www.freedidi.com Open in urlscan Pro
2606:4700:20::681a:52 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.ahwei.link/
Effective URL:
https://www.freedidi.com/9982.html
Submission: On December 29 via api (December 29th 2023, 4:54:37 am UTC) from US — Scanned from US

Summary HTTP 115 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 14 IPs in 2 countries across 11 domains to perform 115 HTTP transactions. The main IP is 2606:4700:20::681a:52, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.freedidi.com.
TLS certificate: Issued by GTS CA 1P5 on November 12th 2023. Valid for: 3 months.

This is the only time www.freedidi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.67.42.145 54.67.42.145	16509 (AMAZON-02) (AMAZON-02)
1 37	2606:4700:20:... 2606:4700:20::681a:52	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4006:80c::200a	15169 (GOOGLE) (GOOGLE)
15	2607:f8b0:402... 2607:f8b0:4020:804::200e	15169 (GOOGLE) (GOOGLE)
13	2607:f8b0:400... 2607:f8b0:4006:809::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4006:80b::2003	15169 (GOOGLE) (GOOGLE)
2 9	2607:f8b0:402... 2607:f8b0:4020:804::2002	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:402... 2607:f8b0:4020:806::2001	15169 (GOOGLE) (GOOGLE)
18	2607:f8b0:400... 2607:f8b0:4006:80f::2001	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:402... 2607:f8b0:4020:807::2003	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:402... 2607:f8b0:4020:807::2002	15169 (GOOGLE) (GOOGLE)
4	172.217.13.162 172.217.13.162	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:402... 2607:f8b0:4020:807::2004	15169 (GOOGLE) (GOOGLE)
115	14

1 54.67.42.145 (San Jose, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-67-42-145.us-west-1.compute.amazonaws.com

www.ahwei.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2606:4700:20::681a:52 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.freedidi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80c::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2607:f8b0:4020:804::200e (Montreal, Canada)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f8b0:4006:809::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80b::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4020:804::2002 (Montreal, Canada) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4020:806::2001 (Montreal, Canada)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2607:f8b0:4006:80f::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4020:807::2003 (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4020:807::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.13.162 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:807::2004 (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	freedidi.com 1 redirects www.freedidi.com	985 KB
31	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	585 KB
16	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1404 www.google.com — Cisco Umbrella Rank: 2	131 KB
9	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	109 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	77 KB
6	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 428	112 KB
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	2 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	129 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 864	7 KB
1	ahwei.link 1 redirects www.ahwei.link	281 B
115	11

	Domain	Requested by
37	www.freedidi.com	1 redirects www.freedidi.com static.cloudflareinsights.com
18	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
15	fundingchoicesmessages.google.com	www.freedidi.com pagead2.googlesyndication.com
13	pagead2.googlesyndication.com	www.freedidi.com pagead2.googlesyndication.com tpc.googlesyndication.com
9	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com www.freedidi.com
6	cdn.ampproject.org	googleads.g.doubleclick.net pagead2.googlesyndication.com
5	www.gstatic.com	googleads.g.doubleclick.net
4	www.googleadservices.com	www.freedidi.com
3	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	www.freedidi.com googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net
1	www.google.com	tpc.googlesyndication.com
1	static.cloudflareinsights.com	www.freedidi.com
1	www.ahwei.link	1 redirects
115	14

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
space.bilibili.com
www.dynadot.com
vercel.com
www.vultr.com
twitter.com
www.facebook.com
pinterest.com
www.linkedin.com
go.expressvpn.com

Subject Issuer	Validity	Valid
www.freedidi.com GTS CA 1P5	`2023-11-12` - `2024-02-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://www.freedidi.com/9982.html
Frame ID: FCB2604B2CE2D70E052BFCB9A066A1CA
Requests: 66 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: FFBB8717682A61E5F1A0F7F2AC6F5B3B
Requests: 1 HTTP requests in this frame

Frame: https://www.freedidi.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
Frame ID: 66917DB4A0B04C6D93F7ACA659BDF9D8
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3907260628152818&output=html&adk=1812271804&adf=3025194257&lmt=1703823125&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.freedidi.com%2F9982.html&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703825670953&bpp=8&bdt=436&idt=234&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=876683534106&frm=20&pv=2&ga_vid=780049610.1703825671&ga_sid=1703825671&ga_hid=830999351&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079437%2C95320884&oid=2&pvsid=1847314782874931&tmod=1403364271&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=268
Frame ID: 91426519EB6408893EFDA41AA3E35764
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3907260628152818&output=html&h=590&slotname=8860042738&adk=3730733119&adf=140651668&pi=t.ma~as.8860042738&w=1180&cr_col=4&cr_row=2&fwrn=2&lmt=1703823125&rafmt=9&format=1180x590&url=https%3A%2F%2Fwww.freedidi.com%2F9982.html&ea=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703825670961&bpp=2&bdt=445&idt=268&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=876683534106&frm=20&pv=1&ga_vid=780049610.1703825671&ga_sid=1703825671&ga_hid=830999351&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=100&ady=3138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079437%2C95320884&oid=2&pvsid=1847314782874931&tmod=1403364271&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=275
Frame ID: FFB7AF71E291E3001C58BD6340C8234C
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3907260628152818&output=html&h=600&slotname=8121676132&adk=1871830121&adf=2363148817&pi=t.ma~as.8121676132&w=220&fwrn=4&fwrnh=100&lmt=1703823125&rafmt=1&format=220x600&url=https%3A%2F%2Fwww.freedidi.com%2F9982.html&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703825670963&bpp=1&bdt=447&idt=278&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1180x590&nras=1&correlator=876683534106&frm=20&pv=1&ga_vid=780049610.1703825671&ga_sid=1703825671&ga_hid=830999351&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1340&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079437%2C95320884&oid=2&pvsid=1847314782874931&tmod=1403364271&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=283
Frame ID: 26B319EB92D1259AD038185185FBC786
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3907260628152818&output=html&h=280&slotname=8121676132&adk=2110978461&adf=1795251393&pi=t.ma~as.8121676132&w=1200&fwrn=4&fwrnh=100&lmt=1703823125&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.freedidi.com%2F9982.html&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703825670965&bpp=1&bdt=448&idt=320&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1180x590%2C220x600&nras=1&correlator=876683534106&frm=20&pv=1&ga_vid=780049610.1703825671&ga_sid=1703825671&ga_hid=830999351&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=3974&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079437%2C95320884&oid=2&pvsid=1847314782874931&tmod=1403364271&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=323
Frame ID: C5EA24C7917478F96CF7709A23F8EE7C
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: F7CC9E52EFF9464913B38C64AA559A03
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 0AC9E145E2B34FC42E7962CD2A468A31
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9CD3CAEEC19D33C70A1808D0B5A46CA5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 69698C9104F42AD71EC9CBD497947520
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Poppins%3A400%2C600
Frame ID: 759A96AE23191A447EB30B8E686A3BD0
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js
Frame ID: 79E856B331C2F9527164856B5CA48685
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

