https://freefirebrr.online/
Submission: On July 24 via manual (July 24th 2022, 1:19:52 am UTC) from IN — Scanned from NL

Summary HTTP 225 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 60 IPs in 8 countries across 51 domains to perform 225 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is freefirebrr.online.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 27th 2022. Valid for: a year.

This is the only time freefirebrr.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 31	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
13	2a02:6ea0:c70... 2a02:6ea0:c700::11	60068 (CDN77 ^_^) (CDN77 ^_^)
7	186.192.91.9 186.192.91.9	28604 (Globo Com...) (Globo Comunicacao e Participacoes SA)
3	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
4	54.38.64.100 54.38.64.100	16276 (OVH) (OVH)
1	2.16.91.19 2.16.91.19	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 3	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	2606:4700:10:... 2606:4700:10::6816:1857	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	145.239.192.166 145.239.192.166	16276 (OVH) (OVH)
3	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
2	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	16509 (AMAZON-02) (AMAZON-02)
1	18.200.85.0 18.200.85.0	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:10:... 2606:4700:10::6816:15d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.156.253.167 108.156.253.167	16509 (AMAZON-02) (AMAZON-02)
3	141.95.98.67 141.95.98.67	16276 (OVH) (OVH)
1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2606:4700:10:... 2606:4700:10::ac43:1997	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:223... 2600:9000:223c:1c00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
2 11	37.252.173.22 37.252.173.22	29990 (ASN-APPNEX) (ASN-APPNEX)
3 5	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2 2	34.249.212.46 34.249.212.46	16509 (AMAZON-02) (AMAZON-02)
1 1	18.156.126.13 18.156.126.13	16509 (AMAZON-02) (AMAZON-02)
1 1	52.211.1.14 52.211.1.14	16509 (AMAZON-02) (AMAZON-02)
3	52.49.3.229 52.49.3.229	16509 (AMAZON-02) (AMAZON-02)
1	54.217.253.87 54.217.253.87	16509 (AMAZON-02) (AMAZON-02)
1	35.158.200.114 35.158.200.114	16509 (AMAZON-02) (AMAZON-02)
1	46.249.52.249 46.249.52.249	50673 (SERVERIUS-AS) (SERVERIUS-AS)
1	2602:803:c004... 2602:803:c004:200::141	26667 (RUBICONPR...) (RUBICONPROJECT)
7	52.59.116.64 52.59.116.64	16509 (AMAZON-02) (AMAZON-02)
1 18	172.67.10.198 172.67.10.198	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	54.154.103.240 54.154.103.240	16509 (AMAZON-02) (AMAZON-02)
2	64.202.112.127 64.202.112.127	23352 (SERVERCEN...) (SERVERCENTRAL)
1	147.75.85.234 147.75.85.234	54825 (PACKET) (PACKET)
1	2606:4700::68... 2606:4700::6812:372	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 3	185.86.137.110 185.86.137.110	201081 (SMARTADSE...) (SMARTADSERVER)
1 1	37.252.172.250 37.252.172.250	29990 (ASN-APPNEX) (ASN-APPNEX)
4	185.86.137.17 185.86.137.17	201081 (SMARTADSE...) (SMARTADSERVER)
2	104.90.104.226 104.90.104.226	16625 (AKAMAI-AS) (AKAMAI-AS)
7	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
4	151.101.193.108 151.101.193.108	54113 (FASTLY) (FASTLY)
14	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2 5	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
2	34.95.69.49 34.95.69.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
2	104.92.74.8 104.92.74.8	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	2.16.238.158 2.16.238.158	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2 3	52.95.122.74 52.95.122.74	16509 (AMAZON-02) (AMAZON-02)
2 5	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2 3	52.46.128.147 52.46.128.147	16509 (AMAZON-02) (AMAZON-02)
5 5	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:8fa7:badd:b745:6d42	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:10:... 2606:4700:10::6816:37ce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
225	60

31 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

freefirebrr.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

ads.themoneytizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 186.192.91.9 (Niterói, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-91-9.prt.globo.com

s2.glbimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.38.64.100 (France)

ASN16276 (OVH, FR)

c.tmyzer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.91.19 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-91-19.deploy.static.akamaitechnologies.com

ced.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.192.166 (France)

ASN16276 (OVH, FR)

tag.leadplace.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.200.85.0 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-85-0.eu-west-1.compute.amazonaws.com

p.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:15d (United States)

ASN13335 (CLOUDFLARENET, US)

boot.pbstck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
intake.pbstck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.156.253.167 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-253-167.dus51.r.cloudfront.net

d2zur9cc2gf1tx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.95.98.67 (France)

ASN16276 (OVH, FR)
PTR: ns3216533.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::ac43:1997 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.pbstck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
intake.pbstck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:1c00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 37.252.173.22 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.16.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.249.212.46 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-212-46.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.156.126.13 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-126-13.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.211.1.14 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-1-14.eu-west-1.compute.amazonaws.com

obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.49.3.229 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-3-229.eu-west-1.compute.amazonaws.com

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.217.253.87 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-253-87.eu-west-1.compute.amazonaws.com

adtrack.adleadevent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.158.200.114 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-200-114.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.249.52.249 (Amsterdam, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

pbjs.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c004:200::141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.59.116.64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-116-64.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 172.67.10.198 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

prebid.smilewanted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
csync.smilewanted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.smilewanted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.154.103.240 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-103-240.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.127 (Leesburg, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

b1h.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.86.137.110 (France) 2 redirects

ASN201081 (SMARTADSERVER, FR)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.172.250 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.86.137.17 (France)

ASN201081 (SMARTADSERVER, FR)

ww1097.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.90.104.226 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-104-226.deploy.static.akamaitechnologies.com

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 37.252.173.215 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

fra1-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.193.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.92.74.8 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-74-8.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.238.158 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-238-158.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.95.122.74 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.173.144.138 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.128.147 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.173.144.165 (Frankfurt am Main, Germany) 5 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:8fa7:badd:b745:6d42 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:37ce (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-eu.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.18.126 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Amsterdam, Netherlands) 2 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	freefirebrr.online 1 redirects freefirebrr.online	247 KB
25	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 tpc.googlesyndication.com — Cisco Umbrella Rank: 159	546 KB
24	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 234 secure.adnxs.com — Cisco Umbrella Rank: 430 cdn.adnxs.com — Cisco Umbrella Rank: 1318 fra1-ib.adnxs.com — Cisco Umbrella Rank: 6923 acdn.adnxs.com — Cisco Umbrella Rank: 566	190 KB
19	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 56 cm.g.doubleclick.net — Cisco Umbrella Rank: 205	94 KB
18	smilewanted.com 1 redirects prebid.smilewanted.com — Cisco Umbrella Rank: 6181 csync.smilewanted.com — Cisco Umbrella Rank: 4954 static.smilewanted.com — Cisco Umbrella Rank: 10367	18 KB
13	rubiconproject.com 7 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 516 eus.rubiconproject.com — Cisco Umbrella Rank: 598 pixel.rubiconproject.com — Cisco Umbrella Rank: 333 token.rubiconproject.com — Cisco Umbrella Rank: 703	17 KB
13	themoneytizer.com ads.themoneytizer.com — Cisco Umbrella Rank: 26698	213 KB
7	smartadserver.com 2 redirects sync.smartadserver.com — Cisco Umbrella Rank: 1510 ww1097.smartadserver.com — Cisco Umbrella Rank: 25936	3 KB
7	sharethrough.com btlr.sharethrough.com — Cisco Umbrella Rank: 1326	806 B
7	zeotap.com spl.zeotap.com — Cisco Umbrella Rank: 1792 mwzeom.zeotap.com — Cisco Umbrella Rank: 1448	22 KB
7	glbimg.com s2.glbimg.com — Cisco Umbrella Rank: 51722	484 KB
6	amazon-adsystem.com 4 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1294 s.amazon-adsystem.com — Cisco Umbrella Rank: 287	5 KB
6	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 96 www.google.com — Cisco Umbrella Rank: 10	1 KB
6	pbstck.com boot.pbstck.com — Cisco Umbrella Rank: 9117 cdn.pbstck.com — Cisco Umbrella Rank: 10428 intake.pbstck.com — Cisco Umbrella Rank: 9202	53 KB
5	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 397 mug.criteo.com — Cisco Umbrella Rank: 2751	2 KB
4	cpx.to p.cpx.to — Cisco Umbrella Rank: 9264 s.cpx.to — Cisco Umbrella Rank: 2265	5 KB
4	tmyzer.com c.tmyzer.com — Cisco Umbrella Rank: 25176	1 KB
3	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 875 ads.pubmatic.com — Cisco Umbrella Rank: 485 image6.pubmatic.com — Cisco Umbrella Rank: 634	6 KB
3	360yield.com 2 redirects ad.360yield.com — Cisco Umbrella Rank: 650 ice.360yield.com — Cisco Umbrella Rank: 1794	815 B
3	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 546	2 KB
3	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 811	365 B
3	gstatic.com fonts.gstatic.com	47 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 72 ajax.googleapis.com — Cisco Umbrella Rank: 303	34 KB
2	spotxchange.com 2 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 508	1 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 460	2 KB
2	connectad.io cdn.connectad.io — Cisco Umbrella Rank: 4184 sync-eu.connectad.io — Cisco Umbrella Rank: 3163	897 B
2	yahoo.com 1 redirects ads.yahoo.com — Cisco Umbrella Rank: 1462 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 473	1 KB
2	creativecdn.com 2 redirects creativecdn.com — Cisco Umbrella Rank: 632	727 B
2	clean.gg i.clean.gg — Cisco Umbrella Rank: 1373	15 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 181	85 KB
2	zemanta.com b1h.zemanta.com — Cisco Umbrella Rank: 3990	251 B
2	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 635 eb2.3lift.com — Cisco Umbrella Rank: 400	649 B
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 186	2 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 362	529 B
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 991 pixel.quantserve.com — Cisco Umbrella Rank: 452	10 KB
2	leadplace.fr tag.leadplace.fr — Cisco Umbrella Rank: 28140	6 KB
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 371	707 B
1	stickyadstv.com 1 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 633	650 B
1	adnxs-simple.com acdn.adnxs-simple.com — Cisco Umbrella Rank: 2620	42 KB
1	4dex.io mp.4dex.io — Cisco Umbrella Rank: 3696	600 B
1	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 1317	278 B
1	e-planning.net pbjs.e-planning.net — Cisco Umbrella Rank: 7426	160 B
1	adleadevent.com adtrack.adleadevent.com — Cisco Umbrella Rank: 28868	529 B
1	imrworldwide.com 1 redirects obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com — Cisco Umbrella Rank: 37983	202 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 447	529 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 942	1 KB
1	google.nl adservice.google.nl — Cisco Umbrella Rank: 13234	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 873	647 B
1	cloudfront.net d2zur9cc2gf1tx.cloudfront.net	26 KB
1	sascdn.com ced.sascdn.com — Cisco Umbrella Rank: 5467	31 KB
0	sddan.com Failed kvt.sddan.com Failed
225	51

	Domain	Requested by
31	freefirebrr.online	1 redirects freefirebrr.online
14	tpc.googlesyndication.com	freefirebrr.online googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
14	googleads.g.doubleclick.net	pagead2.googlesyndication.com ads.themoneytizer.com googleads.g.doubleclick.net freefirebrr.online
13	ads.themoneytizer.com	freefirebrr.online ads.themoneytizer.com
11	ib.adnxs.com	2 redirects ads.themoneytizer.com acdn.adnxs.com csync.smilewanted.com
11	pagead2.googlesyndication.com	freefirebrr.online pagead2.googlesyndication.com ads.themoneytizer.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
9	csync.smilewanted.com	1 redirects ads.themoneytizer.com csync.smilewanted.com
8	prebid.smilewanted.com	ads.themoneytizer.com
7	fra1-ib.adnxs.com	ads.themoneytizer.com freefirebrr.online cdn.adnxs.com acdn.adnxs-simple.com
7	btlr.sharethrough.com	ads.themoneytizer.com
7	s2.glbimg.com	freefirebrr.online
5	token.rubiconproject.com	5 redirects
5	pixel.rubiconproject.com	2 redirects csync.smilewanted.com
5	www.google.com	2 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
5	cm.g.doubleclick.net	3 redirects
5	mwzeom.zeotap.com	freefirebrr.online
4	intake.pbstck.com	freefirebrr.online
4	ww1097.smartadserver.com	ced.sascdn.com
4	c.tmyzer.com	ads.themoneytizer.com
3	s.amazon-adsystem.com	2 redirects
3	aax-eu.amazon-adsystem.com	2 redirects
3	acdn.adnxs.com	freefirebrr.online ads.themoneytizer.com
3	sync.smartadserver.com	2 redirects freefirebrr.online
3	s.cpx.to	p.cpx.to freefirebrr.online
3	id5-sync.com	freefirebrr.online ads.themoneytizer.com ced.sascdn.com
3	onetag-sys.com	ads.themoneytizer.com
3	gum.criteo.com	1 redirects ads.themoneytizer.com
3	fonts.gstatic.com	fonts.googleapis.com
2	sync.search.spotxchange.com	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	ice.360yield.com	2 redirects
2	creativecdn.com	2 redirects
2	eus.rubiconproject.com	ads.themoneytizer.com eus.rubiconproject.com
2	i.clean.gg	acdn.adnxs-simple.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	cdn.adnxs.com	ads.themoneytizer.com
2	b1h.zemanta.com	ads.themoneytizer.com
2	dpm.demdex.net	2 redirects
2	match.adsrvr.org	freefirebrr.online
2	mug.criteo.com	freefirebrr.online
2	tag.leadplace.fr	ads.themoneytizer.com tag.leadplace.fr
2	spl.zeotap.com	ads.themoneytizer.com spl.zeotap.com
2	fonts.googleapis.com	freefirebrr.online
1	image6.pubmatic.com	ads.pubmatic.com
1	ads.pubmatic.com	csync.smilewanted.com
1	sync-eu.connectad.io	cdn.connectad.io
1	cdn.connectad.io	csync.smilewanted.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	px.ads.linkedin.com
1	ads.yahoo.com
1	ads.stickyadstv.com	1 redirects
1	static.smilewanted.com	csync.smilewanted.com
1	eb2.3lift.com	ads.themoneytizer.com
1	acdn.adnxs-simple.com	ads.themoneytizer.com
1	secure.adnxs.com	1 redirects
1	image2.pubmatic.com	freefirebrr.online
1	mp.4dex.io	ads.themoneytizer.com
1	prebid.a-mo.net	ads.themoneytizer.com
1	ad.360yield.com	ads.themoneytizer.com
1	fastlane.rubiconproject.com	ads.themoneytizer.com
1	pbjs.e-planning.net	ads.themoneytizer.com
1	tlx.3lift.com	ads.themoneytizer.com
1	adtrack.adleadevent.com	ajax.googleapis.com
1	pixel.quantserve.com	freefirebrr.online
1	obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com	1 redirects
1	aa.agkn.com	1 redirects
1	ajax.googleapis.com	d2zur9cc2gf1tx.cloudfront.net
1	rules.quantcount.com	secure.quantserve.com
1	cdn.pbstck.com	boot.pbstck.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.nl	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	d2zur9cc2gf1tx.cloudfront.net	ads.themoneytizer.com
1	boot.pbstck.com	ads.themoneytizer.com
1	p.cpx.to	ads.themoneytizer.com
1	secure.quantserve.com	ads.themoneytizer.com
1	ced.sascdn.com	ads.themoneytizer.com
0	kvt.sddan.com Failed	ads.themoneytizer.com
225	78

This site contains links to these domains. Also see Links.

Domain
mysterythemes.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-27` - `2023-06-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
1266287590.rsc.cdn77.org R3	`2022-05-24` - `2022-08-22`	3 months	crt.sh
*.glbimg.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-05-29` - `2023-05-30`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
c.tmyzer.com R3	`2022-05-30` - `2022-08-28`	3 months	crt.sh
*.sascdn.com DigiCert SHA2 Secure Server CA	`2021-09-13` - `2022-09-13`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-15` - `2022-09-18`	3 months	crt.sh
*.leadplace.fr Gandi Standard SSL CA 2	`2021-09-12` - `2022-09-12`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
p.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2022-01-13` - `2023-01-13`	a year	crt.sh
pbstck.com Cloudflare Inc ECC CA-3	`2022-07-04` - `2023-07-04`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.id5-sync.com R3	`2022-05-31` - `2022-08-29`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
s.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2022-01-17` - `2023-01-17`	a year	crt.sh
adtrack.adleadevent.com Amazon	`2022-06-13` - `2023-07-12`	a year	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.e-planning.net R3	`2022-05-17` - `2022-08-15`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.sharethrough.com Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
*.360yield.com Amazon	`2022-06-28` - `2023-07-27`	a year	crt.sh
*.zemanta.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-29` - `2022-08-29`	a year	crt.sh
*.a-mo.net R3	`2022-07-04` - `2022-10-02`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-12-10` - `2022-12-09`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
i.clean.gg GTS CA 1D4	`2022-06-10` - `2022-09-08`	3 months	crt.sh
connectad.io Cloudflare Inc ECC CA-3	`2022-04-15` - `2023-04-15`	a year	crt.sh

This page contains 34 frames:

Primary Page: https://freefirebrr.online/
Frame ID: 749419D0AFFFD2F233A9C733A27A19CD
Requests: 132 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20190131/zrt_lookup.html
Frame ID: 72B433FAC83BB6ED94809760033A680B
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1658625584734
Frame ID: F5B80848ABE4324D0F18481EA42897DF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3017618482282886&output=html&adk=1812271804&adf=3025194257&lmt=1658625584&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffreefirebrr.online%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658625584652&bpp=3&bdt=221&idt=234&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7276602254550&frm=20&pv=2&ga_vid=1219168882.1658625585&ga_sid=1658625585&ga_hid=2063005357&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C44768337%2C42531605&oid=2&pvsid=3879346333446959&tmod=811086351&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=248
Frame ID: 4E22D2FA7F07665C416AC23BD906A37B
Requests: 1 HTTP requests in this frame

Frame: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Ffreefirebrr.online%2F&id=MTIZ
Frame ID: 3E6F626135C1CDB0D396D06281EBBD5E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Frame ID: 53100A8253EE77F0DB0427A550FE2525
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js
Frame ID: 9BD3996A5458EE627A53B3AE142C341D
Requests: 6 HTTP requests in this frame

Frame: https://acdn.adnxs-simple.com/strikeforce/script.js
Frame ID: 75312F3EADB7B4CEB5ACC3DB82EBE085
Requests: 9 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=9027&pub_id=1885960
Frame ID: F0BB88C478BB841BACDFE903CE6AFC3B
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16949156056848288779/728x90.html
Frame ID: 687A11439A65B460A02D73A1435C58E9
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 401398984BE2D48DA32DA16D17A4600A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Frame ID: 2EB050DD1CD4DCC3DB9B45E5D5996BED
Requests: 12 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3605&pub_id=2166378
Frame ID: 848C4479F28A44891BD98476873527E7
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: CD1356BCD9108BAA6F5478085C485B83
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/V6DtokwJh9Fgiqydg7O-dbjnh59Yi9_n4aBMW1s9fk8.js
Frame ID: EEC808EB483BEDEF19D68CF74DC40905
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D333A02A60415F57205CBBA3D42687A5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D0DFBF5A673E225A0518B8338736C396
Requests: 2 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 115BB807108863DD4CB0B0F05AD99ECF
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1658625585272
Frame ID: 0A7E95C185B7D02DF635BF07F03CCA64
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 042447B5F8E16B64336B9E521A26138B
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: C021D945033DF9ADD3C6D280A78E0895
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 3856DA13F89CDABB58340C9F19CC4B18
Requests: 10 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: A455C7C802EB0B0532C603CC87BC9C21
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/e2764d2fb838dc7fbb041d978d927e8
Frame ID: 56DD157F84B08236141FD7B81F101DAA
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/tvxKkEpvfTmBrlJmdO1S?pi=smilewanted&tc=1
Frame ID: 54F38C1E151B969BD60C6EECFB468B22
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=f5bed38c8d8c8a705adb55381c32580e
Frame ID: 6C2D87F2A7D9F0DD2771CD13CB4C3ADB
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: 3356ADB6D3D665F218C76EF82A36A8B8
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/smart/
Frame ID: 063185129EDB9F535CC9933AFCC839B5
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/improve/cf199b4a-6287-4677-9cf8-cbad7c04bbd8&partner_id=1010
Frame ID: 4646E2C81578F7B63FEB7BECAB2F78F9
Requests: 1 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Frame ID: B80F3B6968D83F3C198FB61F7A899316
Requests: 1 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: 8040FC331A0CB054FA61CE6C9ED41494
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Frame ID: 1D7E6CDA87B6E08948361767A9CA6704
Requests: 2 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YtyeNa9cwliSOL0y7s8kFQAA%265157
Frame ID: 69C3711A916A4F7E05F5CE13729C0994
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/spotx/b6735211-0aee-11ed-b3ea-156973b60206
Frame ID: 9F3289C3B7B2EC7E64CBECE717B1B0AF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Notícias Free Fire Brasil atualizadas !!!

Page URL History Show full URLs

http://freefirebrr.online/ HTTP 301
https://freefirebrr.online/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?slick-theme\.css
(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

225
Requests

91 %
HTTPS

35 %
IPv6

51
Domains

78
Subdomains

60
IPs

8
Countries

2186 kB
Transfer

5443 kB
Size

54
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://mysterythemes.com/
Title: Mystery Themes

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://freefirebrr.online/ HTTP 301
https://freefirebrr.online/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 70

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffreefirebrr.online%2F&domain=freefirebrr.online&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=Cb9JNHwzdi9FNnUvdTVYYTVEb1pCZG1EZVJXakN0cFdkR2I5K3FjL2tVYkhxUkFpMEhHSjlaTnVHK05RcnZ6Q2FUSzZFa1AwSEZuVHZqdVEvaEkzZ1NjdnJaa2RyRWdZM0J2MmcyQ1Z1bW1sdjRUTXg0VjhmemZZcXczcW9CWkMrU0Ztb3ZtZG5QRERXN1FETXA4NjY0VGhFUGNTektabTk5OW85cjdMVEJLZGhZQ2VKMkpQdHBMRkVnQ2lrQWlZZDNtY0U1VmY2ODMzQ0tXb0xyaU53UU5VTkdBMjhNNkVhaDlrWkd4T3c4V1FBbUtrPXw&cppv=2

Request Chain 76

https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=pageview&id_mid_4=1d33528d-f855-413c-4a65-653aee91ed25&reqId=f568d090-ac3c-4fd2-4b8d-587df6c9b3b6&zdid=1258 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fadnxs_uid%3D%24UID%26zpartnerid%3D2%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3D1d33528d-f855-413c-4a65-653aee91ed25%26reqId%3Df568d090-ac3c-4fd2-4b8d-587df6c9b3b6%26zdid%3D1258 HTTP 302
https://mwzeom.zeotap.com/mw?adnxs_uid=8116403588374953936&zpartnerid=2&env=mWeb&eventType=pageview&id_mid_4=1d33528d-f855-413c-4a65-653aee91ed25&reqId=f568d090-ac3c-4fd2-4b8d-587df6c9b3b6&zdid=1258

Request Chain 77

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=1d33528d-f855-413c-4a65-653aee91ed25&reqId=f568d090-ac3c-4fd2-4b8d-587df6c9b3b6&zdid=1258 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEJ-RKfdbS49Eyg4IcKqoyl8&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=1d33528d-f855-413c-4a65-653aee91ed25&reqId=f568d090-ac3c-4fd2-4b8d-587df6c9b3b6&zdid=1258

Request Chain 79

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=1d33528d-f855-413c-4a65-653aee91ed25&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3D1d33528d-f855-413c-4a65-653aee91ed25%26reqId%3Df568d090-ac3c-4fd2-4b8d-587df6c9b3b6%26zdid%3D1258 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=1d33528d-f855-413c-4a65-653aee91ed25&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3D1d33528d-f855-413c-4a65-653aee91ed25%26reqId%3Df568d090-ac3c-4fd2-4b8d-587df6c9b3b6%26zdid%3D1258 HTTP 302
https://mwzeom.zeotap.com/mw?cid=77240531179308488102004556006429375656&zpartnerid=314&env=mWeb&eventType=pageview&id_mid_4=1d33528d-f855-413c-4a65-653aee91ed25&reqId=f568d090-ac3c-4fd2-4b8d-587df6c9b3b6&zdid=1258

Request Chain 80

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=NLD&env=mWeb&eventType=pageview&id_mid_4=1d33528d-f855-413c-4a65-653aee91ed25&reqId=f568d090-ac3c-4fd2-4b8d-587df6c9b3b6&zdid=1258 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=NLD&zdid=1258&cid=MJVNGQ3ZcbEIHb1HObtaNWroZkhAnYaq%2BS41iYitP1U%3D

Request Chain 81

https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3D1d33528d-f855-413c-4a65-653aee91ed25%26reqId%3Df568d090-ac3c-4fd2-4b8d-587df6c9b3b6%26zdid%3D1258 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=pageview&id_mid_4=1d33528d-f855-413c-4a65-653aee91ed25&reqId=f568d090-ac3c-4fd2-4b8d-587df6c9b3b6&zdid=1258

Request Chain 121

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D1ed88359-15b1-46ac-a57c-e9695877b26b&gdpr=0 HTTP 302
https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=1ed88359-15b1-46ac-a57c-e9695877b26b&gdpr=0&cklb=1

Request Chain 122

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=1ed88359-15b1-46ac-a57c-e9695877b26b HTTP 302
https://s.cpx.to/ca.png?dsp=dbm&fid=1ed88359-15b1-46ac-a57c-e9695877b26b&google_gid=CAESENtPuKn6prtBwIynPtP6eIo&google_cver=1

Request Chain 124

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12763%26ref%3D%26url%3Dhttps%253A%252F%252Ffreefirebrr.online%252F%26hn_ver%3D40%26fid%3D1ed88359-15b1-46ac-a57c-e9695877b26b HTTP 302
https://s.cpx.to/an_fire?app_nexus_uid=8116403588374953936&pid=12763&ref=&url=https%3A%2F%2Ffreefirebrr.online%2F&hn_ver=40&fid=1ed88359-15b1-46ac-a57c-e9695877b26b

Request Chain 159

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 180

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 206

https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/freewheel/e2764d2fb838dc7fbb041d978d927e8

Request Chain 207

https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
https://creativecdn.com/cm-notify?pi=smilewanted&tc=1 HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/tvxKkEpvfTmBrlJmdO1S?pi=smilewanted&tc=1

Request Chain 208

https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=f5bed38c8d8c8a705adb55381c32580e

Request Chain 209

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=OSq9zBEiSaaVyeFdZV8WNw&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=OSq9zBEiSaaVyeFdZV8WNw

Request Chain 210

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Q5XfbWOaS0iwLEu0DDz70Q&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Q5XfbWOaS0iwLEu0DDz70Q

Request Chain 211

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L5YMUKSX-4-FQXG&sigv=1&esig=2~5d1e3cda90656396e62618c8664f71bc57563a3d

Request Chain 212

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEqzsU8CKw3n9ib_CLmp0D0&google_cver=1

Request Chain 213

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVZTVVLU1gtNC1GUVhH

Request Chain 214

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzMyOTdhZjY0MDRiYjdjZDE2ZWMzMTliMWI4OWY4NmViOGI3YzA5OA

Request Chain 215

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L5YMUKSX-4-FQXG

Request Chain 216

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/nLSK11Iu-NExjBA_6Rvvfg?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=518629457358729381

Request Chain 218

https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/smart/

Request Chain 219

https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010 HTTP 302
https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010 HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/improve/cf199b4a-6287-4677-9cf8-cbad7c04bbd8&partner_id=1010

Request Chain 223

https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/ HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Findexexchange%2F&s=193216&C=1 HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YtyeNa9cwliSOL0y7s8kFQAA%265157

Request Chain 224

https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID&__user_check__=1&sync_id=b6735260-0aee-11ed-b3ea-156973b60206 HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/spotx/b6735211-0aee-11ed-b3ea-156973b60206

225 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
freefirebrr.online/
Redirect Chain

http://freefirebrr.online/
https://freefirebrr.online/

65 KB
13 KB

373ms
317ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freefirebrr.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b8a15c8dbcc2b6f28bdb7ee4f2ea188329db594f56ba89bab81894a2878418c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 72f8d44cc947b873-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 24 Jul 2022 01:19:44 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 19 Nov 1981 08:52:00 GMT
link: <http://freefirebrr.online/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mDfQSBeDa4OFyhjeDWtOck5pjPkUTMuOzvn1sqrxwMPYEjawTL8bcXmzf6VrxxVLY7X1WjkWZWtNrIvHINIF0kunS8eUoogRZYMCtNdnBsK4C2YHbdNdagtXP%2By1EyRBdsTfRhfTmmtRh6wlChev%2FgE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