最新可用的【免费域名】注册教程！无需实名验证，不需要信用卡 – 零度解说

Page URL History Show full URLs

https://www.ahwei.link/ HTTP 301
https://www.freedidi.com/9982.html Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

115
Requests

97 %
HTTPS

86 %
IPv6

11
Domains

14
Subdomains

14
IPs

2
Countries

2138 kB
Transfer

4504 kB
Size

7
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.youtube.com/channel/UCvijahEyGtvMpmMHBu4FS2w
Title: 油管

Search URL Search Domain Scan URL

URL: https://space.bilibili.com/625267185
Title: B站

Search URL Search Domain Scan URL

URL: https://www.dynadot.com/register-your-free-link-domain
Title: 链接直达

Search URL Search Domain Scan URL

URL: https://vercel.com/new/clone?repository-url=https://github.com/EvanNotFound/vercel-hexo-template/tree/main&template=hexo
Title: 点击打开

Search URL Search Domain Scan URL

URL: https://www.vultr.com/?ref=7045490
Title: 链接直达

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.freedidi.com/9982.html&text=%E6%9C%80%E6%96%B0%E5%8F%AF%E7%94%A8%E7%9A%84%E3%80%90%E5%85%8D%E8%B4%B9%E5%9F%9F%E5%90%8D%E3%80%91%E6%B3%A8%E5%86%8C%E6%95%99%E7%A8%8B%EF%BC%81%E6%97%A0%E9%9C%80%E5%AE%9E%E5%90%8D%E9%AA%8C%E8%AF%81%EF%BC%8C%E4%B8%8D%E9%9C%80%E8%A6%81%E4%BF%A1%E7%94%A8%E5%8D%A1

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.freedidi.com/9982.html

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https://www.freedidi.com/9982.html&media=&description=%E6%9C%80%E6%96%B0%E5%8F%AF%E7%94%A8%E7%9A%84%E3%80%90%E5%85%8D%E8%B4%B9%E5%9F%9F%E5%90%8D%E3%80%91%E6%B3%A8%E5%86%8C%E6%95%99%E7%A8%8B%EF%BC%81%E6%97%A0%E9%9C%80%E5%AE%9E%E5%90%8D%E9%AA%8C%E8%AF%81%EF%BC%8C%E4%B8%8D%E9%9C%80%E8%A6%81%E4%BF%A1%E7%94%A8%E5%8D%A1

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.freedidi.com/9982.html

Search URL Search Domain Scan URL

URL: https://go.expressvpn.com/c/2612933/1645830/16063

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.ahwei.link/ HTTP 301
https://www.freedidi.com/9982.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://www.freedidi.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.freedidi.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

Request Chain 71

https://googleads.g.doubleclick.net/pagead/adview?ai=C1Oi8B1GOZYKwEKeA3rsPjpemsAjdrq2IdcKCz8uhEdrZHhABIOHv_ngoAmDJxqmLwKTYD6AB6f31zwPIAQaoAwHIAwKqBO4BT9ClV02rX-rhGHcsaqjftmbuppIFLxkXxFy5nb-DQONoyvmhR9nLx4f7_H9FVMD1dxgModUH4-_Bl-icWI0Bh-138DLpbLUbWnypFyFw6gHtqBfxnFG_9DuNfDQjXC5z54sNr8ExQPGjqMPsMybM10LmGRrmHUMJI5xUTQWxD42IS7GORB7QChfDbxRBrIFklwMIaJCrxAy6guY9qPO2qh8gBqQzFBUhbBptJz8N16c_FdKV6PLKD9NDG15XclcY-J9Q4M4NRQyKEjd9MFbU6xqNOUoegljytMc7X8XoRDHGNwlPfbZ9QG4itLuDf8AEtpbAvJgEiAXo6Y7XSZIFBAgEGAGSBQQIBRgEoAY3gAeBt5_TAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEIiWBdIIHwiAYRABGB8yAooCOgSAQIBASL39wTpYuZ2Un-2zgwOaCTxodHRwczovL2Zhdm9yaXRlc2VhcmNoZXMuY29tL2luZGV4LnBocD9yZ2lkPTUyODY2OCZzdWI9Z2NsaWSACgHICwGiDBwqGgoY5LSxAu61sQK1uLECrLqxAuS0sQLutbEC2gwRCgsQ0Pqik4OomKDVARICAQPYEwzQFQGAFwGyFxwKGggAEhRwdWItMzkwNzI2MDYyODE1MjgxOBgA&sigh=CHtRnlItw0k&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_GgW3K3-tqiSSD5aWpl5gznMS_ipqNGxqQFTWjZHtcQy4OSgY62fyhE7fBHzayZdOWf9RLxnx4yJWVfG6d2a2QaYaqWOwlzgGKxgB&template_id=492&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xaa226f381c91c6980000000000000000%22,%222%22:%220xb6cb5d3a5e2b4f2d0000000000000000%22,%223%22:%220xaf100929bce22fdc0000000000000000%22,%224%22:%220xba92ac2ba00961a00000000000000000%22,%225%22:%220xef2f8374b7c9e5a80000000000000000%22},%22debug_key%22:%229740412030026218999%22,%22debug_reporting%22:true,%22destination%22:%22https://favoritesearches.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22972914409%22],%2222%22:[%22true%22],%224%22:[%2212-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214184815870890241857%22}&andc=true

Request Chain 72

https://googleads.g.doubleclick.net/pagead/adview?ai=C4Vm7B1GOZYKwEKeA3rsPjpemsAjptafqcczbzav7EGQQAiDh7_54KAJgycapi8Ck2A-gAZW2r54DyAEGqAMByAMCqgTwAU_Q-Fhmq1zq4Rh3LGqo37Zm7qaSBS8ZF8RcuZ2_g0DjaMr5oUfZy8eH-_x_RVTA9XcYDKHVB-PvwZfonFiNAYftd_Ay6Wy1G1p8qRchcOp57qhX8Y9ZvzskYxuUJNaZngw-2Uoq43jso50273fTzxO35Znv5T12CgOpV03wsg94i0tEjUTr0wjiwG3hQqx0Z5f2C2hlqMT5uYMTPqkGtarqIwZRMBTgImzvbifKDtdSPBUnlsgSzOGwogrcWBQpyOJCGeIDBUVMEFiOf-GI3vf8L5m7V5mVHRzmrlXn5FyHL34SgpiaX0521nKxn5kGnMAEyOLmpLoBiAX-t8vhA5IFBAgEGAGSBQQIBRgEoAY3gAfTydBhqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQiJYF0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOli5nZSf7bODA5oJS2h0dHBzOi8vd3d3LmF2YXN0LmNvbS9lbi11cy9scC1wcGMtZnJlZS1hdj9wcGNfY29kZT0wMTImcHBjPXgmZ2Nsc3JjPWF3LmRzJoAKAcgLAaIMHCoaChjktLEC7rWxArW4sQKsurEC5LSxAu61sQLaDBAKChDgq_TIyZfFnVcSAgED2BMMiBQB0BUBmBYBgBcBshccChoIABIUcHViLTM5MDcyNjA2MjgxNTI4MTgYAA&sigh=x0mftFQUfB8&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_GgW3K3-tqiSSD5aWpl5gznMS_ipqNGxqQFTWjZHtcQy4OSgY62fyhE7fBHzayZdOWf9RLxnx4yJWVfG6d2a2QaYaqWOwlzgGKxgB&template_id=492&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x27d32e7ab032ff4f0000000000000000%22,%222%22:%220x2e8a7875f50f78560000000000000000%22,%223%22:%220xc296c6bb5d6686340000000000000000%22,%224%22:%220xf48bab78522225400000000000000000%22,%225%22:%220x920936928a76ffa0000000000000000%22},%22debug_key%22:%2212614604685715945510%22,%22debug_reporting%22:true,%22destination%22:%22https://avast.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22868997909%22],%2222%22:[%22true%22],%224%22:[%2212-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217149421164512247617%22}&andc=true

115 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 9982.html Show response
www.freedidi.com/
Redirect Chain

https://www.ahwei.link/
https://www.freedidi.com/9982.html

123 KB
40 KB

189ms
107ms

Document
text/html

2606:4700:20::681a:52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freedidi.com/9982.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eaa75f3ae369c70a57e27b87baa8388ca4ccae41ea479aa90b92cb32edb018f8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=2678400
cf-cache-status: HIT
cf-ray: 83cf72080aa38c89-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 29 Dec 2023 04:54:30 GMT
last-modified: Fri, 29 Dec 2023 04:12:05 GMT
link: <https://www.freedidi.com/wp-json/>; rel="https://api.w.org/" <https://www.freedidi.com/wp-json/wp/v2/posts/9982>; rel="alternate"; type="application/json" <https://www.freedidi.com/?p=9982>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O2Kv6w2BXJAUAQI%2FLU%2FmA30VRuCaP2JA5MdFgRuMnuGhN0emyJ5D21fuT7qeG7n3BZm4NqZramtc2%2BCITtaS%2BPkRE%2FZPmV4Q6x7ZtTUTKIVFlhaSu5zEwu4Pdidp0qwTAersvBVCEaN1MK1vloI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding, Cookie

Redirect headers

Cache-Control: private, no-cache, no-store, max-age=0
Connection: Keep-Alive
Content-Length: 0
Date: Fri, 29 Dec 2023 4:54:27 GMT
Expires: Mon, 01 Jan 1990 0:00:00 GMT
Location: https://www.freedidi.com/9982.html
X-Frame-Options: SAMEORIGIN

GET
H2 200 style.min.css
www.freedidi.com/wp-includes/css/dist/block-library/ 107 KB
15 KB 33ms
23ms Stylesheet
text/css 2606:4700:20::681a:52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freedidi.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/9982.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 04:54:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 10 Nov 2023 01:19:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 20494
etag: W/"654d8536-1add3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Ezdrw5uyUgdppRBxSDwaMpOdzM2vBCB44XSX%2B25tEl101%2Fhw8w8VqxTmrypOQQAv%2Fi3rbm%2BlJNMXO5ZQIAAmXwxL0fVoAcGy8LlisaQSaBZAWLt7v66bNA1BiKYDvbjDIycrjH3MmOuE7KF4u8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 83cf7208db238c89-EWR
alt-svc: h3=":443"; ma=86400
expires: Fri, 27 Dec 2024 15:31:48 GMT

GET
H2 200 style.css
www.freedidi.com/wp-content/themes/gridzone/ 58 KB
13 KB 36ms
27ms Stylesheet
text/css 2606:4700:20::681a:52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freedidi.com/wp-content/themes/gridzone/style.css?ver=6.4.2
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4285c04e1f1cccedc0999a665ea1aba54b2e95f247c35e4b883c37c0525610

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/9982.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 04:54:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20494
cf-polished: origSize=79519
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 30 Oct 2023 02:19:31 GMT
server: cloudflare
etag: W/"653f12b3-1369f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aaqVmSRMcQqwnna6Zh79aAlL%2FyCssXkq03pw3uz79myH442Zf6WfnyYl1%2Fve0y8BVNdOLxV50asdK5QJsryDzmW0uNQYws4wllk0Y1h4hSlXoBFbqb%2Fa6Cqv724XrGswDIJDJKkR32KMESftT8w%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 83cf7208db268c89-EWR
expires: Fri, 27 Dec 2024 15:31:49 GMT