CF-RAY: 72f8d44c2e6c012e-AMS
Cache-Control: max-age=3600
Connection: keep-alive
Date: Sun, 24 Jul 2022 01:19:44 GMT
Expires: Sun, 24 Jul 2022 02:19:44 GMT
Location: https://freefirebrr.online/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YyT5X7PoF%2BpMbuvZe%2FAVN%2BEoggjwq7RGuE9o45xieYCSvQVnozv%2FWRUWeenla0PyZDTGlYhOzCcd0ojIMrk5wTsg3H4sHG5tWpmeEXsOv7pM6ehw7tBiZzXxawtVWm%2ByhI7bfnH18Bz2wLZ9hpfLbUI%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 165 KB
56 KB 149ms
57ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3017618482282886

Requested by

Host: freefirebrr.online
URL: https://freefirebrr.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c5b46d906c5852a2dca2c903e2f23ef5182a348c63539ee0cdd12a58b7cfa20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freefirebrr.online/
Origin: https://freefirebrr.online
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:19:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56675
x-xss-protection: 0
server: cafe
etag: 17351287926039176153
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 24 Jul 2022 01:19:44 GMT

GET
H2 200 style.min.css
freefirebrr.online/wp-includes/css/dist/block-library/ 87 KB
12 KB 82ms
66ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freefirebrr.online/wp-includes/css/dist/block-library/style.min.css?ver=6.0.1

Requested by

Host: freefirebrr.online
URL: https://freefirebrr.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 18 Jul 2022 14:43:25 GMT
server: cloudflare
etag: W/"62d5718d-15b64"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yQK3xQVs%2FtBxwrEiBSXCKUCw0ymLcnJU%2FLKT51I%2F7%2FEdfrKEhhQ5i5ASbpxMufdTcieaVHC%2FrPMa%2B%2F7JrcHzgong9SJv4fQ5HSf%2BGaWWJz3fCHASYXWpRnqLGdlBor46ylsRuK1jmxLB%2BruvM0yr7wk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 72f8d44efa69b873-AMS
expires: Tue, 23 Aug 2022 01:19:44 GMT

GET
H2 200 build.css
freefirebrr.online/wp-content/plugins/wp-blog-post-layouts/includes/assets/css/ 10 KB
2 KB 74ms
59ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freefirebrr.online/wp-content/plugins/wp-blog-post-layouts/includes/assets/css/build.css?ver=1.1.1

Requested by

Host: freefirebrr.online
URL: https://freefirebrr.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb074470335c51ce340226d0cd210450874e73fe2ab2ea1577f97cda61018742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Jun 2022 14:43:08 GMT
server: cloudflare
etag: W/"62b9c1fc-28b1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=akhmEUveEEUuSMQcm%2FylDT1XZGMGoYQ946a%2Fc6hzsyVWGFqhoTgKYl%2Ff8z9BrgRrDJNycMnSEkXx1pYbeb%2BJSJ%2BjvmgTzXwWk0b68zyKMRqCwLp%2FdzzopN7Z9uIktM%2FPYbNdoswZBQfZXFFSk2FT66Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 72f8d44efa6cb873-AMS
expires: Tue, 23 Aug 2022 01:19:44 GMT

GET
H2 200 css
fonts.googleapis.com/ 60 KB
3 KB 129ms
42ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C100%2C300%2C400%2C500%2C700%2C900%7CYanone+Kaffeesatz%3A200%2C300%2C400%2C500%2C600%2C700%7COpen+Sans%3A300%2C400%2C600%2C700%2C800%7CRoboto+Slab%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CPoppins%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&subset=latin%2Clatin-ext

Requested by

Host: freefirebrr.online
URL: https://freefirebrr.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1a1e3f7ccd4e21ad5a3d91c433f6f185a1f6d4ac72080611a1acb1f15ed904a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 24 Jul 2022 01:04:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 24 Jul 2022 01:19:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Jul 2022 01:19:44 GMT

GET
H2 200 all.min.css
freefirebrr.online/wp-content/plugins/wp-blog-post-layouts/includes/assets/fontawesome/css/ 56 KB
13 KB 77ms
63ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freefirebrr.online/wp-content/plugins/wp-blog-post-layouts/includes/assets/fontawesome/css/all.min.css?ver=5.12.1

Requested by

Host: freefirebrr.online
URL: https://freefirebrr.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a680b90260b5106d79f4075491ab31daafa7429eff686453c40b58357309649

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Jun 2022 14:43:08 GMT
server: cloudflare
etag: W/"62b9c1fc-dff5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U6KjiGN9xxlkQvChCW03LARTHh%2B3uNwBDYdbOPOd2ReT%2B8Gy7czIWO1J173ScTs2Uob1TjfjOuEeLAOmG2DgljN94dh5eID%2FIU5jLiMT2C9fZG28C7AS2fdbb0FYbSiErhVCkV%2B9yDcnw7Cnc6LFWXE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 72f8d44efa6db873-AMS
expires: Tue, 23 Aug 2022 01:19:44 GMT

GET
H2 200 build.css
freefirebrr.online/wp-content/plugins/wp-magazine-modules-lite/includes/assets/css/ 42 KB
6 KB 75ms
63ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freefirebrr.online/wp-content/plugins/wp-magazine-modules-lite/includes/assets/css/build.css?ver=1.0.8

Requested by

Host: freefirebrr.online
URL: https://freefirebrr.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

817dcbe2aa92a904d48ef231f3391ae34c65427c74cfd4678fafcfb63608ee54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Jun 2022 14:43:14 GMT
server: cloudflare
etag: W/"62b9c202-a880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CqQ2s0sboG9c%2F7G%2BHGvXkLA%2Be9H22IIRciqW%2FBOHTHhz1%2ByFKTqXqoXWHUGUJjm4s08DatkONhyycXxgTnAJfDscCXQyE6C6x3GPHmlyR1mIB37oiI%2FU36Dx%2BQ7%2FQZhb9wwl2i%2FihN6H4DOi2ZzPXZw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 72f8d44efa6eb873-AMS
expires: Tue, 23 Aug 2022 01:19:44 GMT

GET
H2 200 slick.css
freefirebrr.online/wp-content/plugins/wp-magazine-modules-lite/includes/assets/library/slick-slider/css/ 2 KB
873 B 69ms
57ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freefirebrr.online/wp-content/plugins/wp-magazine-modules-lite/includes/assets/library/slick-slider/css/slick.css?ver=1.8.0

Requested by

Host: freefirebrr.online
URL: https://freefirebrr.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0b722c48c52082cd77261574e22a5251fe37ea4b291b1441134145bab9b2063

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Jun 2022 14:43:14 GMT
server: cloudflare
etag: W/"62b9c202-767"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XNoRf7TtA9t5MN9e5CZ3%2BLiIfZv9nTUA%2F0JzfmYXq55WNa70yigf%2FCK9x7jaudPkOQUUWiVEXyTO4rcW7B%2B8YGRppY%2F4ZUl4Rhdag8k9OvmXtWiB6C%2BemFw8e4lSGLBNtE2B8zmOErWfnq7b5bhDEEY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 72f8d44efa6fb873-AMS
expires: Tue, 23 Aug 2022 01:19:44 GMT

GET
H2 200 slick-theme.css
freefirebrr.online/wp-content/plugins/wp-magazine-modules-lite/includes/assets/library/slick-slider/css/ 3 KB
1 KB 68ms
58ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freefirebrr.online/wp-content/plugins/wp-magazine-modules-lite/includes/assets/library/slick-slider/css/slick-theme.css?ver=1.8.0

Requested by

Host: freefirebrr.online
URL: https://freefirebrr.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fdd9cbba3bf008781e612f203bbe8674b395685abc0691fcc03a571aeb140d29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Jun 2022 14:43:14 GMT
server: cloudflare
etag: W/"62b9c202-d13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3dGByT%2FUS00jbUC5kwp1l%2FdX%2BMlbvaRSJLuOFXWnT%2FDINgJwCis4obOAkdWyj8GKXNyQiWMzLISI%2Bl9Q%2BoEduCbQSy1wzJ05fos4YL3wlO0JSW4pOPSp79OwIISK2jMxxdFfE%2FrW4pLyo2J0dNTNnUo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 72f8d44efa70b873-AMS
expires: Tue, 23 Aug 2022 01:19:44 GMT

GET
H2 200 css
fonts.googleapis.com/ 26 KB
1 KB 125ms
43ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed%3A300italic%2C400italic%2C700italic%2C400%2C300%2C700%7CRoboto%3A300%2C400%2C400i%2C500%2C700%7CTitillium+Web%3A400%2C600%2C700%2C300&subset=latin%2Clatin-ext

Requested by

Host: freefirebrr.online
URL: https://freefirebrr.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7854b91ba90be95df0d270b1d84aaf2fb2bd73bdfb27df6d65c7ae1fc57e5a90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 24 Jul 2022 00:43:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 24 Jul 2022 01:19:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Jul 2022 01:19:44 GMT

GET
H2 200 font-awesome.min.css
freefirebrr.online/wp-content/themes/news-portal/assets/library/font-awesome/css/ 30 KB
7 KB 68ms
59ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freefirebrr.online/wp-content/themes/news-portal/assets/library/font-awesome/css/font-awesome.min.css?ver=4.7.0

Requested by

Host: freefirebrr.online
URL: https://freefirebrr.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Jun 2022 14:42:06 GMT
server: cloudflare
etag: W/"62b9c1be-791c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dy5ewPEQiOY%2B9hY%2B0Xr3EJJOCGehuCv7yJGYM5LhxO86NU520yf7CwASy4Mpn614vsrFqjRRbd3k2QnflGgjTWre8OLRsjg6RCnk4uJp8kMQj22xXVKddn6q8jtjrCfm0Nq38Zo1ql08fAHsL19jfMg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 72f8d44efa71b873-AMS
expires: Tue, 23 Aug 2022 01:19:44 GMT

GET
H2 200 lightslider.min.css
freefirebrr.online/wp-content/themes/news-portal/assets/library/lightslider/css/ 5 KB
2 KB 65ms
57ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freefirebrr.online/wp-content/themes/news-portal/assets/library/lightslider/css/lightslider.min.css?ver=1.1.6

Requested by

Host: freefirebrr.online
URL: https://freefirebrr.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cf0d589127ea8b98dac129f74506b8a199d7b613cab0cf586ae95ee69428a4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Jun 2022 14:42:06 GMT
server: cloudflare
etag: W/"62b9c1be-15a0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jywy0fV4QtPk07iTxR7wPzD5EBjinHcPbxH4hjMhkE9y4zL3VJcU3f37iSMLMsnrLU4GwvUDHZwlhUNUE7smzV%2BJC6l2Q1LvJlS1YNPTJkfLYMrf2J9DGAKYheOnFfIuxrFl0OCnHvBu3koKsBSCEK4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 72f8d44efa72b873-AMS
expires: Tue, 23 Aug 2022 01:19:44 GMT

GET
H2 200 style.css
freefirebrr.online/wp-content/themes/news-portal/ 61 KB
12 KB 70ms
62ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freefirebrr.online/wp-content/themes/news-portal/style.css?ver=1.3.1

Requested by

Host: freefirebrr.online
URL: https://freefirebrr.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6157091b5d9a3b227b6f7fdc7f3efd9d5e3837ea3847669cbf4140d12c1a715b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Jun 2022 14:42:06 GMT
server: cloudflare
etag: W/"62b9c1be-f290"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jGRTn0ADtZLC6L2XemQoAT9Mll5le1jlLv5Yko22BT5FIGCkifzye6o1A5rlv0fmoT5qfL9oJ6xrN5v22fhcOi7RWjkrycFTyoeM8zfbTHYkA2QivdM%2BhuQzNv%2FTPYwmhgHIOYqnYhBEowR1ulnLlZk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 72f8d44efa73b873-AMS
expires: Tue, 23 Aug 2022 01:19:44 GMT

GET
H2 200 np-responsive.css
freefirebrr.online/wp-content/themes/news-portal/assets/css/ 9 KB
2 KB 66ms
60ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freefirebrr.online/wp-content/themes/news-portal/assets/css/np-responsive.css?ver=1.3.1

Requested by

Host: freefirebrr.online
URL: https://freefirebrr.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf6aaa53ea17568c5f17a3b7bfe041de14b65821fff0c5e0a3f01372f9ebe4ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Jun 2022 14:42:06 GMT
server: cloudflare
etag: W/"62b9c1be-2462"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=15oyjHrB1ZrHxaJru3x4ls0s111Iyf6fY7S9hDrtfdfWXClOUsusaVkv2CHPUwM%2F7ZVZUcOrGsi2xXyz0UaviSymwTGBWWAadE8rh1Tmd2E0AhoomquWuKMB841GSxkKm4%2B7PMXDFuGE8NxoaUcjLOI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 72f8d44efa74b873-AMS
expires: Tue, 23 Aug 2022 01:19:44 GMT

GET
H2 200 jquery.min.js Show response
freefirebrr.online/wp-includes/js/jquery/ 87 KB
32 KB 105ms
99ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freefirebrr.online/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Requested by

Host: freefirebrr.online
URL: https://freefirebrr.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Jun 2022 14:11:52 GMT
server: cloudflare
etag: W/"62b9baa8-15db1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4HlqrJ1uB6bUdnq50oYhlCaSPI3mC%2BqmWLD%2FaflAMR8mt6%2BrhPuYVF90TbtIVPn9UBtruJ5fStzOZeWC22yPNT7T3LG4npWUs723Jtaq41zVRu79KHQLQ7o6%2BgYwOxKlZHzjw889WPNGxF6FSFEWczE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 72f8d44f1a8cb873-AMS
expires: Tue, 23 Aug 2022 01:19:44 GMT

GET
H2 200 jquery-migrate.min.js Show response
freefirebrr.online/wp-includes/js/jquery/ 11 KB
5 KB 87ms
82ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freefirebrr.online/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Host: freefirebrr.online
URL: https://freefirebrr.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Jun 2022 14:11:51 GMT
server: cloudflare
etag: W/"62b9baa7-2bd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HBvKWCtlEWa51MvwSBiAyOk%2B8yIff76iT0s0cKmSIkAtEDyJHV8G3dwc2yWIE0gxHX9NJSLRTXQyJZuGCPDN%2BFnB3TCd7474In18ACuwuR2ZQNfYu6F9t%2Bc%2BO3qc6Aq2LuRR2BC7d%2BOp%2BEKmG%2BISOqE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 72f8d44f1a8eb873-AMS
expires: Tue, 23 Aug 2022 01:19:44 GMT

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 5 KB
2 KB 149ms
31ms Script
text/html 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=31
Requested by: Host: freefirebrr.online
URL: https://freefirebrr.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 292e660b3ce419eb2e8dfc48e1765ea7a095d09160ad3ab7a7aaa4f164d91cf8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-77-nzt: AcO1rgXqIpP/JCsBAA
x-accel-expires: @1658635404
date: Sun, 24 Jul 2022 01:19:44 GMT
content-encoding: br
server: CDN77-Turbo
x-77-nzt-ray: F3q6Uslt75U
x-77-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: public, max-age=86400
x-cache: HIT
x-age: 76580
x-77-pop: frankfurtDE

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 152 KB
15 KB 273ms
156ms Script
text/html 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=96482&formatId=31
Requested by: Host: freefirebrr.online
URL: https://freefirebrr.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5823ad379ac31bec94820bf2337edad22ed3b2432cc09b2d3a7864dbe0334f38

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-77-nzt: AcO1rgVrRKzLcZYBAA
x-accel-expires: @1658711984
date: Sun, 24 Jul 2022 01:19:44 GMT
content-encoding: br
server: CDN77-Turbo
x-77-nzt-ray: 5j7mmzs6cG4
x-77-cache: MISS
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
x-cache: EXPIRED
x-age: 104049
x-77-pop: frankfurtDE

GET
H2 200 mito-ff-loud.jpeg
s2.glbimg.com/FYS011FOTNTmVyoFEHBNxtokJ8A=/0x0:3277x4096/984x0/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_bc8228b6673f488aa253bbcb03c80ec5/internal_photos/bs/2022/e/2/lmkZh1TLeRnrJg2TS6MA/ 132 KB
132 KB 1297ms
246ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/FYS011FOTNTmVyoFEHBNxtokJ8A=/0x0:3277x4096/984x0/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_bc8228b6673f488aa253bbcb03c80ec5/internal_photos/bs/2022/e/2/lmkZh1TLeRnrJg2TS6MA/mito-ff-loud.jpeg
Requested by: Host: freefirebrr.online
URL: https://freefirebrr.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: f7e89e4afc331fc93c66cd84374ac594e0dba7a871eb21494ff1dde9ba1293fa

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:19:45 GMT
via: 2.0 CachOS
x-bip: 462822297 asra01mp11lx04ca12.globoi.com
age: 15205
etag: "5a5ed0fb21d4d4d0c0836087509263b2cb255eca"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000,public
accept-ranges: bytes
x-thanos: 0AB0D076
access-control-allow-headers: Content-Type
content-length: 134826
x-request-id: 96e5f0b4-1b49-4b8d-8bf0-645c9b2c1564
expires: Mon, 22 Aug 2022 20:32:50 GMT

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 5 KB
2 KB 35ms
31ms Script
text/html 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=28
Requested by: Host: freefirebrr.online
URL: https://freefirebrr.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 292e660b3ce419eb2e8dfc48e1765ea7a095d09160ad3ab7a7aaa4f164d91cf8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-77-nzt: AcO1rgWNLUv/JCsBAA
x-accel-expires: @1658635404
date: Sun, 24 Jul 2022 01:19:44 GMT
content-encoding: br
server: CDN77-Turbo
x-77-nzt-ray: LvfB6w0eokA
x-77-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
x-cache: HIT
x-age: 76580
x-77-pop: frankfurtDE

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 152 KB
16 KB 142ms
137ms Script
text/html 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=96482&formatId=28
Requested by: Host: freefirebrr.online
URL: https://freefirebrr.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 51aa3bd58a097a9428304f72705e1c77721b19ca3d69eec0e75a59203bcd421d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-77-nzt: AcO1rgU/GzLLeUMCAA
x-accel-expires: @1658711984
date: Sun, 24 Jul 2022 01:19:44 GMT
content-encoding: br
server: CDN77-Turbo
x-77-nzt-ray: IN17GoC8sPI
x-77-cache: MISS
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
x-cache: EXPIRED
x-age: 148345
x-77-pop: frankfurtDE

GET
H3 200 imagesloaded.min.js Show response
freefirebrr.online/wp-includes/js/ 5 KB
2 KB 94ms
91ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freefirebrr.online/wp-includes/js/imagesloaded.min.js?ver=4.1.4

Requested by

Host: freefirebrr.online
URL: https://freefirebrr.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Jun 2022 14:11:51 GMT
server: cloudflare
etag: W/"62b9baa7-15fd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F1Qw5bweBesnyd0clinPvRtMZ8Z3EkcNEYmVZfbaC08QE%2FMrirM4K9UWBu%2FQafMkhGD6bxGDdzaTZDbRgAy8i%2BCvVbBH1RMAgQX2jlZDOmBe3%2FsOqfrgVKEK%2FxcUC21qCAIQKPNr0yAoH4ySvICQXlk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 72f8d44fcb3ab70a-AMS
expires: Tue, 23 Aug 2022 01:19:44 GMT

GET
H3 200 masonry.min.js Show response
freefirebrr.online/wp-includes/js/ 24 KB
8 KB 94ms
91ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freefirebrr.online/wp-includes/js/masonry.min.js?ver=4.2.2

Requested by

Host: freefirebrr.online
URL: https://freefirebrr.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Jun 2022 14:11:52 GMT
server: cloudflare
etag: W/"62b9baa8-5e4a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cYe5RR64y5Emh%2F5KAeJ6yXMpJ95hqgqlp49oAttx8sTeSauKOyPLvWmCtnG4xHTCWuwBFloGs55aNFEsd%2B4vTAXuNEdRaykC9Hvu%2BoKpSNyC7uvQK9Ov1VngU6Em1xDx53I%2Bx3NSw2Y1NA21xT4tPbE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 72f8d44fcb3bb70a-AMS
expires: Tue, 23 Aug 2022 01:19:44 GMT

GET
H3 200 frontend.js Show response
freefirebrr.online/wp-content/plugins/wp-blog-post-layouts/includes/assets/js/ 786 B
910 B 67ms
64ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freefirebrr.online/wp-content/plugins/wp-blog-post-layouts/includes/assets/js/frontend.js?ver=1.1.1

Requested by

Host: freefirebrr.online
URL: https://freefirebrr.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb861e3c0220c94296bbdeb8deb876054e90e7d60dd27b7b8eb04be54d94b5d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Jun 2022 14:43:08 GMT
server: cloudflare
etag: W/"62b9c1fc-312"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9zior8o%2BMFUfxmi5S5AxaZ%2F0aXH9mkZrawAwUaDE%2Bvo3LenXmUkab0B%2BSprXnmOLsSdEilcOokLlQPoQTYAA4vtaW25OM0h0VH8jWhS4q7z5ToT7G000XJkmUDhJK5Kv3FQXGdqVz2A%2Fp4xnBI6fU%2Fw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 72f8d44fcb3cb70a-AMS
expires: Tue, 23 Aug 2022 01:19:44 GMT

GET
H3 200 frontend.js Show response
freefirebrr.online/wp-content/plugins/wp-magazine-modules-lite/includes/assets/js/ 7 KB
2 KB 67ms
64ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freefirebrr.online/wp-content/plugins/wp-magazine-modules-lite/includes/assets/js/frontend.js?ver=1.0.8

Requested by

Host: freefirebrr.online
URL: https://freefirebrr.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04a8bde8aeb87047442e029f58cfefa6d7361144fa414fde3b4a92a0b092abb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Jun 2022 14:43:14 GMT
server: cloudflare
etag: W/"62b9c202-1c9a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hAGw5G%2Bhyq%2BiDgsnvaplfZCqLFJ9P31G%2BJxSMSC4ZOJF6vhtD7spbu9jEEmvpAML2KxVMSvm34%2FxrPTUy7El%2BjB2O0QdzfEcQN1MLpAeve2P2kTfRDghosaQiaQrDU25Iny32kI1VzqE8GkR26MOpTk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 72f8d44fcb3db70a-AMS
expires: Tue, 23 Aug 2022 01:19:44 GMT

GET
H3 200 slick.min.js Show response
freefirebrr.online/wp-content/plugins/wp-magazine-modules-lite/includes/assets/library/slick-slider/js/ 42 KB
11 KB 89ms
86ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freefirebrr.online/wp-content/plugins/wp-magazine-modules-lite/includes/assets/library/slick-slider/js/slick.min.js?ver=1.8.0

Requested by

Host: freefirebrr.online
URL: https://freefirebrr.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1a52c0a06fa9f65e015b02e7ec463fd621211a9d2ae44b6660597900e927fbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Jun 2022 14:43:14 GMT
server: cloudflare
etag: W/"62b9c202-a770"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fGGIROrp6d%2FsVqaK6Fux1b3r17jcRQ3oCKULiPyuByUAxfOSqmalLMap7%2FI4%2BbyWXR3gaxi5ttzxxZYKn6NZkvw8xyaK8TNKJJih%2BLWko5siohShRqU7Z9fkdmln%2Br1G580yDHg26SazV9Fnv25fiIM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 72f8d44fcb3eb70a-AMS
expires: Tue, 23 Aug 2022 01:19:44 GMT

GET
H3 200 jquery.marquee.min.js Show response
freefirebrr.online/wp-content/plugins/wp-magazine-modules-lite/includes/assets/library/jQuery.Marquee/ 9 KB
3 KB 90ms
86ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freefirebrr.online/wp-content/plugins/wp-magazine-modules-lite/includes/assets/library/jQuery.Marquee/jquery.marquee.min.js?ver=1.0.0

Requested by

Host: freefirebrr.online
URL: https://freefirebrr.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7ec795d6ca0df8d0083c41b1a57aed9a3500897442639a0c24999a749eed08a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Jun 2022 14:43:14 GMT
server: cloudflare
etag: W/"62b9c202-2383"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NKFaI9wfef75NuMSe41GVnUDnh2J%2FOxUv7y5kaAVK6C8eU8QY5j4rO1iEGNbP6u5iwzpd4L7LkVPvBWZvzkiytia3n60lTXkRxtlJvjwR6Akhj%2FWWED2fhKMSSaWvzA%2FcMxZtncC9USlovC65RzNx2A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 72f8d44fcb3fb70a-AMS
expires: Tue, 23 Aug 2022 01:19:44 GMT

GET
H3 200 navigation.js Show response
freefirebrr.online/wp-content/themes/news-portal/assets/js/ 3 KB
2 KB 90ms
87ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freefirebrr.online/wp-content/themes/news-portal/assets/js/navigation.js?ver=1.3.1

Requested by

Host: freefirebrr.online
URL: https://freefirebrr.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8f76f98505a3d8a161055f180c9f0302ffe29f66037aff8f1c3f600d17b5bb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Jun 2022 14:42:06 GMT
server: cloudflare
etag: W/"62b9c1be-c0d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eMfmD4J1rE97rpY94SWy4eJcXnA2YH2B4rXB%2Fz6qYRxOCQKo6%2FaRdwdA5UCzmKiyu7eGKqFd1A4xp4MCES7i%2BvGRYd%2F%2BOx2CrNxkblNEIZRq3VzAS3fwfd5N1INlodEcuw4LDUB%2BAysXEsXFv2U%2BTuI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 72f8d44fcb40b70a-AMS
expires: Tue, 23 Aug 2022 01:19:44 GMT

GET
H3 200 jquery.sticky.js Show response
freefirebrr.online/wp-content/themes/news-portal/assets/library/sticky/ 7 KB
3 KB 63ms
60ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freefirebrr.online/wp-content/themes/news-portal/assets/library/sticky/jquery.sticky.js?ver=20150416

Requested by

Host: freefirebrr.online
URL: https://freefirebrr.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43a24608e742c8adc12bc142cdbe6c8838100b1b507e954ab9965c8059896cf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Jun 2022 14:42:06 GMT
server: cloudflare
etag: W/"62b9c1be-1cdd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t48CyYfhPshGDQbh%2FvHA8744quL41dHByhRihR%2B5Ea6%2FFvGyxC323Dctnjok%2BH1MO5lG4zGHRBFXTaQazzffrUWB1Y65NsttgYYmzDtaIGSBLY6jVFPn63rz%2FPsmPUJ1mevclJrjA1ffPFIp6E1kwuY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 72f8d44fcb41b70a-AMS
expires: Tue, 23 Aug 2022 01:19:44 GMT

GET
H3 200 skip-link-focus-fix.js Show response
freefirebrr.online/wp-content/themes/news-portal/assets/js/ 714 B
986 B 62ms
59ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freefirebrr.online/wp-content/themes/news-portal/assets/js/skip-link-focus-fix.js?ver=1.3.1

Requested by

Host: freefirebrr.online
URL: https://freefirebrr.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee30de0a826081966aa58bd563d92e80a28a2af7415ad440889ddc1c0a3b5ef5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Jun 2022 14:42:06 GMT
server: cloudflare
etag: W/"62b9c1be-2ca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0MKNIcIkv0tB1ntHyLla6DMcr0u7MmHRHJKxBpX2eUKIg%2BjDb0GgzqcAwE0xH0E6MzJAf2o2CTai2%2FH983HBNSMrs5Met5se8ydNFa9K5HRoMKmGHdpVO5CleD5sjze82GiyWIH0mQM8J2PNu2%2BtyNE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 72f8d44fcb43b70a-AMS
expires: Tue, 23 Aug 2022 01:19:44 GMT

GET
H3 200 lightslider.min.js Show response
freefirebrr.online/wp-content/themes/news-portal/assets/library/lightslider/js/ 16 KB
6 KB 68ms
65ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freefirebrr.online/wp-content/themes/news-portal/assets/library/lightslider/js/lightslider.min.js?ver=1.1.6