GET
H2 200 responsive.css
www.freedidi.com/wp-content/themes/gridzone/ 5 KB
2 KB 26ms
17ms Stylesheet
text/css 2606:4700:20::681a:52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freedidi.com/wp-content/themes/gridzone/responsive.css?ver=6.4.2
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3323050ebf52eb4c5c2423504a753d0f9c5c9fb711a78fbb0c3bf6065343af5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/9982.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 04:54:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20494
cf-polished: origSize=7274
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 30 Oct 2023 02:19:31 GMT
server: cloudflare
etag: W/"653f12b3-1c6a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KRtCi6H5G%2BbTrBFROouj79e5BGSD9zwOavYX6oYFhP105ww7y0x6%2BLdokCwullM2s4EwzRKQntSGLCbjFTo9nAeds4qIJs0ZHvx5kW85HMGnc5RFTZIGsEYB%2FBKIAn2sO8Wg3xoGa43JM2pVqjc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 83cf7208db278c89-EWR
expires: Fri, 27 Dec 2024 15:31:24 GMT

GET
H2 200 all.min.css
www.freedidi.com/wp-content/themes/gridzone/fonts/ 100 KB
23 KB 29ms
20ms Stylesheet
text/css 2606:4700:20::681a:52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freedidi.com/wp-content/themes/gridzone/fonts/all.min.css?ver=6.4.2
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3dc0bc2b534e4bde8b4eba93fe618d4c13250708d8236979ea7a1aed051b4a35

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/9982.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 04:54:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 30 Oct 2023 02:19:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 20494
etag: W/"653f12b3-18e59"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7vXU8fLcK60H%2FdpD6w5ZqUBoTQKD6ulTc%2BUXDnrUNgaPRc0nNzhKgokHzesmrQwpbyWTYrxEjDlyF3gmZACRMux6e0Ak4XK%2B2c8%2BgWuompiYQ8gjh9KXXED%2FskeUGrP%2FvcuA5OolKrCTS%2BVtWcs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 83cf7208db288c89-EWR
alt-svc: h3=":443"; ma=86400
expires: Fri, 27 Dec 2024 15:31:25 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 191ms
20ms Stylesheet
text/css 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C300italic%2C300%2C400italic%2C700&subset=latin%2Clatin-ext&ver=6.4.2

Requested by

Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

089253e7cbb4519bfd3fbd4362018b9b60cbbdad59eb458e080d913bd609b01f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 29 Dec 2023 04:54:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 29 Dec 2023 04:54:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 29 Dec 2023 04:54:30 GMT

GET
H2 200 enlighterjs.min.css
www.freedidi.com/wp-content/plugins/enlighter/cache/ 83 KB
10 KB 28ms
24ms Stylesheet
text/css 2606:4700:20::681a:52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freedidi.com/wp-content/plugins/enlighter/cache/enlighterjs.min.css?ver=NhS9nIl+CGoyT1V
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63b67dc2449b77021edac9985e599c47578d649d8303330812510422bbd0221d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/9982.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 04:54:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 27 Dec 2023 15:06:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 20494
etag: W/"658c3d92-14d0e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k1uICmXMel5KzONrv0mlOm2cBdoOGHBtV2rLQFmPc1b8REpJGIEI5g2J06jTDr%2BGOtjgUQukLzISyi5FRj1lGChuMYTm9YeRDl7fhPqxS2WDCnwE%2FT%2BW%2BL70v5l4L4RDiqbuTN4aQUQutZk6oyE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 83cf7208db298c89-EWR
alt-svc: h3=":443"; ma=86400
expires: Fri, 27 Dec 2024 15:09:04 GMT

GET
H2 200 jquery.min.js Show response
www.freedidi.com/wp-includes/js/jquery/ 86 KB
31 KB 24ms
21ms Script
application/javascript 2606:4700:20::681a:52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freedidi.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/9982.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 04:54:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 10 Nov 2023 01:19:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 20494
etag: W/"654d8536-15601"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s2g8tGbzDAuABZ4BPk8BnWLMba3giJ9cLJcqLLAGeqqanZvflRvhfAb%2FehFJqCKvvMLjGgZ6L28WEYN5dYaJ%2Fp6PzXBPirOAY4O0cELmDXXYoMEpk%2FRtSK4B7N7KjA6QRFRG1rq5JMX4Mxq7ZB0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 83cf7208db2a8c89-EWR
alt-svc: h3=":443"; ma=86400
expires: Fri, 27 Dec 2024 15:31:26 GMT

GET
H2 200 jquery-migrate.min.js Show response
www.freedidi.com/wp-includes/js/jquery/ 13 KB
5 KB 27ms
24ms Script
application/javascript 2606:4700:20::681a:52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freedidi.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/9982.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 04:54:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 09 Jun 2023 05:49:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 20494
etag: W/"6482bd64-3509"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xGaSaCUnZFHaKXMwqL74wr5dyocuP0TydeqwzsNTAy4Z9XaWSa41q7c%2Fgd%2BdIKamiTXd4ARWLyW5XLp2EQvIbccgr3ixMbYwNd0YBCzGB4ANlzqcxIdHkGgVbYGxFXjN8WsEosx2s9ZNswJeonI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 83cf7208db2b8c89-EWR
alt-svc: h3=":443"; ma=86400
expires: Fri, 27 Dec 2024 15:31:26 GMT

GET
H2 200 slick.min.js Show response
www.freedidi.com/wp-content/themes/gridzone/js/ 43 KB
11 KB 21ms
18ms Script
application/javascript 2606:4700:20::681a:52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freedidi.com/wp-content/themes/gridzone/js/slick.min.js?ver=6.4.2
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 254d80a49d0c9fced2fd0c272e7b868ca726df8189dc9c5735c56a33e7853dfc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/9982.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 04:54:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 30 Oct 2023 02:19:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 20494
etag: W/"653f12b3-ab7a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UYiMY2GBCqnkr%2BlnXa3xoKO2z7yMuh0ApJ99Hi7saYh15A2%2FdX4CelScG4vwtDv%2BpDek5E8cnO%2FUTUKgGo7sMj4f83Yxbis2Gpy22yGytmqkU2aRrh0t2OqVV3eDB4%2BwYsqdVVDGZANEFweefuo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 83cf7208db2c8c89-EWR
alt-svc: h3=":443"; ma=86400
expires: Fri, 27 Dec 2024 15:31:26 GMT

GET
H2 200 pub-3907260628152818 Show response
fundingchoicesmessages.google.com/i/ 182 KB
61 KB 134ms
59ms Script
application/javascript 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/pub-3907260628152818?ers=1

Requested by

Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

13e5952182fa19577d83c1858ce1a771342ee7aa64ca6eaa411cb8e2c302f791

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-QIGvdsqAgEyGG8pDr-Y5aQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 04:54:30 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-QIGvdsqAgEyGG8pDr-Y5aQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Screenshot-2023-07-27-124448-940x534.jpg
www.freedidi.com/wp-content/uploads/2023/07/ 19 KB
19 KB 97ms
94ms Image
image/webp 2606:4700:20::681a:52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.freedidi.com/wp-content/uploads/2023/07/Screenshot-2023-07-27-124448-940x534.jpg
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c243166b4e1f3fee93083bce5af424556466416e607317ed3faf2984395a58fc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/9982.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 04:54:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: qual=85, origFmt=jpeg, origSize=29545
content-disposition: inline; filename="Screenshot-2023-07-27-124448-940x534.webp"
alt-svc: h3=":443"; ma=86400
content-length: 19078
cf-bgj: imgq:85,h2pri
last-modified: Thu, 27 Jul 2023 12:45:46 GMT
server: cloudflare
etag: "64c266fa-7369"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z3pN%2BQExgSISA1KqcIbQboDQr9r0EtmhOcJn%2FRVRHf7qKicEFlQkqIARxsGJjgboKQIUl4v2OGNpvGazMYanmndWwNJbxyDjWxLTC0YFOX8Tk1xaqMr%2F9H9nQTFOORnNfv5NLQW7SL86KwI31ek%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83cf7208db2d8c89-EWR
expires: Sat, 28 Dec 2024 00:35:06 GMT

GET
H2 200 d152889b03714650a8abd0afbebe7354-520x347.jpg
www.freedidi.com/wp-content/uploads/2022/01/ 34 KB
34 KB 98ms
95ms Image
image/webp 2606:4700:20::681a:52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.freedidi.com/wp-content/uploads/2022/01/d152889b03714650a8abd0afbebe7354-520x347.jpg
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 070e0b7bab0c14229c36c2471906abb72eb9996772cf271e83ab85ec4c4ac70e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/9982.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 04:54:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: qual=85, origFmt=jpeg, origSize=41021
content-disposition: inline; filename="d152889b03714650a8abd0afbebe7354-520x347.webp"
alt-svc: h3=":443"; ma=86400
content-length: 34696
cf-bgj: imgq:85,h2pri
last-modified: Thu, 13 Jan 2022 22:42:58 GMT
server: cloudflare
etag: "61e0aaf2-a03d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q8zsT9Cs2IpIacU2OT43vw9Jbc%2B8cMFCOtpJ5ng%2BudW%2BDpC0kjKWIF3LiyfQFhz7%2F%2BAW7hhmIbQm1GtqzwDcUMY4z%2FX%2FzekKU3fDcf8GN%2BX5yTT6tcLyMBfgDU9WmaqlmKFQvGop%2BJAQzPtl6%2BI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83cf7208db2f8c89-EWR
expires: Sat, 28 Dec 2024 04:48:02 GMT

GET
H2 200 %E6%9C%80%E5%A5%BD%E7%9A%84%E5%85%8D%E8%B4%B9%E6%9D%80%E6%AF%92%E8%BD%AF%E4%BB%B6-520x347.png
www.freedidi.com/wp-content/uploads/2020/07/ 169 KB
169 KB 116ms
113ms Image
image/webp 2606:4700:20::681a:52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.freedidi.com/wp-content/uploads/2020/07/%E6%9C%80%E5%A5%BD%E7%9A%84%E5%85%8D%E8%B4%B9%E6%9D%80%E6%AF%92%E8%BD%AF%E4%BB%B6-520x347.png
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 298052dbec4eb0570e729c73bfa01034954d6c9f112ace92a55d367b932c0ba0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/9982.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 04:54:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=266797
content-disposition: inline; filename="%E6%9C%80%E5%A5%BD%E7%9A%84%E5%85%8D%E8%B4%B9%E6%9D%80%E6%AF%92%E8%BD%AF%E4%BB%B6-520x347.webp"
alt-svc: h3=":443"; ma=86400
content-length: 172596
cf-bgj: imgq:85,h2pri
last-modified: Sun, 27 Jun 2021 23:32:08 GMT
server: cloudflare
etag: "60d90a78-4122d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AfAc%2FlOOgqbr8fuyj0crV1AkuAuPKImTlCVz02YF8OIt2Gxxew6KaZ0yIFs5bvHCM3VxqelbICcfVTdMJtGdQGkvdnsjny%2B9qPUZV2CsObinmH%2FxTi3ZvG89Nqif5RCKD%2FER71GhaTYH6AireVs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83cf7208db338c89-EWR
expires: Sat, 28 Dec 2024 01:11:31 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 71ms
41ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3907260628152818

Requested by

Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bd3a68b4a16420c317af1cb6d1624eddb0ae1eb7044f0c6d95579eb5d6643e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.freedidi.com/
Origin: https://www.freedidi.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 04:54:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51700
x-xss-protection: 0
server: cafe
etag: 16990722675350358818
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 29 Dec 2023 04:54:30 GMT

GET
H3 200 vip.jpg
www.freedidi.com/wp-content/uploads/ads/ 11 KB
12 KB 18ms
16ms Image
image/webp 2606:4700:20::681a:52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.freedidi.com/wp-content/uploads/ads/vip.jpg
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 053f8e07a56575734b3e376a4398321767f5d29953e0d42992328e42b155e748

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/9982.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 04:54:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 76
cf-polished: qual=85, origFmt=jpeg, origSize=26953
content-disposition: inline; filename="vip.webp"
alt-svc: h3=":443"; ma=86400
content-length: 11400
cf-bgj: imgq:85,h2pri
last-modified: Fri, 03 Mar 2023 21:27:08 GMT
server: cloudflare
etag: "6402662c-6949"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pZSSmvHp4uE5gfAZ3pavgVIJDY0FrbqOFG0oPjxreJvib2EFTw2oY%2BXw87mWO7pSdj5gqtwdhVAF6TZCPnq4zOSFxeavMAfMcwAhR2215qS6mGnYY0F7D1wA4otRRWNFrNqGTBNgA94%2FJniDh%2B8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83cf7209dcb741df-EWR
expires: Sat, 28 Dec 2024 03:36:23 GMT