Requested by

Host: freefirebrr.online
URL: https://freefirebrr.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f86fbe6f9cda69add588670bf8a9781f83e7ed2fe7b1b07c4172fa6eb080bc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Jun 2022 14:42:06 GMT
server: cloudflare
etag: W/"62b9c1be-3e9a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ceGsah2NhujxuYKGehSGcwcfj%2FsfD1fJAb3yxjfEBu%2BGRmIvDrN1DhkCwlQfV2E%2FzfFF3ksEOLvkou6WV6P1Q%2B9xce2AuHXEKFqHFZcWsnvZupacDGFn%2FaFypKFSpnV9zy8DV8znbEzfEcT47bO3a6Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 72f8d44fcb45b70a-AMS
expires: Tue, 23 Aug 2022 01:19:44 GMT

GET
H3 200 core.min.js Show response
freefirebrr.online/wp-includes/js/jquery/ui/ 20 KB
7 KB 115ms
112ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freefirebrr.online/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1

Requested by

Host: freefirebrr.online
URL: https://freefirebrr.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

240b702419d6c39ecc4896f0132ccfc9bc517e9aef0c782d99580e0c678b47d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Jun 2022 14:11:51 GMT
server: cloudflare
etag: W/"62b9baa7-50eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uFOQ1XKser5edemZzW0svKDwZBz0DGIgZAx4Y1sUXCAw%2BYEppvBBrGQzg6hVIsfLuX2Znb0uSZW0qEb6AUeU4sLHLNsv1kSRnSPxIWQWr7atMsXctPpAZ4ao4Y474GPJZsROWkZvj37gEAQQ0qIJ%2BQA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 72f8d44fcb46b70a-AMS
expires: Tue, 23 Aug 2022 01:19:44 GMT

GET
H3 200 tabs.min.js Show response
freefirebrr.online/wp-includes/js/jquery/ui/ 12 KB
5 KB 115ms
112ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freefirebrr.online/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.1

Requested by

Host: freefirebrr.online
URL: https://freefirebrr.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34934dc0d2652647955344d4d53218860096f14217c81c1eb5b02e54526835b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Jun 2022 14:11:52 GMT
server: cloudflare
etag: W/"62b9baa8-2ea1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O6w5WiGA2uO3cxx8PbwvGPLyAl%2FW1nrVq5KW4oHxVoIi9BvyVJhV4Bj1GlAvsNpFadxYixl7wfKlPFlbGYlp46Lmr8vHOfa2Osg520fwRAiZymUfif1ML0ZPk8wWsRXzot0FkZfFCpMxrI%2Bb%2FFEHbMY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 72f8d44fcb49b70a-AMS
expires: Tue, 23 Aug 2022 01:19:44 GMT

GET
H3 200 theia-sticky-sidebar.min.js Show response
freefirebrr.online/wp-content/themes/news-portal/assets/library/sticky/ 5 KB
2 KB 118ms
115ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freefirebrr.online/wp-content/themes/news-portal/assets/library/sticky/theia-sticky-sidebar.min.js?ver=1.7.0

Requested by

Host: freefirebrr.online
URL: https://freefirebrr.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb242b5f299cd08ee579ad1b46e13cb235bb595dd10b03fab7dfadfc61103be6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Jun 2022 14:42:06 GMT
server: cloudflare
etag: W/"62b9c1be-1537"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aezbaILHFemrBudghRgAuR%2F1TS9WAXVc1pFTqdwgt%2B7kTmSwXdQuyszp8RjGdaBhQb6AA5DXSebWsYZrhYuhGUkf8wvH%2Fu9hdBvTjbni5gPs1beWpz6v0bMyJxzf5ZCOHdgkDMlWREz4BHuZ6vvSKj0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 72f8d44fcb4ab70a-AMS
expires: Tue, 23 Aug 2022 01:19:44 GMT

GET
H3 200 np-custom-scripts.js Show response
freefirebrr.online/wp-content/themes/news-portal/assets/js/ 7 KB
2 KB 118ms
116ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freefirebrr.online/wp-content/themes/news-portal/assets/js/np-custom-scripts.js?ver=1.3.1

Requested by

Host: freefirebrr.online
URL: https://freefirebrr.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

633c4d068a2439e7892410fade3e249dc130ff7b7147830640e350044fd5e3b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Jun 2022 14:42:06 GMT
server: cloudflare
etag: W/"62b9c1be-1c4e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lHW89PnYB%2BUrPICcWG%2Fa9Hl7i1L0vxFerA4JQiwj0HP9BDxACbym5w0CRBkWe5n%2FJalqEoenPDdaVNUNt2W45eFrNXNkdGC1erYn3fN%2FgJmaymvWdRhWLEG5yFmYXl%2B43EJiQ0yxZ1IatyEDtso2AUc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 72f8d44fcb4eb70a-AMS
expires: Tue, 23 Aug 2022 01:19:44 GMT

GET
H3 200 image.js Show response
freefirebrr.online/wp-content/plugins/featured-image-from-url/includes/html/js/ 4 KB
2 KB 118ms
116ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freefirebrr.online/wp-content/plugins/featured-image-from-url/includes/html/js/image.js?ver=4.0.3

Requested by

Host: freefirebrr.online
URL: https://freefirebrr.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0891804a56327bacae315d5e5281bee36c729cabfe22697a28083eeb39eb8608

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 21 Jul 2022 15:20:24 GMT
server: cloudflare
etag: W/"62d96eb8-ef2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K%2Ffca5ncxFCaO%2F0nTYrmoxnleTLaC6LwnIGIJx1xNqKHVGpbqsrRiti4S%2BH9Ns5i2dwf6paaHD6F%2BXtPEe8WBDo8Uxy%2F664N31v7oYZBqEiqivBjEo%2B3IHrLe8x%2BVHhaHk5AcAaPgPX4z%2FEdrb3hAF0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 72f8d44fcb50b70a-AMS
expires: Tue, 23 Aug 2022 01:19:44 GMT

GET wp-emoji-release.min.js
freefirebrr.online/wp-includes/js/ 0
0

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 118ms
45ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C100%2C300%2C400%2C500%2C700%2C900%7CYanone+Kaffeesatz%3A200%2C300%2C400%2C500%2C600%2C700%7COpen+Sans%3A300%2C400%2C600%2C700%2C800%7CRoboto+Slab%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CPoppins%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://freefirebrr.online
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 19:07:55 GMT
x-content-type-options: nosniff
age: 454309
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 19:07:55 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 108ms
35ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://freefirebrr.online
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 462892
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 16:44:52 GMT

GET
H2 200 moneybile.js Show response
ads.themoneytizer.com/ 38 KB
16 KB 46ms
46ms Script
application/javascript 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybile.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=31
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-77-nzt: AcO1rgXybYr/pXwCAA
pragma: public
date: Sun, 24 Jul 2022 01:19:44 GMT
content-encoding: br
etag: W/"604b9fc7-981e"
last-modified: Fri, 12 Mar 2021 17:07:19 GMT
server: CDN77-Turbo
x-77-nzt-ray: WUnNWWW/CDw
x-77-cache: HIT
content-type: application/javascript
x-cache: HIT
x-age: 162981
x-77-pop: frankfurtDE
x-accel-expires: @1659499403

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/ 338 KB
119 KB 134ms
63ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3017618482282886&plah=freefirebrr.online

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3017618482282886

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0853ff5bcf167a9ed8a3067f501bb85a3eefb651b21ee9fa6e1f27004263aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:19:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121831
x-xss-protection: 0
server: cafe
etag: 6912712522833117157
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 24 Jul 2022 01:19:44 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220721/r20190131/ Frame 72B4 10 KB
5 KB 108ms
32ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220721/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3017618482282886

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freefirebrr.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 34632
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Jul 2022 15:42:32 GMT
etag: 8616628553774171045
expires: Sat, 06 Aug 2022 15:42:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
282 B 193ms
43ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=96482&f=31&fi=99
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=96482&formatId=31
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 24 Jul 2022 01:19:44 GMT
Server: nginx
X-IPLB-Request-ID: 1FCC9672:8534_36264064:01BB_62DC9E30_1A82AF78:2F1DF
X-IPLB-Instance: 24858
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
geo: rbx

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/1097/ 93 KB
31 KB 159ms
38ms Script
application/javascript 2.16.91.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/1097/smart.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=96482&formatId=31
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.91.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-91-19.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5b946c77e4b95c4567745f802028bf2792b1e9cd070a773864036bbdbe6bf178

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 24 Jul 2022 01:19:44 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=900
Connection: keep-alive
Content-Length: 31943
Expires: Sun, 24 Jul 2022 01:34:44 GMT

GET
H2 200 sync Show response
gum.criteo.com/ 49 B
373 B 128ms
39ms Script
text/javascript 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=96482&formatId=31

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:19:44 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 1598
strict-transport-security: max-age=31536000; preload;
content-length: 165
expires: 60

GET
H2 200 mapper.js Show response
spl.zeotap.com/ 61 KB
20 KB 124ms
46ms Script
application/javascript 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=96482&formatId=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52d507688e76dfbe48fce79beb89be7f30101e95e9e06c121c461e30517ab36f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray: 72f8d4513e57bbb3-FRA
date: Sun, 24 Jul 2022 01:19:44 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://freefirebrr.online
access-control-allow-credentials: true
content-encoding: br
access-control-allow-headers: *

GET
H/1.1 200
OK libJsLP.js Show response
tag.leadplace.fr/ 5 KB
6 KB 186ms
42ms Script
application/javascript 145.239.192.166
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/libJsLP.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=96482&formatId=31
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 24 Jul 2022 01:19:54 GMT
Last-Modified: Thu, 14 Oct 2021 07:27:53 GMT
Server: nginx/1.14.2
X-IPLB-Request-ID: 1FCC9672:D146_91EFC0A6:01BB_62DC9E30_4D794D25:232F9
ETag: "6167dbf9-15ab"
X-IPLB-Instance: 30196
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 5547

GET
H2 204 /
onetag-sys.com/usync/ Frame F5B8 0
0 111ms
35ms Document
text/plain 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1658625584734

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=96482&formatId=31

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://freefirebrr.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 150ms
42ms Script
application/javascript 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=96482&formatId=31
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: dafa3ce4de4cc56876b0fc6c36628fbcade9f4b07d7f27e4ca67744d91b2beb7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:19:44 GMT
content-encoding: gzip
etag: "77f5L8LR6ldZZZ+q4Q+xaw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Sun, 31 Jul 2022 01:19:44 GMT

GET
H/1.1 200
OK px.js Show response
p.cpx.to/p/12763/ 2 KB
2 KB 222ms
44ms Script
application/javascript 18.200.85.0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p/12763/px.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=96482&formatId=31
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.200.85.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-85-0.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 28b96f7dd5b99169b94e02f2abdcf2a2b2d5120894ed9dba434624901f0190ae

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 24 Jul 2022 01:19:44 GMT
Cache-Control: max-age=2419200, public
Connection: keep-alive
Content-Length: 1769
Content-Type: application/javascript; charset=UTF-8

GET
H2 200 fdd32483-319f-4510-9d88-f3049072942c Show response
boot.pbstck.com/v1/tag/ 1 KB
925 B 148ms
71ms Script
application/javascript 2606:4700:10::6816:15d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://boot.pbstck.com/v1/tag/fdd32483-319f-4510-9d88-f3049072942c
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=96482&formatId=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:15d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f096a5e3a6069afeab4c0a55f77eccc4944a4cd58b2f96e6c90102c71ccd9e6d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 24 Jul 2022 01:19:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=120
cf-ray: 72f8d4513ca99b76-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK notifyme.js Show response
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 25 KB
26 KB 141ms
46ms Script
text/javascript 108.156.253.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=96482&formatId=31
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.253.167 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-253-167.dus51.r.cloudfront.net
Software: Apache /
Resource Hash: b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sat, 23 Jul 2022 18:29:11 GMT
Via: 1.1 e4aaaf9d55a242f83ddc793442b0ebe2.cloudfront.net (CloudFront)
Last-Modified: Mon, 18 Feb 2019 16:54:28 GMT
Server: Apache
Age: 24635
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
X-Amz-Cf-Pop: DUS51-P2
Accept-Ranges: bytes
Content-Length: 25704
X-Amz-Cf-Id: CXbD37tnP_ZOwsAgOwvt7fcdvQr_h-e_ds-NbT79nTXV30vQm7l5_w==

GET
H2 200 prebid.js Show response
ads.themoneytizer.com/moneybid7_1/build_noconsent/dist/ 624 KB
157 KB 69ms
68ms Script
application/javascript 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybid7_1/build_noconsent/dist/prebid.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=96482&formatId=31
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 6dca9188a971c213f08d68e2e7928c366cf617c119c898a806d5003514f148bb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-77-nzt: AcO1rgVUlE7/pHwCAA
pragma: public
date: Sun, 24 Jul 2022 01:19:44 GMT
content-encoding: br
etag: W/"62a89ea4-9c117"
last-modified: Tue, 14 Jun 2022 14:43:48 GMT
server: CDN77-Turbo
x-77-nzt-ray: j1yp9rr562s
x-77-cache: HIT
content-type: application/javascript
x-cache: HIT
x-age: 162980
x-77-pop: frankfurtDE
x-accel-expires: @1659499404

GET
H3 200 menu-shadow.png
freefirebrr.online/wp-content/themes/news-portal/assets/images/ 7 KB
7 KB 59ms
59ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freefirebrr.online/wp-content/themes/news-portal/assets/images/menu-shadow.png

Requested by

Host: freefirebrr.online
URL: https://freefirebrr.online/wp-content/themes/news-portal/style.css?ver=1.3.1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f97f50780895cb200405df8c7bd49cf19ff8b443e2273064aeb1608b55b43e18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/wp-content/themes/news-portal/style.css?ver=1.3.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:19:44 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6925
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Jun 2022 14:42:06 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "62b9c1be-1b0d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4PAAaqgMpuIMBHJACf65fl0vTXZchbMEnV6akQqpuSaIz%2FM5RVMmJNJCEH1GfigdoQGeAaCjIvaH1ms6FGlEWjJBkO7r8gbK7D2%2FCEQextYMZJSE%2BAnJ7Y8wAH34aIM6nLyZ%2FXfycnh30pM4MfG89H8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 72f8d450bc15b70a-AMS
expires: Tue, 23 Aug 2022 01:19:44 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 104ms
35ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://freefirebrr.online
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 12:56:05 GMT
x-content-type-options: nosniff
age: 476619
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 12:56:05 GMT

GET
H3 200 fontawesome-webfont.woff2
freefirebrr.online/wp-content/themes/news-portal/assets/library/font-awesome/fonts/ 75 KB
76 KB 64ms
63ms Font
font/woff2 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freefirebrr.online/wp-content/themes/news-portal/assets/library/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: freefirebrr.online
URL: https://freefirebrr.online/wp-content/themes/news-portal/assets/library/font-awesome/css/font-awesome.min.css?ver=4.7.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://freefirebrr.online/wp-content/themes/news-portal/assets/library/font-awesome/css/font-awesome.min.css?ver=4.7.0
Origin: https://freefirebrr.online
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:19:44 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Jun 2022 14:42:06 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "62b9c1be-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FsXaeqNLjNlzvcMBat2WXUbx%2BOkoFwCaZxjMaE7CjKgXagwXdYYJnVpxFrd73lTccVt6bIUyOTbgYakg5KJQX1ZuBNcdUgM2q3yFQsvROz6asrSOzvbbXkJicfAUM8aD9Dm0Hdo6sRkyjBjxyjZ%2BCvQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 72f8d450bc1cb70a-AMS
expires: Tue, 23 Aug 2022 01:19:44 GMT

GET
H2 200 free-fire-x-anitta-tropa-ft.luck-muzik-clipe-oficial-1-32-screenshot.png
s2.glbimg.com/cSgooy0pRjvhCNzH4XwdUC-OI44=/0x0:1920x1080/984x0/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_bc8228b6673f488aa253bbcb03c80ec5/internal_photos/bs/2022/K/x/gBGCpRTzG3aLSCwHTBRw/ 60 KB
61 KB 1619ms
768ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/cSgooy0pRjvhCNzH4XwdUC-OI44=/0x0:1920x1080/984x0/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_bc8228b6673f488aa253bbcb03c80ec5/internal_photos/bs/2022/K/x/gBGCpRTzG3aLSCwHTBRw/free-fire-x-anitta-tropa-ft.luck-muzik-clipe-oficial-1-32-screenshot.png
Requested by: Host: freefirebrr.online
URL: https://freefirebrr.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: f45e0717c477fa26085f608a78b8e6e30221db64470ed0ad14f72a418c4c3890

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:19:45 GMT
via: 2.0 CachOS
x-bip: 461484961 asra01mp11lx04ca12.globoi.com
age: 0
etag: "87beefde86343084c54e56a2de4bc7cd2b24c5bb"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000,public
accept-ranges: bytes
x-thanos: 0AB0D076
access-control-allow-headers: Content-Type
content-length: 61590
x-request-id: 819f4faa-1d26-452d-ada9-dd3123521355
expires: Tue, 23 Aug 2022 01:17:39 GMT

GET
H2 200 leozin-mito-thurzin-ff-loud-noise-free-fire.png
s2.glbimg.com/yPCMShOy_FEofUn1nzYMkoECedM=/0x0:720x720/984x0/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_bc8228b6673f488aa253bbcb03c80ec5/internal_photos/bs/2022/w/C/MonlogQnKO6Unq8go5Ag/ 123 KB
123 KB 1618ms
767ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/yPCMShOy_FEofUn1nzYMkoECedM=/0x0:720x720/984x0/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_bc8228b6673f488aa253bbcb03c80ec5/internal_photos/bs/2022/w/C/MonlogQnKO6Unq8go5Ag/leozin-mito-thurzin-ff-loud-noise-free-fire.png
Requested by: Host: freefirebrr.online
URL: https://freefirebrr.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: d8980c287f7b57728b971ff9843ac168875b5aca70740829f95be4021e7d3380

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:19:45 GMT
via: 2.0 CachOS
x-bip: 463636453 asra01mp11lx04ca12.globoi.com
age: 15205
etag: "c46d953ccd0928b97b12ecf9f364d0ef0bd8d9a6"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000,public
accept-ranges: bytes
x-thanos: 0AB0D076
access-control-allow-headers: Content-Type
content-length: 125828
x-request-id: 57d75bd7-a37a-4017-a130-fe7d0f4af6a4
expires: Mon, 22 Aug 2022 20:02:44 GMT

GET
H2 200 escolha.png
s2.glbimg.com/ojFpJ6f_K8FIXeqtnhguJpUqbgk=/0x0:1249x731/984x0/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_bc8228b6673f488aa253bbcb03c80ec5/internal_photos/bs/2022/K/3/XbNlemRb6lRl8BQ5ov1g/ 69 KB
70 KB 1546ms
768ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/ojFpJ6f_K8FIXeqtnhguJpUqbgk=/0x0:1249x731/984x0/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_bc8228b6673f488aa253bbcb03c80ec5/internal_photos/bs/2022/K/3/XbNlemRb6lRl8BQ5ov1g/escolha.png
Requested by: Host: freefirebrr.online
URL: https://freefirebrr.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: a98f9d353eb3c3c6f19d1b7f223bd91f1b3ea946c7d65e43eb34536f81339246

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:19:45 GMT
via: 2.0 CachOS
x-bip: 463442628 asra01mp11lx04ca12.globoi.com
age: 0
etag: "803b2cf0a8a7962205696b5db945c62c2ed1208a"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000,public
accept-ranges: bytes
x-thanos: 0AB0D076
access-control-allow-headers: Content-Type
content-length: 70980
x-request-id: fb7a8f04-8071-4f3f-b017-d17e60d03e9a
expires: Tue, 23 Aug 2022 01:19:45 GMT

GET
H2 200 calca1.png
s2.glbimg.com/xZIlZaCqHOAab9WXpumObWkOIgs=/0x0:746x399/984x0/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_bc8228b6673f488aa253bbcb03c80ec5/internal_photos/bs/2022/f/d/QOyAOKRoK1f0toXHJbow/ 7 KB
7 KB 1543ms
767ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/xZIlZaCqHOAab9WXpumObWkOIgs=/0x0:746x399/984x0/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_bc8228b6673f488aa253bbcb03c80ec5/internal_photos/bs/2022/f/d/QOyAOKRoK1f0toXHJbow/calca1.png
Requested by: Host: freefirebrr.online
URL: https://freefirebrr.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 08173c62120e1302754444b698be7cac02ecdac1975d1e52f2b2febe1bee48ae

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:19:45 GMT
via: 2.0 CachOS
x-bip: 463377388 asra01mp11lx04ca12.globoi.com
age: 0
etag: "8a89304cce573a42640b681d3b975f58bb0d2442"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000,public
accept-ranges: bytes
x-thanos: 0AB0D076
access-control-allow-headers: Content-Type
content-length: 7170
x-request-id: 48f656f7-6a5c-4d4b-9ecf-4d43da148c64
expires: Mon, 22 Aug 2022 23:31:20 GMT

GET tubarao.png
s2.glbimg.com/ajOh0BpBKUQ1dt2Cyeb0ZHqn-SE=/0x0:1365x768/984x0/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_bc8228b6673f488aa253bbcb03c80ec5/internal_photos/bs/2022/d/X/fLey75T72smjgiNYmSig/ 0
0

GET
H2 200 coming-soon-kelly-show-s03-e04-teaser-whats-up-free-fire-free-fire-na-0-25-screenshot.png
s2.glbimg.com/JhQ9ouE4tpGfTd05nr6x_df3efg=/0x0:854x480/984x0/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_bc8228b6673f488aa253bbcb03c80ec5/internal_photos/bs/2022/F/0/NgsyFEQIy2G3CHTnyxvQ/ 34 KB
35 KB 757ms
756ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/JhQ9ouE4tpGfTd05nr6x_df3efg=/0x0:854x480/984x0/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_bc8228b6673f488aa253bbcb03c80ec5/internal_photos/bs/2022/F/0/NgsyFEQIy2G3CHTnyxvQ/coming-soon-kelly-show-s03-e04-teaser-whats-up-free-fire-free-fire-na-0-25-screenshot.png
Requested by: Host: freefirebrr.online
URL: https://freefirebrr.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 9d9be2900172c550297edc82e19f4fb18c0d07494db5e3ce8ddf1a1589012e7d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:19:45 GMT
via: 2.0 CachOS
x-bip: 457992086 asra01mp11lx04ca12.globoi.com
age: 0
etag: "fc7d041129cebf4da4783be081f7d04874c7b333"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000,public
accept-ranges: bytes
x-thanos: 0AB0D076
access-control-allow-headers: Content-Type
content-length: 35054
x-request-id: 58726b76-ce6b-4eaa-9089-e043025f8b80
expires: Tue, 23 Aug 2022 01:19:45 GMT

GET
H2 200 lbff8.png
s2.glbimg.com/j9PpD1XKg1UNEBmSZ84cXggpgY4=/0x0:2226x1236/984x0/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_bc8228b6673f488aa253bbcb03c80ec5/internal_photos/bs/2022/l/s/rfcZOORNmktfoBBdGRVA/ 55 KB
56 KB 757ms
757ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/j9PpD1XKg1UNEBmSZ84cXggpgY4=/0x0:2226x1236/984x0/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_bc8228b6673f488aa253bbcb03c80ec5/internal_photos/bs/2022/l/s/rfcZOORNmktfoBBdGRVA/lbff8.png
Requested by: Host: freefirebrr.online
URL: https://freefirebrr.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Niterói, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: d48411f06ef7e08ec3fe3cb40ad62db57ff6e67d649cf1965b12aa57e159fcab

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:19:45 GMT
via: 2.0 CachOS
x-bip: 460343144 asra01mp11lx04ca12.globoi.com
age: 0
etag: "9dd6d9a7f09a3e11e1ed868199d78bc129c12fa7"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000,public
accept-ranges: bytes
x-thanos: 0AB0D076
access-control-allow-headers: Content-Type
content-length: 56788
x-request-id: 8c263e3b-3a1c-44e6-83e8-3007f5a9c3c6
expires: Mon, 22 Aug 2022 22:23:52 GMT

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
272 B 167ms
45ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=96482&f=28&fi=99
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=96482&formatId=28
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 24 Jul 2022 01:19:44 GMT
Server: nginx
X-IPLB-Request-ID: 1FCC9672:8542_36264064:01BB_62DC9E30_1A867309:12783
X-IPLB-Instance: 41595
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200 9.gif
id5-sync.com/i/12/ 43 B
1 KB 179ms
34ms Image
image/gif 141.95.98.67
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=

Requested by

Host: freefirebrr.online
URL: https://freefirebrr.online/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.67 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216533.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:19:44 GMT
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 222 B
647 B 151ms
41ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=freefirebrr.online&callback=_gfp_s_&client=ca-pub-3017618482282886

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3017618482282886&plah=freefirebrr.online

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

efe106cdabad8466633e27e5ff511af28a83d422c2f4daecc92069d078029c88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:19:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 203
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
792 B 180ms
41ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=freefirebrr.online

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 24 Jul 2022 01:19:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 127ms
40ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=freefirebrr.online

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 24 Jul 2022 01:19:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4E22 603 B
68 B 122ms
52ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3017618482282886&output=html&adk=1812271804&adf=3025194257&lmt=1658625584&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffreefirebrr.online%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658625584652&bpp=3&bdt=221&idt=234&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7276602254550&frm=20&pv=2&ga_vid=1219168882.1658625585&ga_sid=1658625585&ga_hid=2063005357&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C44768337%2C42531605&oid=2&pvsid=3879346333446959&tmod=811086351&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=248

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freefirebrr.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Jul 2022 01:19:45 GMT
expires: Sun, 24 Jul 2022 01:19:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
spl.zeotap.com/ 2 KB
969 B 46ms
46ms XHR
text/html 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eaac8d630e1ee6ac92c9be1a32575934646babbc8bad344f81e9dae972d0f149

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray: 72f8d451deb8bbb3-FRA
date: Sun, 24 Jul 2022 01:19:44 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: text/html
access-control-allow-origin: https://freefirebrr.online
access-control-allow-credentials: true
content-encoding: br
access-control-allow-headers: *

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 94ms
32ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffreefirebrr.online%2F&domain=freefirebrr.online&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://freefirebrr.online
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://freefirebrr.online
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 24 Jul 2022 01:19:44 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1143
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffreefirebrr.online%2F&domain=freefirebrr.online&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=Cb9JNHwzdi9FNnUvdTVYYTVEb1pCZG1EZVJXakN0cFdkR2I5K3FjL2tVYkhxUkFpMEhHSjlaTnVHK05RcnZ6Q2FUSzZFa1AwSEZuVHZqdVEvaEkzZ1NjdnJaa2RyRWdZM0J2MmcyQ1Z1bW1sdjRUTXg0VjhmemZZcXczcW...