GET
H3 200 js.cookie.min.js Show response
www.freedidi.com/wp-content/plugins/ad-invalid-click-protector/assets/js/ 1 KB
1 KB 17ms
15ms Script
application/javascript 2606:4700:20::681a:52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freedidi.com/wp-content/plugins/ad-invalid-click-protector/assets/js/js.cookie.min.js?ver=3.0.0
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85e74cf367fdd70c3bdbb603df85574f4f7e9a99b6f77c3e0b4cee1c9fe5105c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/9982.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 04:54:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 30 Oct 2023 03:17:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 19027
etag: W/"653f2055-5dc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=maOco9NVmVZ43c%2FKvIMTbsKf2EX2LtdjT08Nhr%2ByMDFOK1092a1Na4aa59yLxb%2BlIxQ%2FLA2jmhs4N3xAD4jHvVjxTujyRvOoBf9B8BFtSg107k%2FFAGwgBQYUUFKPBs6EqSRPYsEm%2F81nhwNMugQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 83cf7209dcb841df-EWR
alt-svc: h3=":443"; ma=86400
expires: Fri, 27 Dec 2024 15:37:35 GMT

GET
H3 200 jquery.iframetracker.min.js Show response
www.freedidi.com/wp-content/plugins/ad-invalid-click-protector/assets/js/ 3 KB
2 KB 18ms
16ms Script
application/javascript 2606:4700:20::681a:52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freedidi.com/wp-content/plugins/ad-invalid-click-protector/assets/js/jquery.iframetracker.min.js?ver=2.1.0
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 169129c84912473c3eea8cb0783089f986648c26f879f25caf12b9933feedebe

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/9982.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 04:54:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 30 Oct 2023 03:17:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 79
etag: W/"653f2055-c72"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S7HkDb1nAcC1dZ9ItybtvpwywZ6MSTTN7fwyaojXy%2BAE8BM0FINJ94L2zy%2B0%2BiKZTRA5zOyT1dv%2B1IscsNMqxSLCu2LL0sSQl%2BxupMW%2FuV%2Faxy5Z%2BskDPc3WbZon3EUtbvtESuL8NZ9XSQKEXqQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 83cf7209fcdd41df-EWR
alt-svc: h3=":443"; ma=86400
expires: Sat, 28 Dec 2024 03:38:07 GMT

GET
H3 200 aicp.min.js Show response
www.freedidi.com/wp-content/plugins/ad-invalid-click-protector/assets/js/ 777 B
913 B 16ms
16ms Script
application/javascript 2606:4700:20::681a:52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freedidi.com/wp-content/plugins/ad-invalid-click-protector/assets/js/aicp.min.js?ver=1.0
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e0a52e09f6a82103811fb05011f1487605df55d406ecaad89c68999d67f8ae0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/9982.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 04:54:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 30 Oct 2023 03:17:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 78
etag: W/"653f2055-309"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2TLUYRby9ABzfHzaJVtnyakVjz9rl2ew8nruw3AMhh5%2Bdi5wLeevlH2TmI0ULnHjUp1c5N2EPX33SPfWZMDQWr13J4rXcRZT3LcQauUC5vmSuygwYRYJzXy%2BkiPT50rdPR7MlHocD2ipmyqqUsI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 83cf7209fce041df-EWR
alt-svc: h3=":443"; ma=86400
expires: Sat, 28 Dec 2024 03:38:07 GMT

GET
H3 200 jquery.fitvids.js Show response
www.freedidi.com/wp-content/themes/gridzone/js/ 2 KB
1 KB 13ms
11ms Script
application/javascript 2606:4700:20::681a:52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freedidi.com/wp-content/themes/gridzone/js/jquery.fitvids.js?ver=6.4.2
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38f8ac0374c2bb1477727fda495437bb1093ebc4ea905138540bbaa35f5dbf6f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/9982.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 04:54:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78
cf-polished: origSize=3303
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 30 Oct 2023 02:19:31 GMT
server: cloudflare
etag: W/"653f12b3-ce7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=labYJkhPrHK7aqj42aKWd3vSiBa8HbTWVGfny%2FlmNEIt3vGt5CFVNruED7mfKjawGlqsXjW5W2JmHcSVuLJfwmUsnyKySuHi6gBXBF%2BWLsxnda72b%2FxByIOsl8EeZBfe6inbAxpjJFy2DTO8bt8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 83cf720a1cf141df-EWR
expires: Sat, 28 Dec 2024 03:33:54 GMT

GET
H3 200 jq-sticky-anything.min.js Show response
www.freedidi.com/wp-content/themes/gridzone/js/ 5 KB
2 KB 19ms
17ms Script
application/javascript 2606:4700:20::681a:52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freedidi.com/wp-content/themes/gridzone/js/jq-sticky-anything.min.js?ver=6.4.2
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f134232a9a19dd6ab40fd09f335cb368f4441e2573462dea23b6201274d0b70b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/9982.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 04:54:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 30 Oct 2023 02:19:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 78
etag: W/"653f12b3-12ce"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=twHEnU4vTmTN2Zm51XraVmHwBgYt30VghzgtX2%2BIb78F4h6EIy7IIg9Jo0nGvBrCkSKDEn1vh8Wt5rGeRNE%2FV9eRdVSoH76lozjmyF1DbhKAvUWQPvv1J0otYgb8VUNMdN8BFGLio7ZjdJHksxA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 83cf720a1cf241df-EWR
alt-svc: h3=":443"; ma=86400
expires: Sat, 28 Dec 2024 03:41:09 GMT

GET
H3 200 imagesloaded.pkgd.min.js Show response
www.freedidi.com/wp-content/themes/gridzone/js/ 5 KB
2 KB 14ms
12ms Script
application/javascript 2606:4700:20::681a:52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freedidi.com/wp-content/themes/gridzone/js/imagesloaded.pkgd.min.js?ver=6.4.2
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a65b0ca177f1c0433c0ead611692521c23e6668846a2861fedc09ae11416ffc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/9982.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 04:54:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 30 Oct 2023 02:19:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 78
etag: W/"653f12b3-15e0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X66J73A1VVUmNLLMR%2FccRUmLPJHzjLo15BXU4uNZX2IHPl6xGPBngz2SAkCrAtCinPPcJpIXpLP0VOy6w0YiFTfNC7peJ18%2B1BWN%2BL0gY6XodQ%2BEZMMZvTYWxnEX0IiXr8pDGF5F1%2BThAStib54%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 83cf720a1cf341df-EWR
alt-svc: h3=":443"; ma=86400
expires: Sat, 28 Dec 2024 03:39:48 GMT