345 B
615 B

112ms
38ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=Cb9JNHwzdi9FNnUvdTVYYTVEb1pCZG1EZVJXakN0cFdkR2I5K3FjL2tVYkhxUkFpMEhHSjlaTnVHK05RcnZ6Q2FUSzZFa1AwSEZuVHZqdVEvaEkzZ1NjdnJaa2RyRWdZM0J2MmcyQ1Z1bW1sdjRUTXg0VjhmemZZcXczcW9CWkMrU0Ztb3ZtZG5QRERXN1FETXA4NjY0VGhFUGNTektabTk5OW85cjdMVEJLZGhZQ2VKMkpQdHBMRkVnQ2lrQWlZZDNtY0U1VmY2ODMzQ0tXb0xyaU53UU5VTkdBMjhNNkVhaDlrWkd4T3c4V1FBbUtrPXw&cppv=2

Requested by

Host: freefirebrr.online
URL: https://freefirebrr.online/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

c0a6f6976e174cf00cd9d1c8eec636cb25047d153e934ba08106d64e481b9eee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 01:19:45 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3936
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 24 Jul 2022 01:19:44 GMT
location: https://mug.criteo.com/sid?cpp=Cb9JNHwzdi9FNnUvdTVYYTVEb1pCZG1EZVJXakN0cFdkR2I5K3FjL2tVYkhxUkFpMEhHSjlaTnVHK05RcnZ6Q2FUSzZFa1AwSEZuVHZqdVEvaEkzZ1NjdnJaa2RyRWdZM0J2MmcyQ1Z1bW1sdjRUTXg0VjhmemZZcXczcW9CWkMrU0Ztb3ZtZG5QRERXN1FETXA4NjY0VGhFUGNTektabTk5OW85cjdMVEJLZGhZQ2VKMkpQdHBMRkVnQ2lrQWlZZDNtY0U1VmY2ODMzQ0tXb0xyaU53UU5VTkdBMjhNNkVhaDlrWkd4T3c4V1FBbUtrPXw&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://freefirebrr.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1444
content-length: 482
expires: 0

POST
H/1.1 200 12.json Show response
id5-sync.com/g/v2/ 213 B
625 B 40ms
34ms XHR
application/json 141.95.98.67
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/12.json

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build_noconsent/dist/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.67 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216533.ip-141-95-98.eu

Software

Resource Hash

9bad6f634a9a79433089a3c89db786eaac96bb12406ea9251b44c7a7dcadfb80

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://freefirebrr.online/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://freefirebrr.online
date: Sun, 24 Jul 2022 01:19:44 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8

GET
H2 200 index-monitoring-99a757f.js Show response
cdn.pbstck.com/ 186 KB
51 KB 125ms
49ms XHR
application/javascript 2606:4700:10::ac43:1997
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pbstck.com/index-monitoring-99a757f.js
Requested by: Host: boot.pbstck.com
URL: https://boot.pbstck.com/v1/tag/fdd32483-319f-4510-9d88-f3049072942c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1997 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13c3a168e07c10ca3db80605cdf6f5195507de06b7b5d3ca79f1e4b3f6e00433

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:19:45 GMT
content-encoding: br
cf-cache-status: MISS
x-guploader-uploadid: ADPycdvHsaqdYtT81xxcPKVGK-oRjyngi2qFN4_VpKmlJ4WANS6Iw4_YpttZkj2UYuCSkUy36_qG5i1LJZW5Ze8QpTZ_5RBE6Idx
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 04 Jul 2022 13:37:30 GMT
server: cloudflare
etag: W/"138f34b7ca481c4dc482458e73244ba9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=iOZfgw==, md5=E480t8pIHE3EgkWOcyRLqQ==
x-goog-generation: 1656941850180915
access-control-allow-origin: *
content-type: application/javascript
access-control-expose-headers: Cache-Control, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=604800, immutable
x-goog-stored-content-length: 51569
cf-ray: 72f8d452a9998fe0-FRA
expires: Sun, 31 Jul 2022 00:44:51 GMT

GET
H2 200 rules-p-6Fv0cGNfc_bw8.js Show response
rules.quantcount.com/ 1 KB
1 KB 118ms
33ms Script
application/javascript 2600:9000:223c:1c00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:1c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 00:31:25 GMT
content-encoding: gzip
age: 2901
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Mon, 19 Mar 2018 22:28:36 GMT
server: AmazonS3
etag: W/"9a93052877e57b42aeefaab6e7ec5f90"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 11e35514d631a9a9566fd489de935c06.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: X3W8sdk2gbLJHblQZaP9t4OiNRJzlIG3UjVm8uo3CDfTb84rLhwbrQ==

POST
H/1.1 200 102.json Show response
id5-sync.com/g/v2/ 213 B
625 B 56ms
34ms XHR
application/json 141.95.98.67
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/102.json

Requested by

Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.67 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216533.ip-141-95-98.eu

Software

Resource Hash

4a78813d190e76860b247c13b0ebb23adc9049726bf5e5396226450d2f310e43

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://freefirebrr.online/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://freefirebrr.online
date: Sun, 24 Jul 2022 01:19:44 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 84 KB
30 KB 109ms
33ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js

Requested by

Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 13:09:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 303016
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30186
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Jul 2023 13:09:29 GMT

GET
H2

200

mw
mwzeom.zeotap.com/
Redirect Chain

https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=pageview&id_mid_4=1d33528d-f855-413c-4a65-653aee91ed25&reqId=f568d090-ac3c-4fd2-4b8d-587df6c9...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fadnxs_uid%3D%24UID%26zpartnerid%3D2%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3D1d33528d-f855-413c-4a65-653aee91e...
https://mwzeom.zeotap.com/mw?adnxs_uid=8116403588374953936&zpartnerid=2&env=mWeb&eventType=pageview&id_mid_4=1d33528d-f855-413c-4a65-653aee91ed25&reqId=f568d090-ac3c-4fd2-4b8d-587df6c9b3b6&zdid=1258

95 B
187 B

54ms
46ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?adnxs_uid=8116403588374953936&zpartnerid=2&env=mWeb&eventType=pageview&id_mid_4=1d33528d-f855-413c-4a65-653aee91ed25&reqId=f568d090-ac3c-4fd2-4b8d-587df6c9b3b6&zdid=1258
Requested by: Host: freefirebrr.online
URL: https://freefirebrr.online/
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:19:45 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://freefirebrr.online
access-control-allow-credentials: true
cf-ray: 72f8d4533fcbbbb3-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

Pragma: no-cache
Date: Sun, 24 Jul 2022 01:19:45 GMT
X-Proxy-Origin: 31.204.150.114; 31.204.150.114; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 4aaebafb-da1b-4a8f-9516-3aafc395db16
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://mwzeom.zeotap.com/mw?adnxs_uid=8116403588374953936&zpartnerid=2&env=mWeb&eventType=pageview&id_mid_4=1d33528d-f855-413c-4a65-653aee91ed25&reqId=f568d090-ac3c-4fd2-4b8d-587df6c9b3b6&zdid=1258
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=1d33528d-f855-413c-4a65-653aee91ed25&reqId=f568d090-ac3c-4fd2-4b8d-587df6c9b3b6&...
https://mwzeom.zeotap.com/mw?google_gid=CAESEJ-RKfdbS49Eyg4IcKqoyl8&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=1d33528d-f855-413c-4a65-653aee91ed25&reqId=f568d090-ac3c-4fd2-4b8...

95 B
153 B

47ms
47ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEJ-RKfdbS49Eyg4IcKqoyl8&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=1d33528d-f855-413c-4a65-653aee91ed25&reqId=f568d090-ac3c-4fd2-4b8d-587df6c9b3b6&zdid=1258
Requested by: Host: freefirebrr.online
URL: https://freefirebrr.online/
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:19:45 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://freefirebrr.online
access-control-allow-credentials: true
cf-ray: 72f8d453d851bbb3-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Sun, 24 Jul 2022 01:19:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEJ-RKfdbS49Eyg4IcKqoyl8&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=1d33528d-f855-413c-4a65-653aee91ed25&reqId=f568d090-ac3c-4fd2-4b8d-587df6c9b3b6&zdid=1258
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 446
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
265 B 141ms
44ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3D1d33528d-f855-413c-4a65-653aee91ed25%26reqId%3Df568d090-ac3c-4fd2-4b8d-587df6c9b3b6%26zdid%3D1258&gdpr=1&gdpr_consent=
Requested by: Host: freefirebrr.online
URL: https://freefirebrr.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 01:19:45 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

mw
mwzeom.zeotap.com/
Redirect Chain

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=1d33528d-f855-413c-4a65-653aee91ed25&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=1d33528d-f855-413c-4a65-653aee91ed25&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
https://mwzeom.zeotap.com/mw?cid=77240531179308488102004556006429375656&zpartnerid=314&env=mWeb&eventType=pageview&id_mid_4=1d33528d-f855-413c-4a65-653aee91ed25&reqId=f568d090-ac3c-4fd2-4b8d-587df6...

95 B
154 B

43ms
43ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=77240531179308488102004556006429375656&zpartnerid=314&env=mWeb&eventType=pageview&id_mid_4=1d33528d-f855-413c-4a65-653aee91ed25&reqId=f568d090-ac3c-4fd2-4b8d-587df6c9b3b6&zdid=1258
Requested by: Host: freefirebrr.online
URL: https://freefirebrr.online/
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:19:45 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://freefirebrr.online
access-control-allow-credentials: true
cf-ray: 72f8d454b946bbb3-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

DCS: dcs-prod-irl1-2-v037-07258d3f1.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: jjAS2q7xR80=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://mwzeom.zeotap.com/mw?cid=77240531179308488102004556006429375656&zpartnerid=314&env=mWeb&eventType=pageview&id_mid_4=1d33528d-f855-413c-4a65-653aee91ed25&reqId=f568d090-ac3c-4fd2-4b8d-587df6c9b3b6&zdid=1258
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

mw
mwzeom.zeotap.com/
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=NLD&env=mWeb&eventType=pageview&id_mid_4=1d33528d-f855-413c-4a65-653aee91ed25&reqId=f568d090-ac3c-4fd2-4b8d-587df6c9b3b6&zdid=1258
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=NLD&zdid=1258&cid=MJVNGQ3ZcbEIHb1HObtaNWroZkhAnYaq%2BS41iYitP1U%3D

95 B
153 B

50ms
50ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=NLD&zdid=1258&cid=MJVNGQ3ZcbEIHb1HObtaNWroZkhAnYaq%2BS41iYitP1U%3D
Requested by: Host: freefirebrr.online
URL: https://freefirebrr.online/
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:19:45 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://freefirebrr.online
access-control-allow-credentials: true
cf-ray: 72f8d453f8aebbb3-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Sun, 24 Jul 2022 01:19:45 GMT
server: AAWebServer
location: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=NLD&zdid=1258&cid=MJVNGQ3ZcbEIHb1HObtaNWroZkhAnYaq%2BS41iYitP1U%3D
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/
Redirect Chain

https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3D1d33528d-f855-413c-4a65-653ae...
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=pageview&id_mid_4=1d33528d-f855-413c-4a65-653aee91ed25&reqId=f568d090-ac3c-4fd2-4b8d-587df6c9b3b6&zdid=1258

95 B
153 B

46ms
46ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=pageview&id_mid_4=1d33528d-f855-413c-4a65-653aee91ed25&reqId=f568d090-ac3c-4fd2-4b8d-587df6c9b3b6&zdid=1258
Requested by: Host: freefirebrr.online
URL: https://freefirebrr.online/
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:19:45 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://freefirebrr.online
access-control-allow-credentials: true
cf-ray: 72f8d4548926bbb3-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=pageview&id_mid_4=1d33528d-f855-413c-4a65-653aee91ed25&reqId=f568d090-ac3c-4fd2-4b8d-587df6c9b3b6&zdid=1258
date: Sun, 24 Jul 2022 01:19:45 GMT
cross-origin-resource-policy: cross-origin
content-length: 0

GET
H/1.1 200
OK wckr.php Show response
tag.leadplace.fr/ Frame 3E6F 0
247 B 40ms
40ms Document
text/html 145.239.192.166
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Ffreefirebrr.online%2F&id=MTIZ
Requested by: Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/libJsLP.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://freefirebrr.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Content-Type: text/html; charset=UTF-8
Date: Sun, 24 Jul 2022 01:19:45 GMT
Server: nginx/1.14.2
Transfer-Encoding: chunked
X-IPLB-Instance: 30196
X-IPLB-Request-ID: 1FCC9672:D146_91EFC0A6:01BB_62DC9E30_4D794D29:232F9

GET
H/1.1 200
OK fire.js Show response
s.cpx.to/ 846 B
1 KB 195ms
45ms Script
application/javascript 52.49.3.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.cpx.to/fire.js?pid=12763&ref=&url=https%3A%2F%2Ffreefirebrr.online%2F&hn_ver=40&fid=1ed88359-15b1-46ac-a57c-e9695877b26b

Requested by

Host: p.cpx.to
URL: https://p.cpx.to/p/12763/px.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.49.3.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-3-229.eu-west-1.compute.amazonaws.com

Software

Resource Hash

52e68328b9a11982d5fbe1833d8e370288db11b2f9ecd346abb00c4c61461cf2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Sun, 24 Jul 2022 01:19:45 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript; charset=UTF-8
Content-Length: 846
Expires: Mon, 11 Jul 2022 15:22:25 UTC

GET s
kvt.sddan.com/api/v1/public/p/29567/d/50/ 0
0

GET
H2 200 pixel;r=199431631;labels=Categories.artsandentertainment;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Ffreefirebrr.online%2F;uht=2;fpan=1;fpa=P0-1489012500-1658625585095;pbc=;ns=0;ce=1;qjs=1;qv=623fd1d5...
pixel.quantserve.com/ 35 B
371 B 49ms
39ms Image
image/gif 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=199431631;labels=Categories.artsandentertainment;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Ffreefirebrr.online%2F;uht=2;fpan=1;fpa=P0-1489012500-1658625585095;pbc=;ns=0;ce=1;qjs=1;qv=623fd1d5-20220713234410;cm=;gdpr=0;ref=;d=freefirebrr.online;dst=0;et=1658625585095;tzo=0;ogl=locale.pt_BR%2Ctype.website%2Ctitle.Not%C3%ADcias%20Free%20Fire%20Brasil%20atualizadas%20!!!%2Cdescription.Fique%20por%20dentro%20das%20%C3%BAltimas%20novidades%20e%20lan%C3%A7amentos%20de%20jogos%20para%20celular%20e%20tab%2Curl.http%3A%2F%2Ffreefirebrr%252Eonline%2F%2Csite_name.Not%C3%ADcias%20Free%20Fire%20Brasil%20atualizadas%20!!!

Requested by

Host: freefirebrr.online
URL: https://freefirebrr.online/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 01:19:45 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 227ms
31ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 24 Jul 2022 01:19:45 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1048
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK notifyme.php Show response
adtrack.adleadevent.com/ 0
529 B 273ms
46ms XHR
application/x-javascript 54.217.253.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.217.253.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-217-253-87.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://freefirebrr.online/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Jul 2022 01:19:45 GMT
Content-Encoding: gzip
Last-Modified: Sun, 24 Jul 2022 01:19:45 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: https://freefirebrr.online
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
509 B 201ms
115ms XHR
application/json 35.158.200.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.1.0&referrer=https%3A%2F%2Ffreefirebrr.online%2F&tmax=3000

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build_noconsent/dist/prebid.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.158.200.114 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-158-200-114.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://freefirebrr.online/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 01:19:45 GMT
accept-ch: sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness
content-type: application/json; charset=utf-8
access-control-allow-origin: https://freefirebrr.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 158 KB
37 KB 207ms
207ms XHR
application/json 37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build_noconsent/dist/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

89ba0e7994aba0b9d30a3f033748d2b023dde8b643904a31e6d7207a29c4b0dd

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://freefirebrr.online/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 24 Jul 2022 01:19:45 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 31.204.150.114; 31.204.150.114; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: b2d0f7e7-678b-4aac-9e97-adcc6afc5f0e
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://freefirebrr.online
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ROS Show response
pbjs.e-planning.net/pbjs/1/2a156/1/freefirebrr.online/ 2 B
160 B 92ms
28ms XHR
text/plain 46.249.52.249
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/pbjs/1/2a156/1/freefirebrr.online/ROS?rnd=0.3365528965179543&e=video%3A300x250%2C300x50%2C355x50%2C640x480%2B26328%3A300x250%2C728x90%2C970x90%2C1x1%2C1000x90%2C1000x30%2C990x90%2C950x90%2B26711%3A300x250%2C300x168%2B26300%3A300x250%2C300x168%2B39287%3A970x250%2C970x90%2C1000x30%2C1000x90%2C800x250%2C950x250%2C900x250%2B26322%3A728x90%2C320x50%2C300x50%2C320x100%2C300x100%2B30012%3A728x90%2C320x50%2C300x50%2C320x100%2C300x100%2B26324%3A120x600&ur=https%3A%2F%2Ffreefirebrr.online%2F&pbv=7.1.0&ncb=1&vs=FFFFFFFF&crs=UTF-8&fr=https%3A%2F%2Ffreefirebrr.online%2F&e_id5id=%257B%2522uid%2522%253A%25220%2522%252C%2522ext%2522%253A%257B%2522linkType%2522%253A0%257D%257D&e_pubcid=289a4f7d-31c2-4834-8439-feb74b83fdd1
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build_noconsent/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.249 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://freefirebrr.online/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://freefirebrr.online
date: Sun, 24 Jul 2022 01:19:45 GMT
access-control-allow-credentials: true
server: openresty
content-type: text/plain
content-length: 2
x-sid: AMS-746

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 1 KB
4 KB 782ms
639ms XHR
application/json 2602:803:c004:200::141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11740&site_id=39528&zone_id=1124612%3B1078210%3B1078210%3B1078294%3B1078294%3B1078210%3B1078210&size_id=15%3B55%3B2%3B2%3B15%3B15%3B8&alt_size_ids=2%2C55%2C58%2C221%3B57%2C58%2C125%3B19%2C43%2C44%2C117%3B19%2C43%2C44%2C117%3B%3B%3B&p_pos=atf&rp_schain=1.0,1!themoneytizer.com,30922,1,,,&eid_pubcid.org=289a4f7d-31c2-4834-8439-feb74b83fdd1%5E1&rf=https%3A%2F%2Ffreefirebrr.online&kw=96482&tg_i.name=freefirebrr.online&tg_i.siteid=96482&tg_i.pbadslot=%2F96482%2Ffreefirebrr.online%2Fdesktop%2F26328%3B%2F96482%2Ffreefirebrr.online%2Fdesktop%2F39287%3B%2F96482%2Ffreefirebrr.online%2Fdesktop%2F26322%3B%2F96482%2Ffreefirebrr.online%2Fdesktop%2F30012%3B%2F96482%2Ffreefirebrr.online%2Fdesktop%2F26711%3B%2F96482%2Ffreefirebrr.online%2Fdesktop%2F26300%3B%2F96482%2Ffreefirebrr.online%2Fdesktop%2F26324&tk_flint=pbjs_lite_v7.1.0&x_source.tid=b38d137e-56af-424e-ad2e-51883fb78ab3%3B4a758ce1-d56d-4884-9881-00d622f64b95%3Bde7484a9-81f2-4fd0-9a71-2b052aa4f39a%3Bfee65588-cfea-4b14-bb39-fb3b56dcf219%3B97b6e0fc-6d15-4da8-baa1-2339d9de488a%3B1ac3910f-31f9-433e-a524-42155a79962f%3B8344b516-adeb-489a-bd22-312c88cb599f&l_pb_bid_id=29444e05d6505b8%3B3099bc2e76c346e%3B31250ed1f1f9291%3B32522fb9dd3a301%3B3360bc422f3a23%3B34fca10b9c65d27%3B35e61f7ef404f2e&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&rp_maxbids=1&p_gpid=%2F96482%2Ffreefirebrr.online%2Fdesktop%2F26328%3B%2F96482%2Ffreefirebrr.online%2Fdesktop%2F39287%3B%2F96482%2Ffreefirebrr.online%2Fdesktop%2F26322%3B%2F96482%2Ffreefirebrr.online%2Fdesktop%2F30012%3B%2F96482%2Ffreefirebrr.online%2Fdesktop%2F26711%3B%2F96482%2Ffreefirebrr.online%2Fdesktop%2F26300%3B%2F96482%2Ffreefirebrr.online%2Fdesktop%2F26324&slots=7&rand=0.8285584501979903
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build_noconsent/dist/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: d814270b526e641371aa0a33d22b2ea535648c97976657a6259ebc7745747fd2

Request headers

Referer: https://freefirebrr.online/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 24 Jul 2022 01:19:45 GMT
Content-Encoding: gzip
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://freefirebrr.online
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 396
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
116 B 148ms
37ms XHR
text/plain 52.59.116.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build_noconsent/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.116.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-116-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://freefirebrr.online/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://freefirebrr.online
date: Sun, 24 Jul 2022 01:19:45 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
115 B 266ms
155ms XHR
text/plain 52.59.116.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build_noconsent/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.116.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-116-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://freefirebrr.online/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://freefirebrr.online
date: Sun, 24 Jul 2022 01:19:45 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
115 B 197ms
86ms XHR
text/plain 52.59.116.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build_noconsent/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.116.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-116-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://freefirebrr.online/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://freefirebrr.online
date: Sun, 24 Jul 2022 01:19:45 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
115 B 212ms
102ms XHR
text/plain 52.59.116.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build_noconsent/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.116.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-116-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://freefirebrr.online/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://freefirebrr.online
date: Sun, 24 Jul 2022 01:19:45 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
115 B 181ms
71ms XHR
text/plain 52.59.116.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build_noconsent/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.116.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-116-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://freefirebrr.online/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://freefirebrr.online
date: Sun, 24 Jul 2022 01:19:45 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
115 B 180ms
70ms XHR
text/plain 52.59.116.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build_noconsent/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.116.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-116-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://freefirebrr.online/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://freefirebrr.online
date: Sun, 24 Jul 2022 01:19:45 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
115 B 180ms
71ms XHR
text/plain 52.59.116.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build_noconsent/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.116.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-116-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://freefirebrr.online/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://freefirebrr.online
date: Sun, 24 Jul 2022 01:19:45 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 200 / Show response
prebid.smilewanted.com/ 0
77 B 150ms
85ms XHR
application/json 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build_noconsent/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://freefirebrr.online/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 24 Jul 2022 01:19:45 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://freefirebrr.online
access-control-allow-credentials: true
cf-ray: 72f8d4542815b975-AMS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 200 / Show response
prebid.smilewanted.com/ 0
76 B 140ms
74ms XHR
application/json 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build_noconsent/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://freefirebrr.online/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 24 Jul 2022 01:19:45 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://freefirebrr.online
access-control-allow-credentials: true
cf-ray: 72f8d4542816b975-AMS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 200 / Show response
prebid.smilewanted.com/ 0
77 B 144ms
79ms XHR
application/json 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build_noconsent/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://freefirebrr.online/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 24 Jul 2022 01:19:45 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://freefirebrr.online
access-control-allow-credentials: true
cf-ray: 72f8d4542817b975-AMS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 200 / Show response
prebid.smilewanted.com/ 0
77 B 140ms
75ms XHR
application/json 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build_noconsent/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://freefirebrr.online/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 24 Jul 2022 01:19:45 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://freefirebrr.online
access-control-allow-credentials: true
cf-ray: 72f8d4542818b975-AMS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 200 / Show response
prebid.smilewanted.com/ 0
439 B 138ms
74ms XHR
application/json 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build_noconsent/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://freefirebrr.online/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 24 Jul 2022 01:19:45 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://freefirebrr.online
access-control-allow-credentials: true
cf-ray: 72f8d4542819b975-AMS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 200 / Show response
prebid.smilewanted.com/ 0
77 B 142ms
78ms XHR
application/json 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build_noconsent/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://freefirebrr.online/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 24 Jul 2022 01:19:45 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://freefirebrr.online
access-control-allow-credentials: true
cf-ray: 72f8d454281bb975-AMS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 200 / Show response
prebid.smilewanted.com/ 0
77 B 142ms
78ms XHR
application/json 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build_noconsent/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://freefirebrr.online/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 24 Jul 2022 01:19:45 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://freefirebrr.online
access-control-allow-credentials: true
cf-ray: 72f8d454281cb975-AMS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 200 / Show response
prebid.smilewanted.com/ 0
77 B 139ms
75ms XHR
application/json 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build_noconsent/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://freefirebrr.online/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 24 Jul 2022 01:19:45 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://freefirebrr.online
access-control-allow-credentials: true
cf-ray: 72f8d454281db975-AMS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 moneybid.js Show response
ads.themoneytizer.com/bidder1/ 75 B
373 B 147ms
80ms XHR
text/html 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=96482&adid=11&formatid=video&size=desktop&country=undefined
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build_noconsent/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 649144be1fa79362df36ab951a8b94ba05f5e7f1a484224bf9dc7f333fdb60dd

Request headers

Referer: https://freefirebrr.online/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

x-77-nzt: AcO1rgV/gbvLoXQBAA
x-accel-expires: @1658711985
date: Sun, 24 Jul 2022 01:19:45 GMT
content-encoding: br
server: CDN77-Turbo
x-77-nzt-ray: vHSSx39fgH4
vary: Origin
x-77-cache: MISS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://freefirebrr.online
cache-control: public, max-age=86400
x-cache: EXPIRED
x-age: 95393
x-77-pop: frankfurtDE

GET
H2 200 moneybid.js Show response
ads.themoneytizer.com/bidder1/ 628 B
650 B 143ms
77ms XHR
text/html 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=96482&adid=31&formatid=39287&size=desktop
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build_noconsent/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 99783840423ad21745b31d030e560320f8bafbe2b00ba77d03e0078f2e0fe6b7

Request headers

Referer: https://freefirebrr.online/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

x-77-nzt: AcO1rgWm2GnLoXQBAA
x-accel-expires: @1658711985
date: Sun, 24 Jul 2022 01:19:45 GMT
content-encoding: br
server: CDN77-Turbo
x-77-nzt-ray: Nt7EcOB0uQk
vary: Origin
x-77-cache: MISS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://freefirebrr.online
cache-control: max-age=86400
x-cache: EXPIRED
x-age: 95393
x-77-pop: frankfurtDE

GET
H2 200 moneybid.js Show response
ads.themoneytizer.com/bidder1/ 624 B
651 B 144ms
77ms XHR
text/html 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=96482&adid=1&formatid=26322&size=desktop
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build_noconsent/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c66b6c520bc8f03c7641867eb6bdd5e8bcfc30d04499d46797d94ce98fc5799b

Request headers

Referer: https://freefirebrr.online/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

x-77-nzt: AcO1rgVLD0vLoXQBAA
x-accel-expires: @1658711985
date: Sun, 24 Jul 2022 01:19:45 GMT
content-encoding: br
server: CDN77-Turbo
x-77-nzt-ray: aps98lPmu3o
vary: Origin
x-77-cache: MISS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://freefirebrr.online
cache-control: public, max-age=86400
x-cache: EXPIRED
x-age: 95393
x-77-pop: frankfurtDE

GET
H2 200 moneybid.js Show response
ads.themoneytizer.com/bidder1/ 631 B
655 B 146ms
80ms XHR
text/html 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=96482&adid=28&formatid=30012&size=desktop
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build_noconsent/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b06107002a7e2d18582fcec3bccb39f46a316c26093769260e14e17a4dfbf39e

Request headers

Referer: https://freefirebrr.online/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

x-77-nzt: AcO1rgVfXqjLoXQBAA
x-accel-expires: @1658711985
date: Sun, 24 Jul 2022 01:19:45 GMT
content-encoding: br
server: CDN77-Turbo
x-77-nzt-ray: UGwZ73yQuYY
vary: Origin
x-77-cache: MISS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://freefirebrr.online
cache-control: max-age=86400
x-cache: EXPIRED
x-age: 95393
x-77-pop: frankfurtDE

GET
H2 200 moneybid.js Show response
ads.themoneytizer.com/bidder1/ 627 B
649 B 148ms
82ms XHR
text/html 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=96482&adid=19&formatid=26711&size=desktop
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build_noconsent/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 1b71847575859881bb8360cdb94db69b2992aefaf90465c93ca3077522df5f0a

Request headers

Referer: https://freefirebrr.online/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

x-77-nzt: AcO1rgUlprXLoXQBAA
x-accel-expires: @1658711985
date: Sun, 24 Jul 2022 01:19:45 GMT
content-encoding: br
server: CDN77-Turbo
x-77-nzt-ray: kG6wLVutPNs
vary: Origin
x-77-cache: MISS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://freefirebrr.online
cache-control: max-age=86400
x-cache: EXPIRED
x-age: 95393
x-77-pop: frankfurtDE

GET
H2 200 moneybid.js Show response
ads.themoneytizer.com/bidder1/ 626 B
648 B 148ms
82ms XHR
text/html 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=96482&adid=2&formatid=26300&size=desktop
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build_noconsent/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 488397c1e6080e41814b64cd43191ddc630a928a8aa95349bfa77d76bd1a80b9

Request headers

Referer: https://freefirebrr.online/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

x-77-nzt: AcO1rgVeTw3LoXQBAA
x-accel-expires: @1658711985
date: Sun, 24 Jul 2022 01:19:45 GMT
content-encoding: br
server: CDN77-Turbo
x-77-nzt-ray: WWVO3P6oxX0
vary: Origin
x-77-cache: MISS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://freefirebrr.online
cache-control: max-age=86400
x-cache: EXPIRED
x-age: 95393
x-77-pop: frankfurtDE

GET
H2 200 moneybid.js Show response
ads.themoneytizer.com/bidder1/ 627 B
652 B 144ms
79ms XHR
text/html 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=96482&adid=4&formatid=26324&size=desktop
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build_noconsent/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 047bb3d603b0eab19f5ee24f9e6881bde68096e69d460d73c3ec20e57c92a502

Request headers

Referer: https://freefirebrr.online/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

x-77-nzt: AcO1rgVDQAbLoXQBAA
x-accel-expires: @1658711985
date: Sun, 24 Jul 2022 01:19:45 GMT
content-encoding: br
server: CDN77-Turbo
x-77-nzt-ray: lZz/mS34Dxk
vary: Origin
x-77-cache: MISS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://freefirebrr.online
cache-control: max-age=86400
x-cache: EXPIRED
x-age: 95393
x-77-pop: frankfurtDE

POST
H2 204 pb Show response
ad.360yield.com/ 0
171 B 192ms
51ms XHR
text/plain 54.154.103.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.360yield.com/pb
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build_noconsent/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.103.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-103-240.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://freefirebrr.online/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://freefirebrr.online
date: Sun, 24 Jul 2022 01:19:45 GMT
access-control-allow-credentials: true
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

POST
H/1.1 204
No Content / Show response
b1h.zemanta.com/api/bidder/prebid/bid/ 0
124 B 421ms
100ms XHR
text/plain 64.202.112.127
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://b1h.zemanta.com/api/bidder/prebid/bid/
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build_noconsent/dist/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.127 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://freefirebrr.online/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://freefirebrr.online
Access-Control-Allow-Credentials: true

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
278 B 96ms
35ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build_noconsent/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://freefirebrr.online/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://freefirebrr.online
date: Sun, 24 Jul 2022 01:19:44 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 8
vary: origin, Accept-Encoding

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 122 KB
30 KB 310ms
245ms XHR
application/json 37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build_noconsent/dist/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

d46f8343e38c8581a94f8b9cc4566db275821d312299fe6105daf70a76cf3b93

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://freefirebrr.online/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 24 Jul 2022 01:19:45 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 31.204.150.114; 31.204.150.114; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: e2fdfb5c-c45c-4e2b-a29a-64f95711ec44
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://freefirebrr.online
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
365 B 36ms
36ms XHR
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build_noconsent/dist/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://freefirebrr.online/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://freefirebrr.online
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 200 prebid Show response
mp.4dex.io/ 114 B
600 B 113ms
42ms XHR
application/json 2606:4700::6812:372
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build_noconsent/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 638b6851aa89d856a997b5e96feef9e3529f109a761d27e2b07c8bb34ad59183

Request headers

Referer: https://freefirebrr.online/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

cf-ray: 72f8d4544effb7c7-AMS
pragma: no-cache
date: Sun, 24 Jul 2022 01:19:45 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
x-warn: Preparing candidates. No matching rules and/or Bids disallowed and/or Invalid predictions
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://freefirebrr.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
server: cloudflare
expires: 0

GET
H2 200 UCookieSetPug
image2.pubmatic.com/AdServer/ 0
225 B 103ms
27ms Image
text/html 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D1ed88359-15b1-46ac-a57c-e9695877b26b
Requested by: Host: freefirebrr.online
URL: https://freefirebrr.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:19:45 GMT
content-encoding: gzip
server: nginx
cache-control: no-store, no-cache, private
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

getuid
sync.smartadserver.com/
Redirect Chain

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D1ed88359-15b1-46ac-a57c-e9695877b26b&gdpr=0
https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=1ed88359-15b1-46ac-a57c-e9695877b26b&gdpr=0&cklb=1

0
316 B

34ms
34ms

Image
text/plain

185.86.137.110
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=1ed88359-15b1-46ac-a57c-e9695877b26b&gdpr=0&cklb=1
Requested by: Host: freefirebrr.online
URL: https://freefirebrr.online/
Protocol: HTTP/1.1
Server: 185.86.137.110 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 01:19:45 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location: https://sync.smartadserver.com:443/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=1ed88359-15b1-46ac-a57c-e9695877b26b&gdpr=0&cklb=1
pragma: no-cache
date: Sun, 24 Jul 2022 01:19:45 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1

200
OK

ca.png
s.cpx.to/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=1ed88359-15b1-46ac-a57c-e9695877b26b
https://s.cpx.to/ca.png?dsp=dbm&fid=1ed88359-15b1-46ac-a57c-e9695877b26b&google_gid=CAESENtPuKn6prtBwIynPtP6eIo&google_cver=1

95 B
804 B

82ms
43ms

Image
image/png

52.49.3.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/ca.png?dsp=dbm&fid=1ed88359-15b1-46ac-a57c-e9695877b26b&google_gid=CAESENtPuKn6prtBwIynPtP6eIo&google_cver=1

Requested by

Host: freefirebrr.online
URL: https://freefirebrr.online/

Protocol

HTTP/1.1

Server

52.49.3.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-3-229.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Sun, 24 Jul 2022 01:19:45 GMT
X-Frame-Options: sameorigin
Content-Type: image/png
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 95

Redirect headers

pragma: no-cache
date: Sun, 24 Jul 2022 01:19:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://s.cpx.to/ca.png?dsp=dbm&fid=1ed88359-15b1-46ac-a57c-e9695877b26b&google_gid=CAESENtPuKn6prtBwIynPtP6eIo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
264 B 45ms
44ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1
Requested by: Host: freefirebrr.online
URL: https://freefirebrr.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 01:19:45 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

an_fire
s.cpx.to/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12763%26ref%3D%26url%3Dhttps%253A%252F%252Ffreefirebrr.online%252F%26hn_ver%3D40%26fid%3D1ed88359-1...
https://s.cpx.to/an_fire?app_nexus_uid=8116403588374953936&pid=12763&ref=&url=https%3A%2F%2Ffreefirebrr.online%2F&hn_ver=40&fid=1ed88359-15b1-46ac-a57c-e9695877b26b

95 B
865 B

44ms
43ms

Image
image/png

52.49.3.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/an_fire?app_nexus_uid=8116403588374953936&pid=12763&ref=&url=https%3A%2F%2Ffreefirebrr.online%2F&hn_ver=40&fid=1ed88359-15b1-46ac-a57c-e9695877b26b

Requested by

Host: freefirebrr.online
URL: https://freefirebrr.online/

Protocol

HTTP/1.1

Server

52.49.3.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-3-229.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Sun, 24 Jul 2022 01:19:45 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Sun, 24 Jul 2022 01:19:45 UTC

Redirect headers

Pragma: no-cache
Date: Sun, 24 Jul 2022 01:19:45 GMT
X-Proxy-Origin: 31.204.150.114; 31.204.150.114; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: a20fce20-8664-47c2-9af5-fb2b5c37be32
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.cpx.to/an_fire?app_nexus_uid=8116403588374953936&pid=12763&ref=&url=https%3A%2F%2Ffreefirebrr.online%2F&hn_ver=40&fid=1ed88359-15b1-46ac-a57c-e9695877b26b
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H/1.1 204
No Content genericpost
ww1097.smartadserver.com/ Frame 0
0 154ms
33ms Preflight 185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1097.smartadserver.com/genericpost
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,save-data
Access-Control-Request-Method: POST
Origin: https://freefirebrr.online
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,save-data
access-control-allow-methods: GET,HEAD,POST
access-control-allow-origin: https://freefirebrr.online
date: Sun, 24 Jul 2022 01:19:46 GMT
vary: Origin

OPTIONS
H/1.1 204
No Content genericpost
ww1097.smartadserver.com/ Frame 0
0 151ms
32ms Preflight 185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1097.smartadserver.com/genericpost
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,save-data
Access-Control-Request-Method: POST
Origin: https://freefirebrr.online
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,save-data
access-control-allow-methods: GET,HEAD,POST
access-control-allow-origin: https://freefirebrr.online
date: Sun, 24 Jul 2022 01:19:45 GMT
vary: Origin

POST
H/1.1 200
OK genericpost Show response
ww1097.smartadserver.com/ 605 B
702 B 164ms
97ms XHR
application/javascript 185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1097.smartadserver.com/genericpost
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: dfa9611868d33a45d19da41a82b457d94fc88062d8f182e7bc1e9b7c43f6a462

Request headers

Referer: https://freefirebrr.online/
accept-language: nl-NL,nl;q=0.9
Save-Data: off
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
content-type: application/javascript

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 01:19:45 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://freefirebrr.online
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
272 B 41ms
41ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=96482&f=28&fi=0
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=96482&formatId=28
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 24 Jul 2022 01:19:46 GMT
Server: nginx
X-IPLB-Request-ID: 1FCC9672:8542_36264064:01BB_62DC9E30_1A86730B:12783
X-IPLB-Instance: 41595
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

POST
H/1.1 200
OK genericpost Show response
ww1097.smartadserver.com/ 587 B
698 B 178ms
110ms XHR
application/javascript 185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1097.smartadserver.com/genericpost
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 86a52b768e84fafc11bf154a9e66dbeee54c99a138c8e06b570d9d75a1f370b6

Request headers

Referer: https://freefirebrr.online/
accept-language: nl-NL,nl;q=0.9
Save-Data: off
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
content-type: application/javascript

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 01:19:46 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://freefirebrr.online
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
282 B 39ms
39ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=96482&f=31&fi=0
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=96482&formatId=31
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 24 Jul 2022 01:19:46 GMT
Server: nginx
X-IPLB-Request-ID: 1FCC9672:8534_36264064:01BB_62DC9E30_1A82AF7E:2F1DF
X-IPLB-Instance: 24858
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
geo: rbx

GET
H3 200 render_post_ads_v1.html Show response
googleads.g.doubleclick.net/pagead/ Frame 5310 13 KB
5 KB 33ms
32ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build_noconsent/dist/prebid.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04f5d63c75f9fabede423b3d013e6efd9a448190898a34499a4010a59014a8d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freefirebrr.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 69154
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 4980
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Jul 2022 06:07:12 GMT
etag: 12223946614886178233
expires: Sun, 24 Jul 2022 06:07:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 xbfe_backfill.js Show response
googleads.g.doubleclick.net/pagead/ Frame 9BD3 11 KB
5 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build_noconsent/dist/prebid.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05fdf9059f82368fa058a4fed88c9b56263934d770af68ea301f57f80be88ca6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 00:24:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3313
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4665
x-xss-protection: 0
server: cafe
etag: 1690156577369591742
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 24 Jul 2022 01:24:33 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/224/ Frame 9BD3 85 KB
29 KB 160ms
40ms Script
application/x-javascript 104.90.104.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/224/trk.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build_noconsent/dist/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.90.104.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-104-226.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 24 Jul 2022 01:19:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Feb 2022 08:58:20 GMT
Server: AkamaiNetStorage
ETag: "80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29216
Expires: Mon, 24 Jul 2023 01:19:46 GMT

GET
H/1.1 200
OK it
fra1-ib.adnxs.com/ Frame 9BD3 0
817 B 109ms
32ms Image
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Ffreefirebrr.online%252F&e=wqT_3QKSBvBMEgMAAAMA1gAFAQixvPKWBhCttqeqwJO7lVkY0P-tlvrB0NFwKjYJpyIVxhaC3j8RETBfA8eK2j8ZAAAAQDMz0z8hETBfA8eK2j8ppyIJJAAxARvA4XqkPzCokdEMOMNGQOUeSGVQp6LLJVj8nJcBYABo-4ypAXjZ1QWAAQGKAQNVU0SSAQEG8GGYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AK54QPgAtaXXOoCG2h0dHBzOi8vZnJlZWZpcmVicnIub25saW5lL4ADAIgDAZADAJgDF6ADAaoD6gEKvwFodAkxcHBhZ2VhZDIuZ29vZ2xlc3luZGljYXRpb24uY29tDR5EL2dlbl8yMDQ_aWQ9YXdiaWQmBQb0BQFfYj1BS0FtZi1CdktjNnFLQjFhay1EZVZ1TEQ2aHlDMXBuNFVtaDhJbzl2NWxnb01JNGlRSzRKYWxXRGIxTG9KSEhzUWllTE9HU2JybV9SeGRNcE9WZXVXQW9BR3VXMHFNZGZGQSZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhM2NDI1MjA3OTczMjQ1MjEzNDg1Igg3ODgyNzgxNSoEMzk0MToBMMADrALIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMzEuMjA0LjE1MC4xMTSoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAEIcxYiAUBmAUAoAXoyNDx1P63yQTABQDJBQAFARTwP9IFCQkFC3wAAADYBQHgBQHwBYDOA_oFBAgAEACQBgCYBgC4BgDBBgEhNAAA8D_QBu6PAdoGFgoQCRIZAaAQABgA4AYB8gYCCACABwGIBwCgBwGqBwwxMDQ2MTEzMjkxMTG6Bw8IAAEpQCAAMAA41RVAAMgH2dUF0gcNFYYBHgjaBwYJJ2jgBwDqBwIIAPAH67cwiggCEACVCAAAgD-YCAE.&s=305745359890eda2e51148488d33faaac05dab3e

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build_noconsent/dist/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Jul 2022 01:19:46 GMT
X-Proxy-Origin: 31.204.150.114; 31.204.150.114; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 65042c1a-2447-481e-b4aa-5818d92663a7
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9BD3 0
20 B 68ms
67ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=awbid&awbid_b=AKAmf-DLUCvdCEvMCMhEHZJEdOab24CkxImwv5UT1rvDzXwAiOOYHxGrmvnKiHWhmsfbmYYWtvsul9caeJKD-XkOXvWYPSijng

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build_noconsent/dist/prebid.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 01:19:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK script.js Show response
acdn.adnxs-simple.com/strikeforce/ Frame 7531 119 KB
42 KB 330ms
97ms Script
application/javascript 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build_noconsent/dist/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 44ce5487a962cfa990086c2190a76e047feb5cc24d164e9284dcaace3536d531

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 24 Jul 2022 01:19:46 GMT
Content-Encoding: gzip
Age: 70604
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 42477
X-Served-By: cache-lga21965-LGA, cache-ewr18153-EWR
Access-Control-Allow-Origin: *
Last-Modified: Wed, 06 Jul 2022 14:51:36 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Timer: S1658625587.663270,VS0,VE0
ETag: W/"62c5a178-1da28"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Mon, 11 Jul 2022 05:44:09 GMT
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 2, 18354

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7531 0
20 B 67ms
67ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=awbid&awbid_b=AKAmf-BJPnZ5glctwLSKICvI_1l_P-Qvs6eunLLf7bixYLQfcqodXc0Hg6G6zq4G9qCD6W9mJXP6hRKWZW8uY3v9s8tzky2_F7VUMveJvOggNaDE8Ks3Vew

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build_noconsent/dist/prebid.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 01:19:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 xbfe_backfill.js Show response
googleads.g.doubleclick.net/pagead/ Frame 7531 11 KB
5 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build_noconsent/dist/prebid.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05fdf9059f82368fa058a4fed88c9b56263934d770af68ea301f57f80be88ca6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 00:24:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3313
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4665
x-xss-protection: 0
server: cafe
etag: 1690156577369591742
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 24 Jul 2022 01:24:33 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/224/ Frame 7531 85 KB
29 KB 147ms
39ms Script
application/x-javascript 104.90.104.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/224/trk.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build_noconsent/dist/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.90.104.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-104-226.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 24 Jul 2022 01:19:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Feb 2022 08:58:20 GMT
Server: AkamaiNetStorage
ETag: "80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29216
Expires: Mon, 24 Jul 2023 01:19:46 GMT

GET
H/1.1 200
OK it
fra1-ib.adnxs.com/ Frame 7531 0
817 B 122ms
33ms Image
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Ffreefirebrr.online%252F&e=wqT_3QKmBvBMJgMAAAMA1gAFAQixvPKWBhC-kpXvp8774QEY0P-tlvrB0NFwKjYJ1jpxOV6BBEARrywLBfA_AkAZAAAAgOtR4D8hrywLBfA_AkAp1joJJNAxAAAAIIXrsT8w6sLODDiVHEDlHkhlUK2iyyVYwoCgAWAAaIz4Tnj82AWAAQGKAQNVU0SSAQEG8GGYAcoHoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8kPgAuWWLOoCG2h0dHBzOi8vZnJlZWZpcmVicnIub25saW5lL4ADAIgDAZADAJgDF6ADAaoD_gEK1AFodAkxcHBhZ2VhZDIuZ29vZ2xlc3luZGljYXRpb24uY29tDR5EL2dlbl8yMDQ_aWQ9YXdiaWQmBQb0gQFfYj1BS0FtZi1CM3F0cEx2THUtS28xMGUtWVFHd1pVd3YyVVZ1aEtXc0Zhd1ZvUDJabklJOHZyMTQ5WlY4Y0c0cFIwb18xWE9zWlNNOWQtMjZyY3hTWGs3aDFmSVgxT1B1ajFlT3VBZjE5akIzb3lNR1Q0dWk0M2prWSZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhIxMjcyMDczOTAwMDIzNjY3ODIiCDc4ODI3ODIxKgQzOTQxOgEwwAOsAsgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4zMS4yMDQuMTUwLjExNKgEALIEEAgAEAEYygcg-gEoADAAOAK4BADABADIBADaBAIIAeAEAfAEraLLJYgFAZgFAKAF3tn04PCip8wPwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFvOAb-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBu6PAdoGFgoQAAAAAAAAAAAAAAlNoBAAGADgBgHyBgIIAIAHAYgHAKAHAaoHDDEzNjUyMjM1MjM3OboHDwgAASlEIAAwADjVFUAAyAf82AXSBw0JCUUAAAVHCNoHBgknaOAHAOoHAggA8AfrtzCKCAIQAJUIAACAP5gIAQ..&s=2f4c615d9c05e5154a7cfc3e0ab146856075426d

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build_noconsent/dist/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Jul 2022 01:19:46 GMT
X-Proxy-Origin: 31.204.150.114; 31.204.150.114; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: a4e2b170-5b48-40b1-89ed-efca2e216fb6
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame F0BB 52 KB
17 KB 299ms
97ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=9027&pub_id=1885960
Requested by: Host: freefirebrr.online
URL: https://freefirebrr.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://freefirebrr.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 72634
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 24 Jul 2022 01:19:46 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 20 Jul 2022 05:09:06 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 1, 194600
X-Served-By: cache-lga13622-LGA, cache-ewr18149-EWR
X-Timer: S1658625587.657598,VS0,VE0

GET
H/1.1 200
OK rd_log Show response
fra1-ib.adnxs.com/ Frame 9BD3 0
817 B 69ms
33ms Script
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Ffreefirebrr.online%2F&e=wqT_3QKrLugrFwAAAwDWAAUBCLG88pYGEMTtnvn5zoO1LhjQ_62W-sHQ0XAqNgkjg9xFmKLpPxGmNA8edU3mPxkAAAECDOA_IaYNEgApESQAMQEZwAAA4D8wrJHRDDjDRkDlHkhlUKGf6SRY_JyXAWAAaPuMqQF42dUFgAEBigEDVVNEkgEBBvSXApgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AK54QPgAtaXXOoCG2h0dHBzOi8vZnJlZWZpcmVicnIub25saW5lL_ICDQoGSEVJR0hUEgMyNTDyAgwKBVdJRFRIEgMzMDDyAiEKBkxPQURFUhIXcmVuZGVyX3Bvc3RfYWRzX3YxLmh0bWzyAhgKCklGUkFNRV9LRVkSCjIwMDYzNzc1MTXyAr8VCgtQUkVfU0NSSVBUUxKvFTxzY3JpcHQ-KGZ1bmN0aW9uKCl7LyoKCiBDb3B5cmlnaHQgVGhlIENsb3N1cmUgTGlicmFyeSBBdXRob3JzLgogU1BEWC1MaWNlbnNlLUlkZW50aWZpZXI6IEFwYWNoZS0yLjAKKi8KdmFyIGg9dGhpc3x8c2VsZjsvKgoKIFNQRFgtTGljZW5zZS1JZGVudGlmaWVyOiBBcGFjaGUtMi4wCiovCnZhciBrPUFycmF5LnByb3RvdHlwZS5pbmRleE9mP2Z1bmN0aW9uKGEsYyl7cmV0dXJuIEFycmF5LnByb3RvdHlwZS5pbmRleE9mLmNhbGwoYSxjLHZvaWQgMCl9OmZ1bmN0aW9uKGEsYyl7aWYoInN0cmluZyI9PT10eXBlb2YgYSlyZXR1cm4ic3RyaW5nIiE9PXR5cGVvZiBjfHwxIT1jLmxlbmd0aD8tMTphLmluZGV4T2YoYywwKTtmb3IodmFyIGQ9MDtkPGEubGVuZ3RoO2QrKylpZihkIGluIGEmJmFbZF09PT1jKXJldHVybiBkO3JldHVybi0xfTtmdW5jdGlvbiBsKGEpe2xbIiAiXShhKTtyZXR1cm4gYX1sWyIgIl09ZnVuY3Rpb24oKXt9O2Z1bmMhziAgbihhKXthPXYF7kA9PT1hP2RvY3VtZW50OmE7ciksKGEuY3JlYXRlRWxlARkoKCJpbWciKX07ZnUpWZAgcChhLGMsZCl7YS5nb29nbGVfaW1hZ2VfcmVxdWVzdHN8fChhVhoAOD1bXSk7dmFyIGI9bihhLhF8HCk7aWYoZCl7ARoEZT0RaAgoKXsZFwRmPVptAEQsZz1rKGYsYik7MDw9ZyYmQXI2FwKoc3BsaWNlLmNhbGwoZixnLDEpfWIucmVtb3ZlRXZlbnRMaXN0ZW5lciYmYk4XADQoImxvYWQiLGUsITEpO7Y6ABBlcnJvcg07GH07Yi5hZGRCcwA-FAA-cAA-IAAEJiZGSAAAKDZqABxiLnNyYz1jO1oxARgucHVzaChiLtEBBHEoKXwEYT0xkjQuY3VycmVudFNjcmlwdE0aACgyOQIwbnVsbDphKSYmIjc3IkFLaC5nZXRBdHRyaWJ1dGUoImRhdGEtamMiKT9hOhVXPHF1ZXJ5U2VsZWN0b3IoJ1sNJQA9AUQMXScpfUUdLHI9UmVnRXhwKCJeaKEd4D86Ly8oXFx3fC0pK1xcLmNkblxcLmFtcHByb2plY3RcXC4obmV0fG9yZykoXFw_fC98JCkiKTsKZlGxAHQV4ABoBWEMYz1bXQUJBGQ9AcYMO2Rve0F7GGI9YTt0cnkFDABlQZMYZT0hIWImJgEkHCE9Yi5sb2NhYUYgLmhyZWYpYjp7AS2QbChiLmZvbyk7ZT0hMDticmVhayBifWNhdGNoKG0pe31lPSExfQFeCGY9ZRkXAGYBFgxpZihmKXkAZz5eAAw7ZD1idR8h9DVCJHJlZmVycmVyfHwBlyR9ZWxzZSBnPWQsDcsAYynfMG5ldyB1KGd8fCIiKSkF1RRhPWIucGEh1BmGAGEF_2x9fXdoaWxlKGEmJmIhPWEpO2I9MDtmb3IoYT1jjcp0LTE7Yjw9YTsrK2IpY1tiXS5kZXB0aD1hLWI7Yj1oISs5HgGuNSo4YW5jZXN0b3JPcmlnaW5zbhwADWsAPR11ACkJhgwxO2E8EYpMOysrYSlnPWNbYV0sZy51cmx8fCgFCC5CATp2ABRbYS0KMV0hDBgsZy5oPSEwAeMpIgBoGash1WXlAGclFiUCBGQ9MgQBHDA8PWQ7LS1koaxIZj1jW2RdLCFnJiZyLnRlc3QoZgGPICkmJihnPWYpLAUOLCYmIWYuaCl7Yj1mO0UbAH0NXQBkFeYEJiYBzAE7BDswQWUlWggmJmQFSAEbCCk7YwWtFHYoYixnKW2LGCBjLmc_Yy4F-gw6Yy5pAUAAfbE5BCB2oaEEKXvhXwQuaUHVGGhpcy5nPWMZIgB1HSIIdXJsESQUaD0hIWM7BS8FiCUKvfoAd3VJLHQoKSxjPWEuaW5kZcHePCI_Iik7c2V0VGltZW91dCgRjA0xAGTZcxhkPy4wMTpkQTVEIShNYXRoLnJhbmRvbSgpPmQpaQ8MYj1xKCGkACJl_zQ6Ly8iKyhiJiYidHJ1ZYFrAGJWawQ4LXJjZCIpPyJwYWdlYWQyzYMQc3luZGlpuSAtY24uY29tIjpmIwAFIAwpKyIvCUV4L2dlbl8yMDQ_aWQ9amNhJmpjPTc3JnZlcnNpb249IoVFDGU9KGUBsQwpJiZlWpkADTEwIil8fCJ1bmtub3duImHjXCtlKyImc2FtcGxlPSIrZDtiPXdpbmRvdwVYAGY5NBRmPyExOmYhMzRlPWIubmF2aWdhdG9yKTIOAFAudXNlckFnZW50LGU9L0Nocm9tZS9JmyBlKSYmIS9FZGcZERw_ITA6ITE7ZWGTFVEwLnNlbmRCZWFjb24_Ch1pHRgkKGQpOnAoYixkLCJFCAmeECl9fSwwVaBcMDw9Yz9hLnN1YnN0cmluZygwLGMpOmF9CeAMLnJmbC7oBxp6CGhlbmNvZGVVUklDb21wb25lbnQodygpKX07fSnpwUGaFCk7Cjwvc8WYbD7yAskCCgpFWFRSQV9UQUdTEroCPGRpdiBzdHkhUgxwb3NpobFkOiBhYnNvbHV0ZTsgbGVmdDogMHB4OyB0b3ANCmR2aXNpYmlsaXR5OiBoaWRkZW47Ij48aW1nIOFLVYdJFEpZAkE2DR4uMgIUYXdiaWQmBQbwhl9iPUFLQW1mLUFzcm9hR0JXdDk5QWU2WmY0WTdQUUFseDBHX2dZXzJiRXdSaEp6UjhwV05WeU8xRWNDMGozNXc3d0szWnRoRnBqRGRhSE9kQjZVX21tbWVrckVpOVNmZDdCUnRnIiBib3JkZXI9MCB3aWR0aD0xIGhlaWdodD0xIGFsdD0iIjEaiGRpc3BsYXk6bm9uZSI-PC9kaXY-8gKaAQoMUE9TVF9TQ1JJDhEMBIkBGhEMNggBFvYJUGFkcy5nLmRvdWJsZWNsaWNrLm5ldDEGPHhiZmVfYmFja2ZpbGwuanMBZS21DVMAPp0kICB7cjNweCgnMiKdDBwnKTt9KSgpOz3rEPAPChBIAZ40UE9SVF9QQVJBTVMS2w-RJIqVAPB9YWRmZXRjaD9hZGs9Nzg1Mzg4NjQwJmFkc2FmZT1tZWRpdW0mY2xpZW50PWNhLXB1Yi0zMDc2ODkwMDEyNzQxNDY3JmZvcm1hdD0zMDB4MjUwX2FzJmlwPTMxLjIwNC4xNTAuMTE0Jm91dHB1dD1odG1sJnVudmlld2VkX3BvSYwgX3N0YXJ0PTEmoXcRvAhmcmU-_A0UJnN1Yl9jCY0AYkGT8H1yLTU2OTUwNDcmaGw9bmwmYWNlaWQ9TUhVWHRBQlpHTFFBNXh1MEFQbFZOQUg2V0RRQmptRTBBWFJsTkFINWNEUUJ3SFUwQVdoM05BR2FlRFFCbG5rMEFjbDZOQUgwZWpRQkNIczBBU3Q3TkFFNmV6UUJYSHMwQVY5N05BRnoBECxpSHMwQVpKN05BR2MBEBhwWHMwQWJOARAAMQEQBHRuARAUMTdOQUhQARD0kwdXMnhCQVV0elFRRlRjMEVCTHRQSkFmNUY1Z0hrLVlnQ24wQ3FBaWRDcWdJb1Fxb0NLVUtxQW14YnFnTFFZYW9DRW1pcUFsNXNxZ0lMYzZvQ21ucXFBcHQ2cWdMcWhxb0NqWXFxQW5HUHFnSlVrYW9DZ0p1cUFvR2JxZ0tDbTZvQ3lhT3FBcUtvcWdKY3Rxb0N6ODJxQW5EU3FnSWExS29DbHRTcUFxblVxZ0ttMnFvQ1ZkNnFBcURscWdJZjVxb0NxX0dxQXJfeHFnSTU4cW9Dc1BPcUFxcjBxZ0wwOWFvQ1NfYXFBbGY0cWdLcC1xb0NKZnVxQWtIN3FnS0ktNm9Dd3YycUF2VDlxZ0lEQXFzQ3FBS3JBcXdGcXdMMkJhc0Nid2FyQWhzSHF3SmtCNnNDZ2dlckFrZ0lxd0xfQ0tzQ2J3bXJBdjBKcXdMRURLc0NFUTJyQXM0TnF3TGJEYXNDOGcyckFyUVJxd0pjRXFzQ2JSS3JBZ3NVcXdJQUZhc0N2aGFyQW9FWHF3TERHYXNDRUJxckFuc2Nxd0pKSGFzQ2Z4MnJBb0VlcXdMOUhxc0N3aUNyQXNZZ3F3SXdJYXNDWFNHckFxQWhxd0tISXFzQ2tQTVVBOC16eFFYTW9UVVJ0YUg3RWhQSS14SmF5dnNTenRIN0VqUGkteEttNlBzU3FlXzdFcHZ5LXhJRS1mc1N6Zno3RXRyOC14Sk1fZnNTWVA3N0VsdWY2aFJvb3VvVXZ2UGxGdnBXYXhyVThGa29XUUNTS1EmZXhrPTIwMDYzNzc1MTUmYXdiaWRfYz1BS0FtZi1Bb2psNGdmNnZLREdPWG16YkNKSktGcUVJUkxacVlVcmFqNWNmWUZEVjBJR3RDdXQ4Vm1VTHBUbVFRYXJIX2hQV0ZZaTBGdjhFNldBalNwcE9fRms2QUNadXp2dEUxdlBNQ3pVeU9Fd1ZIYUwwb1R2ajIyVTluSUhzOFJXNDIwTUZIUFIzalQ4c0tlWWJET1B0eGhHdENEd0xWc1R1VWo0ajRrdkw1MzJlYVJTWnZlUzgmYXdiaWRfZD1BS0FtZi1CQkc5V1hyejFfVkJDRkZ5eXZpZzhfc3dybjQ3Vlh0ckdVMjg2RWhxR0U5cGY4RUI4STJkSGhNYnh3dmFENnlSOF8zTXV5ZVBqSlhxMlpWaFFYZHJZYUlGVlJaV3RwXzhMbjlaZld3S1dTeXB5Z3ZBelg1bWM5SE03SUdpRnlWTlAzTjFsQ3U4UzQtM3FTTzBDR1BQamgtRmMxNlpObFg5dk9vMnQtbkdsZnVUVURvbW5NOGJHVEYtY0h4RVktdnVZVndyWFlLSjhYR1BzVzdCS29tX1p6SVR6NEVzQWdzaUtNUUVndGFuc3NSVExORmZKdVdZV0FYYklaYkZRRTE1cmFKVmZVLUxqMlpSVW9jN05QR0tLaWdldEFRbmM2V2RUWHU0amw3WmRWU21rclI4amFWN1FjNWZ5alJNcnZvcGJhZGZuaHVHb1paUDREVFJQcEpUbWM1MU01NVNGLUl3NU9zdFJaSUh2WURKN09BTWRpZGRocjNiS200Z0Q3V2RtbU5LWmVPTEljaDBUV0hKajBVSzRlbVB5aDlEcDhQU1RCVmliX3Q4NWtaV2VxdEhTb0VzVlZuN0cwMEt5Zk1ENUxWNUVScG10cXk5SG5iZnBoLURRSGJhZ216dEhNN19nRzNnMm04SmJ1WWRSbm1ucEx4ZkRlc3JJV0NCbU5rdFVWU2dCRDRyWlVIbTQtYzJJQVc4RGZ0MmhjUmwxTnhRYWhtQ2FIRW9scW1XR1BIdWdWZWZBVnVDeW5Ydi1uZDBWUkNXX083Y3BCdUhST1Z3X21kVkNwWi1vRlVQWU82U085d19wcF9hbUxueGxUdGY3VFdtRWVtV3pQTExuenRjRXlCQnh3eTBRdHBXT0lkMDZfY0luTkJxRTdPdHF5TEs4YzA1RWNRWDVreURjajU3NVlhRTMwZnUyV2xhQTdyT29SVEtTQWlWV1kybXEtdkpyZ00xQjI5bzNnb2NOZlBjWERJX1NZd2I4UlYxRDRrVmcta2YzcXJJWjhvMzJZeFhVc2IzS2QmY2lkPUNBQVNCT1JvcGtJJmFfY2lkPYADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMzEuMjA0LjE1MC4xMTSoBACyBBIIARAEGKwCIPoBKAEoAjAAOAa4BADABADIBADaBAIIAeAEAfAEoZ_pJIgFAZgFAKAF7rKXvYzTzsU6wAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFvOAb-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBu6PAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAaoHDDEzOTM5ODU3MjM1OLoHDwgAEAAYACAAMAA41RVAAMgH2dUF0gcNCQAAAAAAAAAAEAAYANoHBggAEAAYAOAHAOoHAggA8AfrtzCKCAIQAJUIAACAP5gIAQ..&s=785b6b1a6ceb21bc2440ba84b7bec94e149df7f8&bdref=https%3A%2F%2Ffreefirebrr.online%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Ffreefirebrr.online%2F,https%3A%2F%2Ffreefirebrr.online%2F&