GET
H3 200 masonry.pkgd.min.js Show response
www.freedidi.com/wp-content/themes/gridzone/js/ 24 KB
8 KB 16ms
14ms Script
application/javascript 2606:4700:20::681a:52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freedidi.com/wp-content/themes/gridzone/js/masonry.pkgd.min.js?ver=6.4.2
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c7b3ed32991df7fecd94925de903446f7c1257bfeb042cb0b798749e242c559

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/9982.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 04:54:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 30 Oct 2023 02:19:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 78
etag: W/"653f12b3-5e2f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8aPr8egsB7TueNBp7%2F68MAdELwgTySbyk3iZj1quWrgtbkQZ4DTtwdB6TtHs874w3INtBlUfpMM%2F2yZ2pl872zvL33B9flC%2BvAR2n7xQrha%2BX6AfDJCynt2qECHJWbA4xxKJik6RAd94S3G8iJc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 83cf720a1cf441df-EWR
alt-svc: h3=":443"; ma=86400
expires: Sat, 28 Dec 2024 03:36:45 GMT

GET
H3 200 scripts.js Show response
www.freedidi.com/wp-content/themes/gridzone/js/ 3 KB
2 KB 14ms
12ms Script
application/javascript 2606:4700:20::681a:52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freedidi.com/wp-content/themes/gridzone/js/scripts.js?ver=6.4.2
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b91fec19f11ef218903a68021aa6b55478e75240f6f7852602d63077e3348b3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/9982.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 04:54:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78
cf-polished: origSize=5862
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 30 Oct 2023 02:19:31 GMT
server: cloudflare
etag: W/"653f12b3-16e6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ScpILnfxLWwage3cVNCDvB2wTmsjG7%2Bn6tFeZI%2Bl0pARLVm9yOk9pCUzuwWEPHZ2RC6lJnVDiMWJHLK4X5OJBUoDS2snUsknP1C5rnxf%2FJvHXIHauCkWhCulPnRC592P6U78FAHEKRg7gpuLi24%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 83cf720a1cf541df-EWR
expires: Sat, 28 Dec 2024 03:37:53 GMT

GET
H3 200 nav.js Show response
www.freedidi.com/wp-content/themes/gridzone/js/ 5 KB
2 KB 18ms
16ms Script
application/javascript 2606:4700:20::681a:52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freedidi.com/wp-content/themes/gridzone/js/nav.js?ver=1698632371
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 628e67872505d5c4a47de882844a6c7af2923f9c486a95faab3114499f04da67

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/9982.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 04:54:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78
cf-polished: origSize=9107
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 30 Oct 2023 02:19:31 GMT
server: cloudflare
etag: W/"653f12b3-2393"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eMdet8DeR2nADXvrSoTj22v0dh3GkWCd%2BVNHsV6ndkDsQ%2BLRyIkeuc%2Bj2GwSw86Ny6BahyZAg4uaZfHADio7S6IryslBAyamCMmUHxdFqnmB%2F%2BwGhoW454wMqaGbR6491w3iQIjJXwhOh0WpaaY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 83cf720a1cf641df-EWR
expires: Sat, 28 Dec 2024 03:39:49 GMT

GET
H3 200 enlighterjs.min.js Show response
www.freedidi.com/wp-content/plugins/enlighter/cache/ 62 KB
18 KB 21ms
18ms Script
application/javascript 2606:4700:20::681a:52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freedidi.com/wp-content/plugins/enlighter/cache/enlighterjs.min.js?ver=NhS9nIl+CGoyT1V
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2d31599822dae1353d655633c6dbd9454ef2138d172798f4a91119eedd6d89d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/9982.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 04:54:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 27 Dec 2023 15:06:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 78
etag: W/"658c3d92-f756"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hzFbVugrT1yNRDAFCXqowVCsHOZZt%2FJP%2BAcLFtW8%2BAoxsTSSN2u84K%2FMAH8GTFGpVNReOlZ3OhAXvN7CZk66kamS9jaYB0NkH%2FPz29%2BKrzbakx353Q%2FL0sfZTXmFjtczbSdwyDiCj%2F8Kbx9q4xY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 83cf720a1cf741df-EWR
alt-svc: h3=":443"; ma=86400
expires: Sat, 28 Dec 2024 03:08:50 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 103ms
57ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://www.freedidi.com/
Origin: https://www.freedidi.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 04:54:30 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 83cf720a6fde436f-EWR

GET
BLOB 200
OK 4523b49c-618c-453c-afd7-282d80c8f480
https://www.freedidi.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.freedidi.com/4523b49c-618c-453c-afd7-282d80c8f480
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 27ms
3ms Font
font/woff2 2607:f8b0:4006:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C300italic%2C300%2C400italic%2C700&subset=latin%2Clatin-ext&ver=6.4.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.freedidi.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 04:14:19 GMT
x-content-type-options: nosniff
age: 175211
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Dec 2024 04:14:19 GMT

GET
H3 200 fa-regular-400.woff2
www.freedidi.com/wp-content/themes/gridzone/fonts/ 24 KB
24 KB 22ms
21ms Font
font/woff2 2606:4700:20::681a:52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freedidi.com/wp-content/themes/gridzone/fonts/fa-regular-400.woff2
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/wp-content/themes/gridzone/fonts/all.min.css?ver=6.4.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9169d8be7a8177e5a92a4d04b6de7f6504b938573bf4da5889871c4f376d3849

Request headers

Referer: https://www.freedidi.com/wp-content/themes/gridzone/fonts/all.min.css?ver=6.4.2
Origin: https://www.freedidi.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 04:54:30 GMT
cf-cache-status: HIT
last-modified: Mon, 30 Oct 2023 02:19:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 17619
etag: "653f12b3-5fa8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JOozCg78QCiVPN8Lc9QPXWvuKu00yH4eIVitEfziDarBgv8SjbvIbctOj7SqCnWyuwVJ9Hsgaw%2F6s0LOSKX3f%2F2EpoU%2FPJC5qvmPuMzTMR3SEFfiSH54VY4VW4GzMADKyGSJyvFP2lC6pCLOohI%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 83cf720a1cfb41df-EWR
alt-svc: h3=":443"; ma=86400
content-length: 24488