Requested by

Host: freefirebrr.online
URL: https://freefirebrr.online/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Jul 2022 01:19:46 GMT
X-Proxy-Origin: 31.204.150.114; 31.204.150.114; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: c66a22fe-a7ba-44f4-a3b0-9b313493b674
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 200 adfetch Show response
googleads.g.doubleclick.net/pagead/ Frame 5310 110 KB
40 KB 125ms
124ms XHR
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adfetch

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec045d7da7cbcac15cf15a3fbce0718d9603e62d91fbb1e8e99ba9ad531d64cb

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16949156056848288779/728x90.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16949156056848288779/728x90.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CL70luetkPkCFTrwuwgd4ywG6w&gqi=Mp7cYvzlHK_X7_UPjai2sAQ&layout=/sadbundle/%24csp%253Der3%24/16949156056848288779/728x90.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16949156056848288779/728x90.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16949156056848288779/728x90.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CL70luetkPkCFTrwuwgd4ywG6w&gqi=Mp7cYvzlHK_X7_UPjai2sAQ&layout=/sadbundle/%24csp%253Der3%24/16949156056848288779/728x90.html
content-encoding: br
x-content-type-options: nosniff
server: cafe
date: Sun, 24 Jul 2022 01:19:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40723
x-xss-protection: 0

POST
H2 204 auction Show response
intake.pbstck.com/v1/intake/ 0
34 B 80ms
71ms XHR
text/plain 2606:4700:10::ac43:1997
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://intake.pbstck.com/v1/intake/auction?sId=dd8810a6&tId=fdd32483-319f-4510-9d88-f3049072942c&c=4&ctr=NL
Requested by: Host: freefirebrr.online
URL: https://freefirebrr.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1997 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://freefirebrr.online/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Sun, 24 Jul 2022 01:19:46 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 72f8d45be80a8fe0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

POST
H2 204 impression Show response
intake.pbstck.com/v1/intake/ 0
65 B 74ms
67ms XHR
text/plain 2606:4700:10::ac43:1997
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://intake.pbstck.com/v1/intake/impression?sId=dd8810a6&tId=fdd32483-319f-4510-9d88-f3049072942c&c=2&ctr=NL
Requested by: Host: freefirebrr.online
URL: https://freefirebrr.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1997 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://freefirebrr.online/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Sun, 24 Jul 2022 01:19:46 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 72f8d45be8098fe0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame 9BD3 0
842 B 33ms
33ms Ping
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ffreefirebrr.online%2F&e=wqT_3QKSBvBMEgMAAAMA1gAFAQixvPKWBhCttqeqwJO7lVkY0P-tlvrB0NFwKjYJpyIVxhaC3j8RETBfA8eK2j8ZAAAAQDMz0z8hETBfA8eK2j8ppyIJJAAxARvA4XqkPzCokdEMOMNGQOUeSGVQp6LLJVj8nJcBYABo-4ypAXjZ1QWAAQGKAQNVU0SSAQEG8GGYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AK54QPgAtaXXOoCG2h0dHBzOi8vZnJlZWZpcmVicnIub25saW5lL4ADAIgDAZADAJgDF6ADAaoD6gEKvwFodAkxcHBhZ2VhZDIuZ29vZ2xlc3luZGljYXRpb24uY29tDR5EL2dlbl8yMDQ_aWQ9YXdiaWQmBQb0BQFfYj1BS0FtZi1CdktjNnFLQjFhay1EZVZ1TEQ2aHlDMXBuNFVtaDhJbzl2NWxnb01JNGlRSzRKYWxXRGIxTG9KSEhzUWllTE9HU2JybV9SeGRNcE9WZXVXQW9BR3VXMHFNZGZGQSZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhM2NDI1MjA3OTczMjQ1MjEzNDg1Igg3ODgyNzgxNSoEMzk0MToBMMADrALIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMzEuMjA0LjE1MC4xMTSoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAEIcxYiAUBmAUAoAXoyNDx1P63yQTABQDJBQAFARTwP9IFCQkFC3wAAADYBQHgBQHwBYDOA_oFBAgAEACQBgCYBgC4BgDBBgEhNAAA8D_QBu6PAdoGFgoQCRIZAaAQABgA4AYB8gYCCACABwGIBwCgBwGqBwwxMDQ2MTEzMjkxMTG6Bw8IAAEpQCAAMAA41RVAAMgH2dUF0gcNFYYBHgjaBwYJJ2jgBwDqBwIIAPAH67cwiggCEACVCAAAgD-YCAE.&s=305745359890eda2e51148488d33faaac05dab3e&type=nv&nvt=5&jm=1003&px=613&py=5569&bw=728&bh=90&sid=2006596241463028839&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=26495144&sw=1600&sh=1200&pw=1600&ph=5730&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Jul 2022 01:19:46 GMT
X-Proxy-Origin: 31.204.150.114; 31.204.150.114; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: e2fdbc98-1cdd-409f-83dc-4d42267f9306
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://freefirebrr.online
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 728x90.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16949156056848288779/ Frame 687A 248 KB
89 KB 163ms
67ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16949156056848288779/728x90.html

Requested by

Host: freefirebrr.online
URL: https://freefirebrr.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e641c3063dd0ca25ef7274e13198fe9eac2606e4ef7dd4b17eb07c98991bf3c0

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 217724
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 89701
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 12:51:02 GMT
expires: Fri, 21 Jul 2023 12:51:02 GMT
last-modified: Wed, 21 Apr 2021 08:26:37 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/ Frame 5310 27 KB
11 KB 129ms
35ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3d0340c3bfad8cbb5a5fd678d4764a09007adda01e47d03f13de6edfb0ea222

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 00:10:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10526
x-xss-protection: 0
server: cafe
etag: 4815257668744283084
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Aug 2022 00:10:35 GMT

GET
H2 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame 5310 3 KB
2 KB 157ms
63ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/window_focus.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cabeba94738a961f0e3ee62c071f3d3759cb1bc06fad8a9f487bd28586203ba0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 00:22:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3417
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1431
x-xss-protection: 0
server: cafe
etag: 17826921741551292351
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Aug 2022 00:22:49 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5310 138 KB
43 KB 140ms
46ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:19:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43235
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658317440141293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 24 Jul 2022 01:19:46 GMT

GET
H2 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame 5310 25 KB
10 KB 133ms
40ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/qs_click_protection.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b27f9125f79c1eda4376b75ce18306c6f6ebe8a6c1cc25974f18e31cb2b916f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:08:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 650
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9870
x-xss-protection: 0
server: cafe
etag: 6433572839926360673
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Aug 2022 01:08:56 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 5310 0
0 135ms
42ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQrtrwJY6JQxtYJJqU_zaHJSDMogQy0vsRhfsYDA9HL2LHPmZ2IkYMnQNbSfq9nypzVRcCekdoGApoWCF_WPg1yI9Je1w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5310 0
17 B 80ms
79ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CC4PFMZ7cYpuQEfaGnsEPh5qGkAHnzoX0XMTNvt7gC8_Xor3AARABIOaX1iVgkYSghYwYoAHz08vTA8gBCakCXCwWm2wisT6oAwHIA0iqBNgBT9AF_w9SCcJYXJynUoy2bEHi5fswnSGxkGxsgM_R4THi9TZqwQkmXuifCgNfOj6aUgfm2pg86pBW8YPRqFtE9Wntzs6sEJxstJEswNjw-CJOThjIDeDWs46pKciTx7MQ6vYrBv1pfbvOAnfa589UP2qJzCMHf8t-y-xIWGGWL6B_InHJTBwOQ9z9ctqC44nI0HyP-oTAfjyGvN4RlM_Wm_3NtQNAo40wpRWYyU3QGVR_Wf3fWyJArTZ35PXw7VMyEumN47Jlhk1lp6DsPtsqAkcxDxl9ju3dwATX6MjahQOSBQQIBBgBkgUECAUYBKAGLoAHt8aILagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA0ggRCIDhgBAQARgAMgKqAjoCgEDyCA5iaWRkZXItNTY5NTA0N4AKBMgLAdgTDNAVAYAXAbIXCAoGCAASABgA&sigh=siw2q0-1N7o&uach_m=[UACH]&pr=10:0.47669&template_id=419&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 24 Jul 2022 01:19:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame F0BB 0
745 B 34ms
34ms Script
text/html 37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=9027&pub_id=1885960&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=9027&pub_id=1885960

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Jul 2022 01:19:46 GMT
X-Proxy-Origin: 31.204.150.114; 31.204.150.114; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 1fabee1c-05a2-45e4-a8d1-7a8fc2f728ca
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4013 143 B
163 B 35ms
34ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 2446
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sun, 24 Jul 2022 00:39:00 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 687A 9 KB
3 KB 105ms
34ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16949156056848288779/728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 09:41:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56288
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 24 Jul 2022 09:41:38 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 687A 26 KB
10 KB 107ms
36ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16949156056848288779/728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 16:14:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32729
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 24 Jul 2022 16:14:17 GMT

GET
DATA 200
OK truncated
/ Frame 5310 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7cd79a2c9cc563b31930c0a46ad4b385f5aca42d750ef422d0a5e14f7137654

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4013
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

51ms
51ms

Document
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 24 Jul 2022 01:19:46 GMT
expires: Sun, 24 Jul 2022 01:19:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 24 Jul 2022 01:19:46 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 171ms
111ms Preflight
text/plain 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://freefirebrr.online
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Sun, 24 Jul 2022 01:19:46 GMT
server: nginx/1.21.6
via: 1.1 google

POST
H3 200 1a Show response
i.clean.gg/ Frame 7531 0
15 B 167ms
114ms XHR
application/octet-stream 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://freefirebrr.online/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 24 Jul 2022 01:19:47 GMT
via: 1.1 google
server: nginx/1.21.6
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 render_post_ads_v1.html Show response
googleads.g.doubleclick.net/pagead/ Frame 2EB0 13 KB
5 KB 33ms
32ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Requested by

Host: freefirebrr.online
URL: https://freefirebrr.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04f5d63c75f9fabede423b3d013e6efd9a448190898a34499a4010a59014a8d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freefirebrr.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 69154
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 4980
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Jul 2022 06:07:12 GMT
etag: 12223946614886178233
expires: Sun, 24 Jul 2022 06:07:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 848C 52 KB
17 KB 96ms
96ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3605&pub_id=2166378
Requested by: Host: freefirebrr.online
URL: https://freefirebrr.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://freefirebrr.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 72634
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 24 Jul 2022 01:19:46 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 20 Jul 2022 05:09:06 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 1, 194602
X-Served-By: cache-lga13622-LGA, cache-ewr18149-EWR
X-Timer: S1658625587.874763,VS0,VE0

GET
H/1.1 200
OK rd_log Show response
fra1-ib.adnxs.com/ Frame 7531 0
817 B 33ms
33ms Script
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Ffreefirebrr.online%2F&e=wqT_3QKpLvBMKRcAAAMA1gAFAQixvPKWBhCjkfuw3-WYgSEY0P-tlvrB0NFwKjYJVydnKO549D8R2oZ6j2048j8ZAAAAQDMz9z8h2oZ6j2048j8pVycJJNAxAAAAIIXrwT8wn57RDDiVHEDlHkhlUKGf6SRYwoCgAWAAaIz4Tnj82AWAAQGKAQNVU0SSAQEG9NsFmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAvJD4ALllizqAhtodHRwczovL2ZyZWVmaXJlYnJyLm9ubGluZS_yAg0KBkhFSUdIVBIDMjUw8gIMCgVXSURUSBIDMzAw8gIhCgZMT0FERVISF3JlbmRlcl9wb3N0X2Fkc192MS5odG1s8gIXCgpJRlJBTUVfS0VZEgkyMzkzOTc5MjHyAr8VCgtQUkVfU0NSSVBUUxKvFTxzY3JpcHQ-KGZ1bmN0aW9uKCl7LyoKCiBDb3B5cmlnaHQgVGhlIENsb3N1cmUgTGlicmFyeSBBdXRob3JzLgogU1BEWC1MaWNlbnNlLUlkZW50aWZpZXI6IEFwYWNoZS0yLjAKKi8KdmFyIGg9dGhpc3x8c2VsZjsvKgoKIFNQRFgtTGljZW5zZS1JZGVudGlmaWVyOiBBcGFjaGUtMi4wCiovCnZhciBrPUFycmF5LnByb3RvdHlwZS5pbmRleE9mP2Z1bmN0aW9uKGEsYyl7cmV0dXJuIEFycmF5LnByb3RvdHlwZS5pbmRleE9mLmNhbGwoYSxjLHZvaWQgMCl9OmZ1bmN0aW9uKGEsYyl7aWYoInN0cmluZyI9PT10eXBlb2YgYSlyZXR1cm4ic3RyaW5nIiE9PXR5cGVvZiBjfHwxIT1jLmxlbmd0aD8tMTphLmluZGV4T2YoYywwKTtmb3IodmFyIGQ9MDtkPGEubGVuZ3RoO2QrKylpZihkIGluIGEmJmFbZF09PT1jKXJldHVybiBkO3JldHVybi0xfTtmdW5jdGlvbiBsKGEpe2xbIiAiXShhKTtyZXR1cm4gYX1sWyIgIl09ZnVuY3Rpb24oKXt9O2Z1bmN0aW9uIG4oYSl7YT12b2lkIDA9PT1hP2RvY3VtZW50OmE7cmV0dXJuIGEuY3JlYXRlRWxlbWVudCgiaW1nIil9O2Z1bmN0aW9uIHAoYSxjLGQpe2EuZ29vZ2xlX2ltYWdlX3JlcXVlc3RzfHwoYS5nb29nbGVfaW1hZ2VfcmVxdWVzdHM9W10pO3ZhciBiPW4oYS5kb2N1bWVudCk7aWYoZCl7dmFyIGU9ZnVuY3Rpb24oKXtpZihkKXt2YXIgZj1hLmdvb2dsZV9pbWFnZV9yZXF1ZXN0cyxnPWsoZixiKTswPD1nJiZBcnJheS5wcm90b3R5cGUuc3BsaWNlLmNhbGwoZixnLDEpfWIucmVtb3ZlRXZlbnRMaXN0ZW5lciYmYi5yZW1vdmVFdmVudExpc3RlbmVyKCJsb2FkIixlLCExKTtiLnJlbW92ZUV2ZW50TGlzdGVuZXImJmIucmVtb3ZlRXZlbnRMaXN0ZW5lcigiZXJyb3IiLGUsITEpfTtiLmFkZEV2ZW50TGlzdGVuZXImJmIuYWRkRXZlbnRMaXN0ZW5lcigibG9hZCIsZSwhMSk7Yi5hZGRFdmVudExpc3RlbmVyJiZiLmFkZEV2ZW50TGlzdGVuZXIoImVycm9yIixlLCExKX1iLnNyYz1jO2EuZ29vZ2xlX2ltYWdlX3JlcXVlc3RzLnB1c2goYil9O2Z1bmN0aW9uIHEoKXt2YXIgYT1kb2N1bWVudC5jdXJyZW50U2NyaXB0O3JldHVybihhPXZvaWQgMD09PWE_bnVsbDphKSYmIjc3Ij09PWEuZ2V0QXR0cmlidXRlKCJkYXRhLWpjIik_YTpkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCdbZGF0YS1qYz0iNzciXScpfTt2YXIgcj1SZWdFeHAoIl5odHRwcz86Ly8oXFx3fC0pK1xcLmNkblxcLmFtcHByb2plY3RcXC4obmV0fG9yZykoXFw_fC98JCkiKTsKZnVuY3Rpb24gdCgpe3ZhciBhPWg7dmFyIGM9W107dmFyIGQ9bnVsbDtkb3t2YXIgYj1hO3RyeXt2YXIgZTtpZihlPSEhYiYmbnVsbCE9Yi5sb2NhgVrwXi5ocmVmKWI6e3RyeXtsKGIuZm9vKTtlPSEwO2JyZWFrIGJ9Y2F0Y2gobSl7fWU9ITF9dmFyIGY9ZX1jYXRjaChtKXtmPSExfWlmKGYpe3ZhciBnPWIubG9jYXRpb24uAV4QO2Q9Yi5xm0EoEQxoLnJlZmVycmVyfHxudWxsfWVsc2UgZz1kLGQ9ARBUO2MucHVzaChuZXcgdShnfHwiIikpOwGoJGE9Yi5wYXJlbnQZhgBhBTR0fX13aGlsZShhJiZiIT1hKTtiPTA7Zm9yKGE9Yy5shcqYLTE7Yjw9YTsrK2IpY1tiXS5kZXB0aD1hLWI7Yj1oO2lmKGIubG9jBcABrhXMOGFuY2VzdG9yT3JpZ2luc24cAA1rAD0ddQApCYYMMTthPBGKTDsrK2EpZz1jW2FdLGcudXJsfHwoBQguQgE6dgAUW2EtCjFdIQwYLGcuaD0hMAHjKSIAaBmrIXcULCExKTtnJRYlAgRkPTIEAXgwPD1kOy0tZClpZihmPWNbZF0sIWcmJnIudGVzdChmAY8gKSYmKGc9ZiksBQ4sJiYhZi5oKXtiPWY7RRsAfQ1dAGQV5gQmJgHMATsIOzAhIfUhWggmJmQFSAEbCCk7YwWtHHYoYixnKTtyxXsYIGMuZz9jLgX6DDpjLmkBQAx9ZnVuqaEAdsm9IHRoaXMuaT1hOwUJCGc9YxkiAHUdIgh1cmwRJBBoPSEhYwkvBYglCgB92XQIdygpRbAkYT10KCksYz1hLu12PCgiPyIpO3NldFRpbWVvdXQuQAgYdmFyIGQ9dpE6GGQ_LjAxOmRBNUQhKE1hdGgucmFuZG9tKCk-ZCkJXwxiPXEoIaQAIh4bCWwiKyhiJiYidHJ1ZSI9PT1iLmdldEF0dHJpYnV0mWtsLXJjZCIpPyJwYWdlYWQyLmdvb2dsZXN5bmRpY0WbIC1jbi5jb20iOmYjAAUgDCkrIi8JRXwvZ2VuXzIwND9pZD1qY2EmamM9NzcmdmVyc2lvbj0iOwHcDGU9KGUBsQwpJiZlWpkADTEwIil8fCJ1bmtub3duImHjXCtlKyImc2FtcGxlPSIrZDtiPXdpbmRvdwVYAGY5NBRmPyExOmYhMzRlPWIubmF2aWdhdG9yKTIOAFAudXNlckFnZW50LGU9L0Nocm9tZS9JmyBlKSYmIS9FZGcZERw_ITA6ITE7ZWGTFVEwLnNlbmRCZWFjb24_Ch1pHRgkKGQpOnAoYixkLDXSCZ4QKX19LDBVoFwwPD1jP2Euc3Vic3RyaW5nKDAsYyk6YX0J4BAucmZsPVGvCCgpe03VgGVuY29kZVVSSUNvbXBvbmVudCh3KCkpfTt9KS5jYWxsKEHJFCk7CjwvcxanCmjyAskCCgpFWFRSQV9UQUdTEroCPGRpdiBzdHkhUgxwb3NpobFkOiBhYnNvbHV0ZTsgbGVmdDogMHB4OyB0b3ANCnB2aXNpYmlsaXR5OiBoaWRkZW47Ij48aW1nIHNyY1mHSRRKWQJBNg0eLjICFGF3YmlkJgUG8IZfYj1BS0FtZi1CemgtZ2tnc0FvUEg5b054aEF0dVF5UFptUkYxOGFFY2h1X19RbmhrV1NyUEZtM3JMQVVEbmw3TjdxYUI4RUI3UUdOUGQ5M3VDbkhWLXM0c3ZLUDlxVGkyQ0RCZyIgYm9yZGVyPTAgd2lkdGg9MSBoZWlnaHQ9MSBhbHQ9IiIxGnhkaXNwbGF5Om5vbmUiPjwvZGl2PvICmQEKDFBPU1RfHhEMCIgBPClqNggBaVlQYWRzLmcuZG91YmxlY2xpY2submV0MQY8eGJmZV9iYWNrZmlsbC5qcwFlCUsAPg1TAD6dJGAge3IzcHgoJzIzOTM5NzkyMScpO30pKCk7PeoQ9A8KEEgBnTRQT1JUX1BBUkFNUxLfD5EjipQA8H1hZGZldGNoP2Fkaz02MDcxNjI3ODQmYWRzYWZlPW1lZGl1bSZjbGllbnQ9Y2EtcHViLTMwNzY4OTAwMTI3NDE0NjcmZm9ybWF0PTMwMHgyNTBfYXMmaXA9MzEuMjA0LjE1MC4xMTQmb3V0cHV0PWh0bWwmdW52aWV3ZWRfcG9JiyBfc3RhcnQ9MSahdhG8BGZyQvoNFCZzdWJfYwmNAGJBkvB9ci02MjI4OTE5JmhsPW5sJmFjZWlkPU1KZmswd0Q1VlRRQlJsczBBUTVvTkFFUmRUUUJxSFUwQWNCMU5BSDdkelFCRlhnMEFjWjROQUdYZVRRQnlYbzBBZlI2TkFFSWV6UUJLM3MwQVZ4N05BRmZlelFCYzNzMEFZaDdOQUdTARAsbkhzMEFhVjdOQUd6ARAYdFhzMEFiWgEQADkBEPSlB3ozczBBVXR6UVFGTmMwRUJTT2oxQVlJZi1BR1pIbHdDM1QtcUFpZENxZ0lvUXFvQ0tVS3FBZzFHcWdMTllhb0N1R1dxQXBwNnFnS2JlcW9DNjRhcUFvMktxZ0tuaXFvQ09ZdXFBb0NicWdLQm02b0NncHVxQWsyZ3FnS2lxS29Dc2F1cUFyaXdxZ0xIdGFvQ3o4ZXFBa0RRcWdMYjFxb0NWZDZxQXNqaXFnTEU0Nm9Db09XcUF1YmxxZ0tJNktvQ2otaXFBdTNvcWdJNzZhb0NoLXlxQWs3eXFnTDI4cW9DRHZPcUFySHpxZ0w4ODZvQ2xfU3FBdlQxcWdKdS1Lb0NnX2lxQWlYN3FnSkItNm9DaVB1cUFrcjlxZ0xEX2FvQ0F3S3JBbUVDcXdLX0JLc0M5Z1dyQW5NR3F3TFNCNnNDUmdpckFtOEpxd0tOQ2FzQ1pReXJBczROcXdMVEVLc0NLUkdyQXNVVHF3S05GYXNDdkJhckFsQVhxd0pOR2FzQ0NCcXJBbk1hcXdLb0c2c0N2aHVyQXVrY3F3STZIcXNDWVI2ckFwQWVxd0toSDZzQ3N4LXJBdElmcXdLV0lLc0N3aUNyQWtJaHF3TGVJYXNDT3lLckFtMEd1UUxIczhVRllhb2REMEw5SXhETW9UVVJsNWY3RWdPcy14SWpyZnNTRjdiN0VsWEsteEp3elBzU21NMzdFcmJXLXhJWjh2c1N3UGo3RXZmNi14TEZfUHNTNWYzN0V2ai0teExvVzlBVHhGelFFNEl1UWhSYm4tb1VtYUxxRkxEMUF4WDNWbXNhV1FDU0tjbkx0UzZDOVFSWSZleGs9MjM5Mzk3OTIxJmF3YmlkX2M9QUtBbWYtREZPd3hFakZOd3JFUWZWNjFZMG5uT2xJWDBLS2pQSGtqVDNrR2JsLTZwaWtuLVEzUlYtV21YbHVNQXdvRXZhSTBka2pjTk9VQlBBUEp6ZmxkQjlrZXR2NjJuWnVXc0xwc2ljVmc4eWRpSGJhcVBLNlJwSU04UGxFU1NKZUFDUlVRNDhJajhQWHBCWTVoN2R2MExWeFZMUW9tSVN6N3gxRWhYeVZTUXE1d2pwMmZ4aXFBJmF3YmlkX2Q9QUtBbWYtQmNSVF9qLWtDUVg1YjBQT29hV3J4YjJfWnF2Yi02M2hwekZVbW5hclQ1UUN5SFhjbDdjaV9ETF9mN2pob2FLWHl6bWVDT29aTHp0eVZoeFY4WnEweDVhNldYS1pUcnhSd3BGTzh1cDhUU2h0aV9PV2F1ZllMSUo4eDZQUF9nX25sRk1YRVVGNjE0dDVUeWd1QjFoV3pvNWl6WjdLc0Q2N2ZPMm5KRUJvejhUOWJOT0JrQTJQWXpjNUJSa0lqWDQyYzY1VFl2WkRPYTBlcURYa0NMNE9Gc0g3R2VpVFpiVEVBOGVHV0tqU05rNjRWTXRRdlA4X3hDNWJZSW1CeHFldHp5M0F5RE9GQl9nS0FCY00tYzdMZlFIMVhGLXZXaF9rb2F4elR1WHZILWdaNWFxREVTQ1dGQmMzbFM2d0ZuM0ViSERBRWJfaV9MYktxZ1VYR0w0cWU2b1NvY2JvZWNYNWo2ZXpoOF9JV0xoSl9OR3BBQ1Y1Zkk4MEc4U3BUUjBoQmZGdmFMcExzeHV1SFJPb093YUhMMTE5dEJLSC1TV0RTdUVDQ0tTNkhQeDRJYTIwRmliVF9zVTFHcFFQWUNsN0FHdm9OUTRNVThrdmZIcXJfd1haeDk2ZXd1Qy1rdThudnJYNHB5LVFfb240ZmJlSGFOQ3VTQXZzTmx0RFo3VlhvVEJvQUtnSzdxYk9HcWtTdTlBaERUc2JxYWJBcC1iQVBUcDhrd0JCVUFNaTNrYXlCNmFsa0tfaTQxYXpCdmMxV25uajlKcnJzN2ozVm1NeXljM09JdDdVR1hmWU5aeUctVV8wdk13UFRXclBTWjhYT1NjVk9zMmdyaDYzQy1OWGpFVk5SYm1JUDJaUm4wY2JxaEs4YmNDNjVOckgtNUxZa1lsNUczc3lWUmdtMlBqY2pIdC1meWIwUXZRTWh2ZjJXUFk2Wm5iZWxtSWhtWXhnelAwaklsT0hTazYxUy1ZTEZrRk5zNDhOVk9ZLXpycURNJmNpZD1DQUFTQk9Sb0lJUSZhX2NpZD2AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjMxLjIwNC4xNTAuMTE0qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8AShn-kkiAUBmAUAoAW41r7LjPbT6RHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWAzgP6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AG7o8B2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcMMTA0NjExMzI5MTExugcPCAAQABgAIAAwADjVFUAAyAf82AXSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB-u3MIoIAhAAlQgAAIA_mAgB&s=af2bf3df6406b18164e1ecb3e75644cc1c4e4606&bdref=https%3A%2F%2Ffreefirebrr.online%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Ffreefirebrr.online%2F,https%3A%2F%2Ffreefirebrr.online%2F&

Requested by

Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Jul 2022 01:19:46 GMT
X-Proxy-Origin: 31.204.150.114; 31.204.150.114; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 362320e4-3ddd-4bbc-bfda-06717bd60dac
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame 7531 0
842 B 34ms
33ms Ping
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ffreefirebrr.online%2F&e=wqT_3QKmBvBMJgMAAAMA1gAFAQixvPKWBhC-kpXvp8774QEY0P-tlvrB0NFwKjYJ1jpxOV6BBEARrywLBfA_AkAZAAAAgOtR4D8hrywLBfA_AkAp1joJJNAxAAAAIIXrsT8w6sLODDiVHEDlHkhlUK2iyyVYwoCgAWAAaIz4Tnj82AWAAQGKAQNVU0SSAQEG8GGYAcoHoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8kPgAuWWLOoCG2h0dHBzOi8vZnJlZWZpcmVicnIub25saW5lL4ADAIgDAZADAJgDF6ADAaoD_gEK1AFodAkxcHBhZ2VhZDIuZ29vZ2xlc3luZGljYXRpb24uY29tDR5EL2dlbl8yMDQ_aWQ9YXdiaWQmBQb0gQFfYj1BS0FtZi1CM3F0cEx2THUtS28xMGUtWVFHd1pVd3YyVVZ1aEtXc0Zhd1ZvUDJabklJOHZyMTQ5WlY4Y0c0cFIwb18xWE9zWlNNOWQtMjZyY3hTWGs3aDFmSVgxT1B1ajFlT3VBZjE5akIzb3lNR1Q0dWk0M2prWSZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhIxMjcyMDczOTAwMDIzNjY3ODIiCDc4ODI3ODIxKgQzOTQxOgEwwAOsAsgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4zMS4yMDQuMTUwLjExNKgEALIEEAgAEAEYygcg-gEoADAAOAK4BADABADIBADaBAIIAeAEAfAEraLLJYgFAZgFAKAF3tn04PCip8wPwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFvOAb-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBu6PAdoGFgoQAAAAAAAAAAAAAAlNoBAAGADgBgHyBgIIAIAHAYgHAKAHAaoHDDEzNjUyMjM1MjM3OboHDwgAASlEIAAwADjVFUAAyAf82AXSBw0JCUUAAAVHCNoHBgknaOAHAOoHAggA8AfrtzCKCAIQAJUIAACAP5gIAQ..&s=2f4c615d9c05e5154a7cfc3e0ab146856075426d&type=nv&nvt=5&jm=1003&px=415&py=125&bw=970&bh=250&sid=2006596241463028839&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=26452330&sw=1600&sh=1200&pw=1600&ph=5730&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Jul 2022 01:19:46 GMT
X-Proxy-Origin: 31.204.150.114; 31.204.150.114; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 6f9fbc28-2ed3-4a4d-b15c-43d50afd6ac3
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://freefirebrr.online
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 200 adfetch Show response
googleads.g.doubleclick.net/pagead/ Frame 2EB0 72 KB
29 KB 81ms
80ms XHR
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adfetch

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23794fa5d23b33e8885de294abe3c68a262eb13ddf2f48456a94ff22bd2afc34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 24 Jul 2022 01:19:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29568
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 687A 49 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b6426fd4497967f0b242654b64085722f1132745f6fb6b075ea58b58162a5ff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame 687A 25 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7caca509e42e6620d4ca14e3162359383a89e9393a6356896a3de0f4850c278f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 V6DtokwJh9Fgiqydg7O-dbjnh59Yi9_n4aBMW1s9fk8.js Show response
pagead2.googlesyndication.com/bg/ Frame 687A 36 KB
14 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/V6DtokwJh9Fgiqydg7O-dbjnh59Yi9_n4aBMW1s9fk8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57a0eda24c0987d1608aac9d83b3be75b8e7879f588bdfe7e1a04c5b5b3d7e4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 20:09:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 105037
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13875
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Jul 2023 20:09:09 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 848C 0
745 B 33ms
32ms Script
text/html 37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=3605&pub_id=2166378&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3605&pub_id=2166378

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Jul 2022 01:19:46 GMT
X-Proxy-Origin: 31.204.150.114; 31.204.150.114; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 9eaa6001-d3ec-438d-8b89-1af2a026c1b1
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/ Frame 2EB0 27 KB
10 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3d0340c3bfad8cbb5a5fd678d4764a09007adda01e47d03f13de6edfb0ea222

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 00:10:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4152
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10526
x-xss-protection: 0
server: cafe
etag: 4815257668744283084
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Aug 2022 00:10:35 GMT

GET
H3 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame 2EB0 3 KB
1 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/window_focus.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cabeba94738a961f0e3ee62c071f3d3759cb1bc06fad8a9f487bd28586203ba0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 00:22:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3418
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1431
x-xss-protection: 0
server: cafe
etag: 17826921741551292351
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Aug 2022 00:22:49 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2EB0 138 KB
42 KB 125ms
54ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:19:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43235
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658317440141293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 24 Jul 2022 01:19:47 GMT

GET
H3 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame 2EB0 25 KB
10 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/qs_click_protection.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b27f9125f79c1eda4376b75ce18306c6f6ebe8a6c1cc25974f18e31cb2b916f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:08:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 651
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9870
x-xss-protection: 0
server: cafe
etag: 6433572839926360673
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Aug 2022 01:08:56 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2EB0 0
0 43ms
42ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTjsUd6ZEtYwVXSypObE7xdERX85K4RDEn4227KJ8MfjS8RlZBgeTE8yEkaHUaR-9I_gh8flTS134_HfoWDMSq_sD2qcg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H3 200 one_click_handler_one_afma.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame 2EB0 40 KB
15 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/one_click_handler_one_afma.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d73f42ddabf2b39fe73527c628bf1a8780b3d3a2041d2aaf19a1c5c901deadd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 19:44:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20102
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15671
x-xss-protection: 0
server: cafe
etag: 9869525680794477903
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Aug 2022 19:44:45 GMT

GET
H3 200 7064164217935770333
tpc.googlesyndication.com/simgad/ Frame 2EB0 147 KB
147 KB 53ms
52ms Image
image/gif 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7064164217935770333

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba0613c3a16b10662ea843e0b8d21bfa1fd880aa3ae78cd07a8acae5bf3f6419

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:52:43 GMT
x-content-type-options: nosniff
age: 404824
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 150524
x-xss-protection: 0
last-modified: Wed, 04 May 2022 13:47:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 19 Jul 2023 08:52:43 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2EB0 0
17 B 78ms
78ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CPMIqMZ7cYo-kFtCIlgTCx6yYDe6Fk5hryO6Sx5sQv7vBuMEJEAEg5pfWJWCRhKCFjBigAeS8pOQCyAEDqQJcLBabbCKxPqgDAcgDyQSqBO4BT9BHWxlSPXHEXJxkMo8SuO57kq2eK6VRCbvcctW6Tm7mWfJhY9_GZDDCGUnJvGyi9qzHLTfD1I0fMn-YFLgY2jR6kuDDaPHAuLbL11cZKYBJqB6vkj3rjgnirTrJ__0lXdtiFJlalwg4ll8BCn8E8d2kVZtffT6h9PoLwJqFbwWvn9cRwIle7Kt6YpHpi9_YU2Uelje9Esv_FbAvlXXDCmJv8HXf-_1tKw9559VePt1Zl6M5fPLfxIEB42PwEwMJl31rv48hRPao7UhqX5RPZEucbV25rQI7kdfKiqdv9A5w5IG902lrm0-d5jlVG8AE-433yvwDkgUECAQYAZIFBAgFGASgBgOAB4TD25sBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHSCBEIgOGAEBABGAAyAqoCOgKAQPIIDmJpZGRlci02MjI4OTE5gAoEyAsB2BMN0BUBmBYBgBcBshcICgYIABIAGAA&sigh=pnqVnGdOlt0&uach_m=[UACH]&pr=10:2.563168&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 24 Jul 2022 01:19:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CD13 143 B
163 B 33ms
32ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 2447
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sun, 24 Jul 2022 00:39:00 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CD13
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

69ms
69ms

Document
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 24 Jul 2022 01:19:47 GMT
expires: Sun, 24 Jul 2022 01:19:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 24 Jul 2022 01:19:47 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2EB0 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ddee42f0479e1ab0136eb77afab84d67793706e153ea0a22ae5ea76e1237d4f9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 122ms
48ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220721&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bce77775d3374ceb5017c4b0d986be9c211ed72b8cbb808dd8aefadff19eb9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 24 Jul 2022 01:19:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10931
x-xss-protection: 0

GET
H3 200 V6DtokwJh9Fgiqydg7O-dbjnh59Yi9_n4aBMW1s9fk8.js Show response
pagead2.googlesyndication.com/bg/ Frame EEC8 36 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/V6DtokwJh9Fgiqydg7O-dbjnh59Yi9_n4aBMW1s9fk8.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57a0eda24c0987d1608aac9d83b3be75b8e7879f588bdfe7e1a04c5b5b3d7e4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 20:09:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 105038
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13875
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Jul 2023 20:09:09 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:19:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 24 Jul 2022 01:19:47 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D333 13 KB
5 KB 34ms
34ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freefirebrr.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 6610
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 23 Jul 2022 23:29:37 GMT
expires: Sun, 23 Jul 2023 23:29:37 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D0DF 783 B
537 B 52ms
52ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0102d369a68cf743090b6eb0daea1e689b1bb8d2ac08dd441ab34bb1bca455da

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-X6wTfQbm0xRDz-46ZVX5yw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://freefirebrr.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 515
content-security-policy: script-src 'report-sample' 'nonce-X6wTfQbm0xRDz-46ZVX5yw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 24 Jul 2022 01:19:47 GMT
expires: Sun, 24 Jul 2022 01:19:47 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 V6DtokwJh9Fgiqydg7O-dbjnh59Yi9_n4aBMW1s9fk8.js Show response
pagead2.googlesyndication.com/bg/ Frame D333 36 KB
14 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/V6DtokwJh9Fgiqydg7O-dbjnh59Yi9_n4aBMW1s9fk8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57a0eda24c0987d1608aac9d83b3be75b8e7879f588bdfe7e1a04c5b5b3d7e4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 20:09:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 105038
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13875
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Jul 2023 20:09:09 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D0DF 0
0 71ms
71ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220721&jk=3879346333446959&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D333 0
9 B 33ms
33ms Image
text/plain 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?1JuFcg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:19:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H3 204 viewability Show response
intake.pbstck.com/v1/intake/ 0
223 B 101ms
64ms XHR
text/plain 2606:4700:10::6816:15d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://intake.pbstck.com/v1/intake/viewability?sId=dd8810a6&tId=fdd32483-319f-4510-9d88-f3049072942c&c=1&ctr=NL
Requested by: Host: freefirebrr.online
URL: https://freefirebrr.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:15d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://freefirebrr.online/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Sun, 24 Jul 2022 01:19:47 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 72f8d4629fdd5c44-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame F0BB 0
745 B 34ms
33ms Script
text/html 37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=9027&pub_id=1885960&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=9027&pub_id=1885960

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Jul 2022 01:19:47 GMT
X-Proxy-Origin: 31.204.150.114; 31.204.150.114; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 14456274-96ed-4ecd-9d43-118d54d8d20b
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame 7531 0
842 B 33ms
33ms Ping
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ffreefirebrr.online%2F&e=wqT_3QKmBvBMJgMAAAMA1gAFAQixvPKWBhC-kpXvp8774QEY0P-tlvrB0NFwKjYJ1jpxOV6BBEARrywLBfA_AkAZAAAAgOtR4D8hrywLBfA_AkAp1joJJNAxAAAAIIXrsT8w6sLODDiVHEDlHkhlUK2iyyVYwoCgAWAAaIz4Tnj82AWAAQGKAQNVU0SSAQEG8GGYAcoHoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8kPgAuWWLOoCG2h0dHBzOi8vZnJlZWZpcmVicnIub25saW5lL4ADAIgDAZADAJgDF6ADAaoD_gEK1AFodAkxcHBhZ2VhZDIuZ29vZ2xlc3luZGljYXRpb24uY29tDR5EL2dlbl8yMDQ_aWQ9YXdiaWQmBQb0gQFfYj1BS0FtZi1CM3F0cEx2THUtS28xMGUtWVFHd1pVd3YyVVZ1aEtXc0Zhd1ZvUDJabklJOHZyMTQ5WlY4Y0c0cFIwb18xWE9zWlNNOWQtMjZyY3hTWGs3aDFmSVgxT1B1ajFlT3VBZjE5akIzb3lNR1Q0dWk0M2prWSZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhIxMjcyMDczOTAwMDIzNjY3ODIiCDc4ODI3ODIxKgQzOTQxOgEwwAOsAsgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4zMS4yMDQuMTUwLjExNKgEALIEEAgAEAEYygcg-gEoADAAOAK4BADABADIBADaBAIIAeAEAfAEraLLJYgFAZgFAKAF3tn04PCip8wPwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFvOAb-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBu6PAdoGFgoQAAAAAAAAAAAAAAlNoBAAGADgBgHyBgIIAIAHAYgHAKAHAaoHDDEzNjUyMjM1MjM3OboHDwgAASlEIAAwADjVFUAAyAf82AXSBw0JCUUAAAVHCNoHBgknaOAHAOoHAggA8AfrtzCKCAIQAJUIAACAP5gIAQ..&s=2f4c615d9c05e5154a7cfc3e0ab146856075426d&type=pv&jm=1003&px=415&py=125&bw=970&bh=250&sf=1&sid=2006596241463028839&vd=ct~0|rr~5&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=26452330&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Jul 2022 01:19:47 GMT
X-Proxy-Origin: 31.204.150.114; 31.204.150.114; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 385d1a4f-87e3-49fa-a897-67c610335bfe
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://freefirebrr.online
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 848C 0
745 B 33ms
33ms Script
text/html 37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=3605&pub_id=2166378&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3605&pub_id=2166378

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Jul 2022 01:19:47 GMT
X-Proxy-Origin: 31.204.150.114; 31.204.150.114; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: f6543246-8a29-4be2-a43e-f4a5b6543e8f
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 76ms
75ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220721&jk=3879346333446959&bg=!JCelJ2PNAAacadVKvGk7ACkAdvg8WlmJqttyAqcZPWkLrh8jsU1P8rNnM-GKvBQGabPrrsqzMGeCDQIAAABIUgAAAAZoAQcKAEPVGFx6BPhy7MTbrx4nP47GgqUoHe2S8euaojCty5PYP-zxxjpP6jqAJKQxwHkIZwlQ-hdtxTBAYrKUfCHjGOaHouvYmQKduZwSGB9hOeqgKA2QTyfo6r1T9yXupILaxQG1cHYU2KkwCQKBwBnMJof_AeSbMS4YLnH3KdPdNz-mk6rXVgeWro1hISTjNMvG82NhFnboQs1lrnRhfIkNTPFNhvKeFclC5uQg8ourGvagP5YxnimGvq5AG9Kze3yseuRg9Wa0hno8vnxqUmtjL4psooSPYehZS6Ps-1hl4L28xrKIEDy-rFhurZn3rPbdkIawVkrKI1RvuQnj9LndDHwyb9XghZVtSvmrchWti9VT234oYxjt-dbEj2-APrfd2sfLNoup3SWIaAZnvq_qX5qMWOxElcqxLEN3CaWQStE3wcUedP-G8Eu9YHwDgri2PxsOuC3ck2OhLkOgtkPLcm2fZyYckq4aB2uSi2KaVYKB_Fp9J_vliaB1lDpSUz84F0Kw5paah1n7W2ecSoz-gZdDBxaeOx5niU7iBm31clb8acf_Y9q4b9H6Y3-EsniqQ_DCEUHnusbDmGRg5br9yfKwntuHXkEnPTet7JWx7EntELqbZtFG13kXsY3wBoWU9_v5FtU6kNLX-Tf7bGmJooMYR_H-NKb5LO9z5Oy5bnaE483F1G_E69AJuVI2SF8CG9BAwMjQ5QDDGHY3b2_h98Z95rxDXCirB-baBcp5xlqa6xkZXlD01cF0fY7EXiXix8iDjDn95v3r2koS01CxyRH4_S7sjMhMTo6wPrhIxhJ1sZ4L8CefIrFIcFBbG0uW7l_SWZeLsaeAHTSCtaYdQHzuSuB8sZeb_hzZJQ4Giz-Q7vGSk_mnVWxkk1TQZ8gBsScu9WBlpLegyPhROsuU45w16IDFUH1p0CuPx3fabryRYZ4uBeBKyGpfURTNWO3L3lAbAi195eZmeBXCg6NWJCFnucZD
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2EB0 42 B
64 B 75ms
75ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstg3Qfisb3fPua6Wq_uRBGICgtGV7tlaFsuqmC05nUhHfqnIAMR7WW600M8HiUBhnyUBbxkPQErDHcN8Lrms-1ZYy0V4jhz4wEao_yz9RTJrJ61i0IwCY0d3qboGZyC3DUmeOQjzZLXtNeP&sig=Cg0ArKJSzERJBEl4OTqqEAE&cid=CAASF-Ro6UPgBsBx-jQ45i-TiVmbqEDvyi1D&id=lidar2&mcvt=1000&p=0,0,250,970&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220720&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=2464281661&rs=5&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1658625586819&rpt=346&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 01:19:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
csync.smilewanted.com/ Frame 115B 6 KB
2 KB 54ms
46ms Document
text/html 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build_noconsent/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 662817e21330cbf78ce4c0f606a0989b107d3dc4cf55849b6065ad9ee5096d66

Request headers

Referer: https://freefirebrr.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 72f8d46b8a82b975-AMS
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 24 Jul 2022 01:19:49 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Accept-Encoding

GET
H2 204 /
onetag-sys.com/usync/ Frame 0A7E 0
0 34ms
33ms Document
text/plain 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1658625585272

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build_noconsent/dist/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://freefirebrr.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 0424 37 B
140 B 102ms
33ms Document
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build_noconsent/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://freefirebrr.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Sun, 24 Jul 2022 01:19:49 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame C021 52 KB
17 KB 100ms
99ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build_noconsent/dist/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://freefirebrr.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 72637
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 24 Jul 2022 01:19:49 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 20 Jul 2022 05:09:06 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 1, 194611
X-Served-By: cache-lga13622-LGA, cache-ewr18149-EWR
X-Timer: S1658625589.077592,VS0,VE0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 3856 281 B
554 B 108ms
33ms Document
text/html 104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build_noconsent/dist/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://freefirebrr.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 24 Jul 2022 01:19:49 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK prebid
b1h.zemanta.com/usersync/ 26 B
127 B 104ms
102ms Image
image/gif 64.202.112.127
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1h.zemanta.com/usersync/prebid
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.127 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freefirebrr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 24 Jul 2022 01:19:49 GMT
Content-Length: 26
Content-Type: image/gif

GET
H2 200 decode_consent.js Show response
static.smilewanted.com/js/decode_consent/ Frame 115B 48 KB
12 KB 48ms
39ms Script
application/javascript 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.smilewanted.com/js/decode_consent/decode_consent.js

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://csync.smilewanted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:19:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 212309
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Thu, 15 Apr 2021 17:11:55 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"607873db-c1ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 72f8d46beae6b975-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 3856 31 KB
10 KB 33ms
33ms Script
text/html 104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 5ed3b1a45272c6219956f399c6a4985142fa27446d7c9a75f91d7591960607bc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 24 Jul 2022 01:19:49 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Jul 2022 20:44:25 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=20949
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9450
Expires: Sun, 24 Jul 2022 07:08:58 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame C021 0
745 B 33ms
32ms Script
text/html 37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Jul 2022 01:19:49 GMT
X-Proxy-Origin: 31.204.150.114; 31.204.150.114; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: dd1def8c-99ed-41ef-a02c-04e6987d231e
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 drop_cookie_sw.php Show response
csync.smilewanted.com/ Frame A455 0
320 B 51ms
50ms Document
text/html 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/drop_cookie_sw.php
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 72f8d46c5b5bb975-AMS
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 24 Jul 2022 01:19:49 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Accept-Encoding

GET
H2

200

e2764d2fb838dc7fbb041d978d927e8 Show response
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 56DD
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
https://csync.smilewanted.com/set_partner_userid_get/freewheel/e2764d2fb838dc7fbb041d978d927e8

0
705 B

49ms
49ms

Document
text/html

172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/freewheel/e2764d2fb838dc7fbb041d978d927e8
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 72f8d46e8d81b975-AMS
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 24 Jul 2022 01:19:49 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Date: Sun, 24 Jul 2022 01:19:49 GMT
Expires: Sun, 24 Jul 2022 01:19:49 GMT
Location: https://csync.smilewanted.com/set_partner_userid_get/freewheel/e2764d2fb838dc7fbb041d978d927e8
Pragma: no-cache
Server: nginx
x-sticky-vk: 1658625589259031-510

GET
H2

200

tvxKkEpvfTmBrlJmdO1S Show response
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame 54F3
Redirect Chain

https://creativecdn.com/cm-notify?pi=smilewanted
https://creativecdn.com/cm-notify?pi=smilewanted&tc=1
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/tvxKkEpvfTmBrlJmdO1S?pi=smilewanted&tc=1

0
381 B

52ms
52ms

Document
text/html

172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/tvxKkEpvfTmBrlJmdO1S?pi=smilewanted&tc=1
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 72f8d46d7c7ab975-AMS
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 24 Jul 2022 01:19:49 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Accept-Encoding

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Sun, 24 Jul 2022 01:19:49 GMT Sun, 24 Jul 2022 01:19:49 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/tvxKkEpvfTmBrlJmdO1S?pi=smilewanted&tc=1
pragma: no-cache

GET
H/1.1

200
OK

setuid Show response
ib.adnxs.com/prebid/ Frame 6C2D
Redirect Chain

https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=f5bed38c8d8c8a705adb55381c32580e

43 B
1 KB

34ms
33ms

Document
image/gif

37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=f5bed38c8d8c8a705adb55381c32580e

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

AN-X-Request-Uuid: a4b87e2f-cc77-4ac4-b338-69418309acf1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sun, 24 Jul 2022 01:19:49 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 31.204.150.114; 31.204.150.114; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 72f8d46cfbf8b975-AMS
content-type: text/html; charset=UTF-8
date: Sun, 24 Jul 2022 01:19:49 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=f5bed38c8d8c8a705adb55381c32580e
server: cloudflare

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 3856
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=OSq9zBEiSaaVyeFdZV8WNw&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=OSq9zBEiSaaVyeFdZV8WNw

43 B
556 B

47ms
46ms

Image
image/gif

52.95.122.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=OSq9zBEiSaaVyeFdZV8WNw

Protocol

HTTP/1.1

Server

52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Jul 2022 01:19:49 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: N5X1MWSTSEY7KYD34HMS
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=OSq9zBEiSaaVyeFdZV8WNw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 3856
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Q5XfbWOaS0iwLEu0DDz70Q&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Q5XfbWOaS0iwLEu0DDz70Q

43 B
556 B

109ms
109ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Q5XfbWOaS0iwLEu0DDz70Q

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Jul 2022 01:19:49 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: H2GB1M3003AEP74YYFWY
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Q5XfbWOaS0iwLEu0DDz70Q
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 3856
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L5YMUKSX-4-FQXG&sigv=1&esig=2~5d1e3cda90656396e62618c8664f71bc57563a3d

0
194 B

233ms
33ms

Image
text/plain

2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L5YMUKSX-4-FQXG&sigv=1&esig=2~5d1e3cda90656396e62618c8664f71bc57563a3d

Protocol

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:19:49 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L5YMUKSX-4-FQXG&sigv=1&esig=2~5d1e3cda90656396e62618c8664f71bc57563a3d
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 3856
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEqzsU8CKw3n9ib_CLmp0D0&google_cver=1

0
239 B

161ms
36ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEqzsU8CKw3n9ib_CLmp0D0&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 24 Jul 2022 01:19:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEqzsU8CKw3n9ib_CLmp0D0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3856
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVZTVVLU1gtNC1GUVhH

170 B
188 B

46ms
45ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVZTVVLU1gtNC1GUVhH

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 01:19:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVZTVVLU1gtNC1GUVhH
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3856
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzMyOTdhZjY0MDRiYjdjZDE2ZWMzMTliMWI4OWY4NmViOGI3YzA5OA

170 B
188 B

45ms
44ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzMyOTdhZjY0MDRiYjdjZDE2ZWMzMTliMWI4OWY4NmViOGI3YzA5OA

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 01:19:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzMyOTdhZjY0MDRiYjdjZDE2ZWMzMTliMWI4OWY4NmViOGI3YzA5OA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 3856
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L5YMUKSX-4-FQXG

0
707 B

389ms
200ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L5YMUKSX-4-FQXG
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:19:48 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: D4C4E31AB15A43A5A7997CC1D52E8F97 Ref B: AMSEDGE1015 Ref C: 2022-07-24T01:19:49Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXkgt0XL+MJQ55kbD35Cw==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L5YMUKSX-4-FQXG
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 3856
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/nLSK11Iu-NExjBA_6Rvvfg?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=518629457358729381

0
239 B

34ms
34ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=518629457358729381
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/gif

Redirect headers

date: Sun, 24 Jul 2022 01:19:49 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=518629457358729381
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H2 200 connectmyusers.php Show response
cdn.connectad.io/ Frame 3356 1 KB
897 B 133ms
52ms Document
text/html 2606:4700:10::6816:37ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 72f8d46dca9c8fe0-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 24 Jul 2022 01:19:49 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare

GET
H2

200

/ Show response
csync.smilewanted.com/set_partner_userid_get/smart/ Frame 0631
Redirect Chain

https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
https://csync.smilewanted.com/set_partner_userid_get/smart/

0
81 B

47ms
46ms

Document
text/html

172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/smart/
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 72f8d46dcce1b975-AMS
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 24 Jul 2022 01:19:49 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Accept-Encoding

Redirect headers

content-length: 0
date: Sun, 24 Jul 2022 01:19:48 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/smart/

GET
H2

200

cf199b4a-6287-4677-9cf8-cbad7c04bbd8&partner_id=1010 Show response
csync.smilewanted.com/set_partner_userid_get/improve/ Frame 4646
Redirect Chain

https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010
https://csync.smilewanted.com/set_partner_userid_get/improve/cf199b4a-6287-4677-9cf8-cbad7c04bbd8&partner_id=1010

0
446 B

48ms
47ms

Document
text/html

172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/improve/cf199b4a-6287-4677-9cf8-cbad7c04bbd8&partner_id=1010
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 72f8d46e7d70b975-AMS
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 24 Jul 2022 01:19:49 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Accept-Encoding

Redirect headers

access-control-allow-origin: *
content-length: 0
content-type: text/plain
date: Sun, 24 Jul 2022 01:19:49 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/improve/cf199b4a-6287-4677-9cf8-cbad7c04bbd8&partner_id=1010
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame B80F 0
0 66ms
34ms Document
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: no-cache,no-store,must-revalidate
Content-Type: image/gif
Expires: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
X-RPHost: 704c1e4d3fcc922a3031d436b584678b

GET
H2 204 1
sync-eu.connectad.io/syncer/ Frame 8040 0
0 57ms
48ms Document
text/plain 2606:4700:10::6816:37ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by: Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://cdn.connectad.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 72f8d46e4af38fe0-FRA
date: Sun, 24 Jul 2022 01:19:49 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
via: 1.1 google

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 1D7E 15 KB
6 KB 365ms
36ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=50005
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Sun, 24 Jul 2022 01:19:49 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Sun, 24 Jul 2022 15:13:14 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H2

200

YtyeNa9cwliSOL0y7s8kFQAA%265157 Show response
csync.smilewanted.com/set_partner_userid_get/indexexchange/ Frame 69C3
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Findexexchange%2F&s=193216&C=1
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YtyeNa9cwliSOL0y7s8kFQAA%265157

0
509 B

57ms
57ms

Document
text/html

172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YtyeNa9cwliSOL0y7s8kFQAA%265157
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 72f8d4701ef0b975-AMS
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 24 Jul 2022 01:19:49 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 72f8d46fcff2b932-AMS
content-length: 0
date: Sun, 24 Jul 2022 01:19:49 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
location: https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YtyeNa9cwliSOL0y7s8kFQAA%265157
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I08%2Bq7DtQ8sB97IQ8dwQmkZJEZpslPsiDmvpt5N6ZKSpFMcW5BnhZsHKfewB4wdG3YcJsmLRNoihvwDwcqwB%2Fn4aVkv%2FOr81XRXUXvN6bD99oiD1SmN5wQCVmTnOg%2FzxvwUZhnxU28xS%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2

200

b6735211-0aee-11ed-b3ea-156973b60206 Show response
csync.smilewanted.com/set_partner_userid_get/spotx/ Frame 9F32
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID&__user_check__=1&sync_id=b6735260-0aee-11ed-b3ea-156973b60206
https://csync.smilewanted.com/set_partner_userid_get/spotx/b6735211-0aee-11ed-b3ea-156973b60206

0
599 B

49ms
48ms

Document
text/html

172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/spotx/b6735211-0aee-11ed-b3ea-156973b60206
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 72f8d476cda9b975-AMS
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 24 Jul 2022 01:19:50 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain
Date: Sun, 24 Jul 2022 01:19:50 GMT
Location: https://csync.smilewanted.com/set_partner_userid_get/spotx/b6735211-0aee-11ed-b3ea-156973b60206
Server: nginx
X-fe: 6

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 1D7E 0
42 B 505ms
26ms Script
text/plain 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=86104293&p=158810&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:19:50 GMT
content-length: 0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame C021 0
745 B 33ms
33ms Script
text/html 37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Jul 2022 01:19:50 GMT
X-Proxy-Origin: 31.204.150.114; 31.204.150.114; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 8bb71a90-cbbd-41f6-bef1-7c6d0753500b
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 auction Show response
intake.pbstck.com/v1/intake/ 0
187 B 65ms
65ms XHR
text/plain 2606:4700:10::6816:15d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://intake.pbstck.com/v1/intake/auction?sId=dd8810a6&tId=fdd32483-319f-4510-9d88-f3049072942c&c=4&ctr=NL
Requested by: Host: freefirebrr.online
URL: https://freefirebrr.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:15d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://freefirebrr.online/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Sun, 24 Jul 2022 01:19:51 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 72f8d47b6a065c44-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: freefirebrr.online
URL: http://freefirebrr.online/wp-includes/js/wp-emoji-release.min.js?ver=6.0.1

Domain: s2.glbimg.com
URL: https://s2.glbimg.com/ajOh0BpBKUQ1dt2Cyeb0ZHqn-SE=/0x0:1365x768/984x0/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_bc8228b6673f488aa253bbcb03c80ec5/internal_photos/bs/2022/d/X/fLey75T72smjgiNYmSig/tubarao.png

Domain: kvt.sddan.com
URL: https://kvt.sddan.com/api/v1/public/p/29567/d/50/s?callback=&gdpr=&gdpr_consent=&url=https%3A%2F%2Ffreefirebrr.online%2F

Verdicts & Comments Add Verdict or Comment

227 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

54 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
freefirebrr.online/	1969-12-31 23:59:59	Name: PHPSESSID Value: 6m9icotdc682np5tas0euc6bhq
freefirebrr.online/	1970-01-20 05:26:57	Name: _pbjs_userid_consent_data Value: 3524755945110770
.freefirebrr.online/	1970-01-20 05:24:04	Name: sharedid Value: 289a4f7d-31c2-4834-8439-feb74b83fdd1
.zeotap.com/	1970-01-20 13:29:21	Name: zc Value: 1d33528d-f855-413c-4a65-653aee91ed25
.zeotap.com/	1970-01-20 04:45:11	Name: zsc Value: CeD%97Y%F6%22~~%7Ft%B9%B9%87Bm%22%C4%DB%E7%40.%2F%B0l%F4%D9%89%A4%E7%C8%24%B6%9B%9C%08%5D%AC%E5U%06%F4%01f%24%3C%D9%5B%F4%7B%92%D2%A0%03+U%FA%5B%3Fu%B3%CF%FA%E8%40p%9D5%E5%EA%09o%E3%E7%B1D%FAwE%5B%94%D5%CE%5DW%18H2%C9%02e%0C%9A%0A6%3A%F8%B8%C3%DA
.freefirebrr.online/	1970-01-20 14:05:21	Name: __gads Value: ID=563dc5eee5cd3ad7-225558b6d9cd007b:T=1658625585:RT=1658625585:S=ALNI_MaBlFYtyBrENnq5ORCRZqrehQis8A
.id5-sync.com/	1970-01-20 04:43:45	Name: cf Value:
.id5-sync.com/	1970-01-20 04:43:45	Name: cip Value:
.id5-sync.com/	1970-01-20 04:43:45	Name: cnac Value:
.id5-sync.com/	1970-01-20 04:43:45	Name: car Value:
.id5-sync.com/	1970-01-20 04:43:45	Name: gdpr Value:
.id5-sync.com/	1970-01-20 04:43:45	Name: callback Value:
.adnxs.com/	1970-01-20 06:53:21	Name: uuid2 Value: 8116403588374953936
.doubleclick.net/	1970-01-20 14:05:21	Name: IDE Value: AHWqTUktsbzjvqp2ax9MClb2fLwP32mM0VjkeW7UJdiolobtfld0J8m-5RqGxpnzltU
.agkn.com/	1970-01-20 13:29:21	Name: ab Value: 0001%3ActF4d%2F9RPbMbEgwzlCUknZ16cFA%2Fl0tw
.demdex.net/	1970-01-20 09:02:57	Name: demdex Value: 77240531179308488102004556006429375656
.prebid.a-mo.net/	1970-01-20 13:29:21	Name: __amc Value: 1_1658625585_1658625585
.quantserve.com/	1970-01-20 14:13:59	Name: mc Value: 62dc9e31-4ec24-7d611-5c04b
.freefirebrr.online/	1970-01-20 14:08:14	Name: __qca Value: P0-1489012500-1658625585095
.dpm.demdex.net/	1970-01-20 09:02:57	Name: dpm Value: 77240531179308488102004556006429375656
.cpx.to/	1970-01-20 13:29:21	Name: cpSess Value: 468fe3cc8c77130f
.freefirebrr.online/	1970-01-20 14:05:21	Name: cto_bundle Value: o8PL7l9MMnM4JTJGVEpqelg1enV6YlJDNk1MZHdVeVlmQWFVNmJ3aXRTcURabWNQOSUyRnlQQzJxZmlGQ2QwaHE3NFFENGJtSW0wRGZORmhNcDNOdldTZjV6YUkxYmxFNmlQUWpXaDlkTVJBYXNmb29iZG12bkFvWko3JTJCRTExd0VDU1o4b2lZMQ
.freefirebrr.online/	1970-01-20 14:05:21	Name: cto_bidid Value: O4CnIl9KOGVjWWxONmxIUlJoV3pTZGw0dzVBZm85czNLSHZmQ1UyUGtEYnRvR1lDNzEzbVdadVpEJTJCQmlaQmN1Tjk0U1dlNGpHJTJCY1dlMlV4amFqaVlXcnB4UnclM0QlM0Q
.adnxs.com/	1970-01-20 06:53:21	Name: icu Value: ChkI6pyEARAKGAEgASgBMLG88pYGOAFAAUgBELG88pYGGAA.
.cpx.to/	1970-01-20 13:29:21	Name: dsp_app_nexus Value: 8116403588374953936#1658625585541
.cpx.to/	1970-01-20 13:29:21	Name: dsp_dbm Value: CAESENtPuKn6prtBwIynPtP6eIo#1658625585585
.smartadserver.com/	1970-01-20 13:29:21	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 13:29:21	Name: pbw Value: %24b%3d16100%3b%24o%3d11100
.smartadserver.com/	1970-01-20 13:29:21	Name: pid Value: 4448964680182640545
.rubiconproject.com/	1970-01-20 13:29:21	Name: khaos Value: L5YMUKSX-4-FQXG
.rubiconproject.com/	1970-01-20 13:29:21	Name: audit Value: 1\|hLZGFuTafB1Exxr5yTK8O+fhqFI7AU9U903mtsHdljDp+RyhxjRLB1T06BjDL4yABIm2vO3goYyZMtfxBwgYdroCQT0/qtJWpVr6/NAT2SnQD5U7tEfUTQ==
.doubleclick.net/	1970-01-20 04:43:49	Name: DSID Value: NO_DATA
.creativecdn.com/	1970-01-20 13:29:21	Name: u Value: tvxKkEpvfTmBrlJmdO1S
.creativecdn.com/	1970-01-20 13:29:21	Name: ts Value: 1658625589
.adnxs.com/	1970-01-20 06:53:21	Name: anj Value: dTM7k!M4.FE:2jUF']wIg2In<f06ss!]tbP6j2F-.aE@%O4WYq=0QT>18k+x/5#1HPdN$F=K>Ck=QPOz'%U`4=N%_R#m-ou4q^7bXstGt!@Fs%*TZsn
.adnxs.com/	1970-01-20 06:53:21	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJzbWlsZXdhbnRlZCI6eyJ1aWQiOiJmNWJlZDM4YzhkOGM4YTcwNWFkYjU1MzgxYzMyNTgwZSIsImV4cGlyZXMiOiIyMDIyLTEwLTIyVDAxOjE5OjQ5WiJ9fSwiYmlydGhkYXkiOiIyMDIyLTA3LTI0VDAxOjE5OjQ5WiJ9
.360yield.com/	1970-01-20 06:53:21	Name: tuuid Value: cf199b4a-6287-4677-9cf8-cbad7c04bbd8
.360yield.com/	1970-01-20 06:53:21	Name: tuuid_lu Value: 1658625589
ads.stickyadstv.com/	1970-01-20 05:26:57	Name: UID Value: e2764d2fb838dc7fbb041d978d927e8
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: 358fd8a1219c94d82eb15d78e616ce
.amazon-adsystem.com/	1970-01-22 02:12:33	Name: ad-privacy Value: 0
.casalemedia.com/	1970-01-20 13:29:21	Name: CMID Value: YtyeNa9cwliSOL0y7s8kFQAA
.casalemedia.com/	1970-01-20 06:53:21	Name: CMPS Value: 5157
.casalemedia.com/	1970-01-20 06:53:21	Name: CMPRO Value: 5157
.yahoo.com/	1970-01-20 13:29:43	Name: A3 Value: d=AQABBDWe3GICEGw5wR4EGaAonNj5Ttau52oFEgEBAQHv3WLmYgAAAAAA_eMAAA&S=AQAAAv8eA2ELRJx9KFdIrliOMz0
.casalemedia.com/	1970-01-20 06:53:21	Name: CMTS Value: 1213
.spotxchange.com/	1970-01-20 05:24:04	Name: audience Value: b6735211-0aee-11ed-b3ea-156973b60206
.amazon-adsystem.com/	1970-01-20 10:45:11	Name: ad-id Value: A3tZUjaGmEOrjjQHM4aOEtM
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 22:15:39	Name: bcookie Value: "v=2&304429c2-fcb7-4b5f-8882-95e644f3941a"
.linkedin.com/	1970-01-20 22:05:31	Name: li_gc Value: MTswOzE2NTg2MjU1ODk7MjswMjH+WJgwEwVuI2v94HRAZu1C49O1IWMw89YA3RP2GDaOXA==
.linkedin.com/	1970-01-20 04:45:11	Name: lidc Value: "b=OGST03:s=O:r=O:a=O:p=O:g=2710:u=1:x=1:i=1658625589:t=1658711989:v=2:sig=AQFs3rLxMTx1i3lDuKjvRWLcuZKhJcQo"
.ads.pubmatic.com/	1970-01-20 04:45:11	Name: KCCH Value: YES
.smilewanted.com/	1970-01-20 13:29:42	Name: sw_user_params_infos Value: T62lQ9wmNuc0sYm2a9Th6g7RI03C9p3k8b7HtOJ0H1QEu7iKo9VWOXn5lOoDByMFV6IhnZlHmLFbmWPoIAGwjJLSHDihLvR%2BDNsKIurRgy9oJBOFVpa82n0l%2BH11CQ%2F33C8dtdU3DLuO4fOB00hjmJKN4QxTbFaeY5z08thQoW4aQQj1yF%2FTAfDwx6WqQtJPvDe1hTuvWH9RropwhlYfKCU0GJF4ora6bLM%2BqvYOQCGq913YmuxNoZH%2BKXMT8Ub7c1eR8KBfQz1sRs8c53hyCZQgeUKFdLtaCaMKX4WmmsEd9h5mfiwLKNZVKhX1P9BLtn8bUZBwnif4tHA4WYHPUthZJGN%2BJ7APjbVAdGlNT%2FB9cyAcqMfat4vQMnPcSV6qg8HDbvMdg5QxDD2DrS%2BrvAn%2FICUSlSzgwm6lcUyT2Gg%3D

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://freefirebrr.online/(Line 45) Message: Mixed Content: The page at 'https://freefirebrr.online/' was loaded over HTTPS, but requested an insecure script 'http://freefirebrr.online/wp-includes/js/wp-emoji-release.min.js?ver=6.0.1'. This request has been blocked; the content must be served over HTTPS.
javascript	error	URL: https://freefirebrr.online/ Message: Access to XMLHttpRequest at 'https://kvt.sddan.com/api/v1/public/p/29567/d/50/s?callback=&gdpr=&gdpr_consent=&url=https%3A%2F%2Ffreefirebrr.online%2F' from origin 'https://freefirebrr.online' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://kvt.sddan.com/api/v1/public/p/29567/d/50/s?callback=&gdpr=&gdpr_consent=&url=https%3A%2F%2Ffreefirebrr.online%2F Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs-simple.com
acdn.adnxs.com
ad.360yield.com
ads.pubmatic.com
ads.stickyadstv.com
ads.themoneytizer.com
ads.yahoo.com
adservice.google.com
adservice.google.nl
adtrack.adleadevent.com
ajax.googleapis.com
b1h.zemanta.com
boot.pbstck.com
btlr.sharethrough.com
c.tmyzer.com
cdn.adnxs.com
cdn.connectad.io
cdn.pbstck.com
ced.sascdn.com
cm.g.doubleclick.net
creativecdn.com
csync.smilewanted.com
d2zur9cc2gf1tx.cloudfront.net
dpm.demdex.net
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fra1-ib.adnxs.com
freefirebrr.online
googleads.g.doubleclick.net
gum.criteo.com
i.clean.gg
ib.adnxs.com
ice.360yield.com
id5-sync.com
image2.pubmatic.com
image6.pubmatic.com
intake.pbstck.com
kvt.sddan.com
match.adsrvr.org
mp.4dex.io
mug.criteo.com
mwzeom.zeotap.com
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com
onetag-sys.com
p.cpx.to
pagead2.googlesyndication.com
partner.googleadservices.com
pbjs.e-planning.net
pixel.quantserve.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.smilewanted.com
px.ads.linkedin.com
rules.quantcount.com
s.amazon-adsystem.com
s.cpx.to
s2.glbimg.com
secure.adnxs.com
secure.quantserve.com
spl.zeotap.com
ssum-sec.casalemedia.com
static.smilewanted.com
sync-eu.connectad.io
sync.search.spotxchange.com
sync.smartadserver.com
tag.leadplace.fr
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
ww1097.smartadserver.com
www.google.com
www.googletagservices.com
freefirebrr.online
kvt.sddan.com
s2.glbimg.com
104.18.18.126
104.90.104.226
104.92.74.8
108.156.253.167
141.95.98.67
145.239.192.166
147.75.85.234
15.197.193.217
151.101.193.108
172.217.16.130
172.217.16.194
172.67.10.198
178.250.0.157
18.156.126.13
18.200.85.0
185.184.8.90
185.64.189.110
185.86.137.110
185.86.137.17
185.94.180.125
186.192.91.9
198.47.127.19
2.16.238.158
2.16.91.19
23.35.236.201
2600:9000:223c:1c00:6:44e3:f8c0:93a1
2602:803:c004:200::141
2606:4700:10::6816:15d
2606:4700:10::6816:1857
2606:4700:10::6816:37ce
2606:4700:10::ac43:1997
2606:4700::6812:372
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2620:1ec:21::14
2a00:1288:80:807::1
2a00:1450:4001:803::2002
2a00:1450:4001:806::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::200a
2a00:1450:4001:813::2001
2a00:1450:4001:829::2004
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200a
2a02:2638::1c
2a02:6ea0:c700::11
2a05:d018:d29:3601:8fa7:badd:b745:6d42
2a06:98c1:3121::3
34.249.212.46
34.95.69.49
35.158.200.114
37.252.172.250
37.252.173.215
37.252.173.22
46.249.52.249
51.89.9.252
52.211.1.14
52.46.128.147
52.49.3.229
52.59.116.64
52.95.122.74
54.154.103.240
54.217.253.87
54.38.64.100
64.202.112.127
69.173.144.138
69.173.144.165
76.223.111.18
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0102d369a68cf743090b6eb0daea1e689b1bb8d2ac08dd441ab34bb1bca455da
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
047bb3d603b0eab19f5ee24f9e6881bde68096e69d460d73c3ec20e57c92a502
04a8bde8aeb87047442e029f58cfefa6d7361144fa414fde3b4a92a0b092abb6
04f5d63c75f9fabede423b3d013e6efd9a448190898a34499a4010a59014a8d2
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05fdf9059f82368fa058a4fed88c9b56263934d770af68ea301f57f80be88ca6
08173c62120e1302754444b698be7cac02ecdac1975d1e52f2b2febe1bee48ae
0891804a56327bacae315d5e5281bee36c729cabfe22697a28083eeb39eb8608
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bce77775d3374ceb5017c4b0d986be9c211ed72b8cbb808dd8aefadff19eb9b
13c3a168e07c10ca3db80605cdf6f5195507de06b7b5d3ca79f1e4b3f6e00433
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a1e3f7ccd4e21ad5a3d91c433f6f185a1f6d4ac72080611a1acb1f15ed904a8
1b71847575859881bb8360cdb94db69b2992aefaf90465c93ca3077522df5f0a
23794fa5d23b33e8885de294abe3c68a262eb13ddf2f48456a94ff22bd2afc34
240b702419d6c39ecc4896f0132ccfc9bc517e9aef0c782d99580e0c678b47d5
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
28b96f7dd5b99169b94e02f2abdcf2a2b2d5120894ed9dba434624901f0190ae
292e660b3ce419eb2e8dfc48e1765ea7a095d09160ad3ab7a7aaa4f164d91cf8
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7
34934dc0d2652647955344d4d53218860096f14217c81c1eb5b02e54526835b6
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3
43a24608e742c8adc12bc142cdbe6c8838100b1b507e954ab9965c8059896cf7
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44ce5487a962cfa990086c2190a76e047feb5cc24d164e9284dcaace3536d531
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681
488397c1e6080e41814b64cd43191ddc630a928a8aa95349bfa77d76bd1a80b9
4a78813d190e76860b247c13b0ebb23adc9049726bf5e5396226450d2f310e43
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d73f42ddabf2b39fe73527c628bf1a8780b3d3a2041d2aaf19a1c5c901deadd
51aa3bd58a097a9428304f72705e1c77721b19ca3d69eec0e75a59203bcd421d
52d507688e76dfbe48fce79beb89be7f30101e95e9e06c121c461e30517ab36f
52e68328b9a11982d5fbe1833d8e370288db11b2f9ecd346abb00c4c61461cf2
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57a0eda24c0987d1608aac9d83b3be75b8e7879f588bdfe7e1a04c5b5b3d7e4f
5823ad379ac31bec94820bf2337edad22ed3b2432cc09b2d3a7864dbe0334f38
5b946c77e4b95c4567745f802028bf2792b1e9cd070a773864036bbdbe6bf178
5cf0d589127ea8b98dac129f74506b8a199d7b613cab0cf586ae95ee69428a4b
5ed3b1a45272c6219956f399c6a4985142fa27446d7c9a75f91d7591960607bc
5f86fbe6f9cda69add588670bf8a9781f83e7ed2fe7b1b07c4172fa6eb080bc9
6157091b5d9a3b227b6f7fdc7f3efd9d5e3837ea3847669cbf4140d12c1a715b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
633c4d068a2439e7892410fade3e249dc130ff7b7147830640e350044fd5e3b8
638b6851aa89d856a997b5e96feef9e3529f109a761d27e2b07c8bb34ad59183
649144be1fa79362df36ab951a8b94ba05f5e7f1a484224bf9dc7f333fdb60dd
662817e21330cbf78ce4c0f606a0989b107d3dc4cf55849b6065ad9ee5096d66
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6c5b46d906c5852a2dca2c903e2f23ef5182a348c63539ee0cdd12a58b7cfa20
6dca9188a971c213f08d68e2e7928c366cf617c119c898a806d5003514f148bb
7854b91ba90be95df0d270b1d84aaf2fb2bd73bdfb27df6d65c7ae1fc57e5a90
7b8a15c8dbcc2b6f28bdb7ee4f2ea188329db594f56ba89bab81894a2878418c
7caca509e42e6620d4ca14e3162359383a89e9393a6356896a3de0f4850c278f
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333
817dcbe2aa92a904d48ef231f3391ae34c65427c74cfd4678fafcfb63608ee54
820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c
86a52b768e84fafc11bf154a9e66dbeee54c99a138c8e06b570d9d75a1f370b6
89ba0e7994aba0b9d30a3f033748d2b023dde8b643904a31e6d7207a29c4b0dd
8b6426fd4497967f0b242654b64085722f1132745f6fb6b075ea58b58162a5ff
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
99783840423ad21745b31d030e560320f8bafbe2b00ba77d03e0078f2e0fe6b7
9a680b90260b5106d79f4075491ab31daafa7429eff686453c40b58357309649
9b27f9125f79c1eda4376b75ce18306c6f6ebe8a6c1cc25974f18e31cb2b916f
9bad6f634a9a79433089a3c89db786eaac96bb12406ea9251b44c7a7dcadfb80
9d9be2900172c550297edc82e19f4fb18c0d07494db5e3ce8ddf1a1589012e7d
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7cd79a2c9cc563b31930c0a46ad4b385f5aca42d750ef422d0a5e14f7137654
a98f9d353eb3c3c6f19d1b7f223bd91f1b3ea946c7d65e43eb34536f81339246
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b06107002a7e2d18582fcec3bccb39f46a316c26093769260e14e17a4dfbf39e
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
b8f76f98505a3d8a161055f180c9f0302ffe29f66037aff8f1c3f600d17b5bb7
ba0613c3a16b10662ea843e0b8d21bfa1fd880aa3ae78cd07a8acae5bf3f6419
bb074470335c51ce340226d0cd210450874e73fe2ab2ea1577f97cda61018742
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
bf6aaa53ea17568c5f17a3b7bfe041de14b65821fff0c5e0a3f01372f9ebe4ff
c0a6f6976e174cf00cd9d1c8eec636cb25047d153e934ba08106d64e481b9eee
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1
c66b6c520bc8f03c7641867eb6bdd5e8bcfc30d04499d46797d94ce98fc5799b
cabeba94738a961f0e3ee62c071f3d3759cb1bc06fad8a9f487bd28586203ba0
d46f8343e38c8581a94f8b9cc4566db275821d312299fe6105daf70a76cf3b93
d48411f06ef7e08ec3fe3cb40ad62db57ff6e67d649cf1965b12aa57e159fcab
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d814270b526e641371aa0a33d22b2ea535648c97976657a6259ebc7745747fd2
d8980c287f7b57728b971ff9843ac168875b5aca70740829f95be4021e7d3380
dafa3ce4de4cc56876b0fc6c36628fbcade9f4b07d7f27e4ca67744d91b2beb7
ddee42f0479e1ab0136eb77afab84d67793706e153ea0a22ae5ea76e1237d4f9
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
dfa9611868d33a45d19da41a82b457d94fc88062d8f182e7bc1e9b7c43f6a462
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
e0853ff5bcf167a9ed8a3067f501bb85a3eefb651b21ee9fa6e1f27004263aa0
e1a52c0a06fa9f65e015b02e7ec463fd621211a9d2ae44b6660597900e927fbb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d0340c3bfad8cbb5a5fd678d4764a09007adda01e47d03f13de6edfb0ea222
e641c3063dd0ca25ef7274e13198fe9eac2606e4ef7dd4b17eb07c98991bf3c0
eaac8d630e1ee6ac92c9be1a32575934646babbc8bad344f81e9dae972d0f149
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
eb861e3c0220c94296bbdeb8deb876054e90e7d60dd27b7b8eb04be54d94b5d8
ec045d7da7cbcac15cf15a3fbce0718d9603e62d91fbb1e8e99ba9ad531d64cb
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ee30de0a826081966aa58bd563d92e80a28a2af7415ad440889ddc1c0a3b5ef5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efe106cdabad8466633e27e5ff511af28a83d422c2f4daecc92069d078029c88
f096a5e3a6069afeab4c0a55f77eccc4944a4cd58b2f96e6c90102c71ccd9e6d
f0b722c48c52082cd77261574e22a5251fe37ea4b291b1441134145bab9b2063
f45e0717c477fa26085f608a78b8e6e30221db64470ed0ad14f72a418c4c3890
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7e89e4afc331fc93c66cd84374ac594e0dba7a871eb21494ff1dde9ba1293fa
f7ec795d6ca0df8d0083c41b1a57aed9a3500897442639a0c24999a749eed08a
f97f50780895cb200405df8c7bd49cf19ff8b443e2273064aeb1608b55b43e18
fb242b5f299cd08ee579ad1b46e13cb235bb595dd10b03fab7dfadfc61103be6
fdd9cbba3bf008781e612f203bbe8674b395685abc0691fcc03a571aeb140d29
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

freefirebrr.online Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

225 Requests

91 %HTTPS

35 %IPv6

51 Domains

78 Subdomains

60 IPs

8 Countries

2186 kBTransfer

5443 kBSize

54 Cookies

1 Outgoing links

Page URL History

Redirected requests

225 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

freefirebrr.online Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

225
Requests

91 %
HTTPS

35 %
IPv6

51
Domains

78
Subdomains

60
IPs

8
Countries

2186 kB
Transfer

5443 kB
Size

54
Cookies

225 HTTP transactions
4 data transactions