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 29ms
6ms Font
font/woff2 2607:f8b0:4006:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C300italic%2C300%2C400italic%2C700&subset=latin%2Clatin-ext&ver=6.4.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.freedidi.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 03:48:51 GMT
x-content-type-options: nosniff
age: 176739
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Dec 2024 03:48:51 GMT

GET
H3 200 pre.png
www.freedidi.com/wp-content/themes/gridzone/img/ 66 B
632 B 28ms
27ms Image
image/webp 2606:4700:20::681a:52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.freedidi.com/wp-content/themes/gridzone/img/pre.png
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/wp-content/themes/gridzone/style.css?ver=6.4.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc5cb6b617fe0620b3ddcbe396776094fbc6e1f074001acb4b6da3a7607c8769

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/wp-content/themes/gridzone/style.css?ver=6.4.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 04:54:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1280
cf-polished: origFmt=png, origSize=72
content-disposition: inline; filename="pre.webp"
alt-svc: h3=":443"; ma=86400
content-length: 66
cf-bgj: imgq:85,h2pri
last-modified: Mon, 30 Oct 2023 02:19:31 GMT
server: cloudflare
etag: "653f12b3-48"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gANnH6hVNqwNglqyDj9S70GQSLMAwZ1oqL8dDvpE60MBt1bK%2FSrOYL9vqUFzdbNHp4fkHMdFMNwRHhY3ao92QxFuFyK%2BXbcGvLYDFGYONI2OAytMbSJeGYFn45enFYPmJfQ6usRE2G4WmVtFnJY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83cf720a5d4441df-EWR
expires: Fri, 27 Dec 2024 18:33:15 GMT

GET
H3 200 image-gradient.png
www.freedidi.com/wp-content/themes/gridzone/img/ 184 B
764 B 27ms
26ms Image
image/webp 2606:4700:20::681a:52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.freedidi.com/wp-content/themes/gridzone/img/image-gradient.png
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/wp-content/themes/gridzone/style.css?ver=6.4.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8315926271732f097bfa8aa96f8132b40f0a038b24ebd0d0b6b35c05423eaf91

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/wp-content/themes/gridzone/style.css?ver=6.4.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 04:54:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78
cf-polished: origFmt=png, origSize=1690
content-disposition: inline; filename="image-gradient.webp"
alt-svc: h3=":443"; ma=86400
content-length: 184
cf-bgj: imgq:85,h2pri
last-modified: Mon, 30 Oct 2023 02:19:31 GMT
server: cloudflare
etag: "653f12b3-69a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eFS%2FpT5J7YyVfaDWkS%2B6ge%2FFUrc7%2FEodiPqVjlTszaRbE7fe7iWRTg4xnlLNWDvwLz4pEHesFqbSC5d1t62acw%2F%2BZyySca3qpG7js45B7N%2FplzD1sqvdUoLBcbt2lpf6VB%2BKmhoyVPQucwOPKT4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83cf720a6d4e41df-EWR
expires: Sat, 28 Dec 2024 03:41:10 GMT

GET
H3 200 fa-solid-900.woff2
www.freedidi.com/wp-content/themes/gridzone/fonts/ 147 KB
147 KB 24ms
24ms Font
font/woff2 2606:4700:20::681a:52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freedidi.com/wp-content/themes/gridzone/fonts/fa-solid-900.woff2
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/wp-content/themes/gridzone/fonts/all.min.css?ver=6.4.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 886c86112a804ef1ddd1cb206af4c8c40e34b73c26652ca231404aa35a6b30d9

Request headers

Referer: https://www.freedidi.com/wp-content/themes/gridzone/fonts/all.min.css?ver=6.4.2
Origin: https://www.freedidi.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 04:54:30 GMT
cf-cache-status: HIT
last-modified: Mon, 30 Oct 2023 02:19:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 17619
etag: "653f12b3-24a04"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pkM7TR28hvRkcAzcQQLvX9MgTXhuEqqIK%2B2mIFuuY5PjqUdRRi29gumJPU71bEjUGsSZt1Iu8qLk02zYLYMIedtSunVdjnRQBOWF6vmmL9nYLdEhGQiMIm3sHNXqZA3ZHlL32uO1MdQgWjhAvss%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 83cf720a6d5441df-EWR
alt-svc: h3=":443"; ma=86400
content-length: 150020

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 20ms
19ms Font
font/woff2 2607:f8b0:4006:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C300italic%2C300%2C400italic%2C700&subset=latin%2Clatin-ext&ver=6.4.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.freedidi.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:28:28 GMT
x-content-type-options: nosniff
age: 217562
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Dec 2024 16:28:28 GMT

GET
H3 200 fa-brands-400.woff2
www.freedidi.com/wp-content/themes/gridzone/fonts/ 107 KB
108 KB 46ms
46ms Font
font/woff2 2606:4700:20::681a:52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freedidi.com/wp-content/themes/gridzone/fonts/fa-brands-400.woff2
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/wp-content/themes/gridzone/fonts/all.min.css?ver=6.4.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: faae6fc0aa94cc5bde5076647c817a23206096a1cbeda10d1c6f3d89d6163ed1

Request headers

Referer: https://www.freedidi.com/wp-content/themes/gridzone/fonts/all.min.css?ver=6.4.2
Origin: https://www.freedidi.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 04:54:30 GMT
cf-cache-status: HIT
last-modified: Mon, 30 Oct 2023 02:19:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 9031
etag: "653f12b3-1acf0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wRnRrWQIaoTtZk3PBDqFDlfDLLgfKz0tLibFwt3bZ7KBwPPe7YzimT%2BYLGtfqXXBCjBjBs9iVBkzWT0w5e8tfGEICdR0rUv3LiUuYv9fVJ0RIbWO27iA7QYepnrXoobWLSjRRCYqlXWyWjiWK%2BI%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 83cf720a6d5541df-EWR
alt-svc: h3=":443"; ma=86400
content-length: 109808

GET
H3 200 onur-binay-aJE97FULn_g-unsplash-520x347.jpg
www.freedidi.com/wp-content/uploads/2022/04/ 37 KB
37 KB 99ms
97ms Image
image/webp 2606:4700:20::681a:52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.freedidi.com/wp-content/uploads/2022/04/onur-binay-aJE97FULn_g-unsplash-520x347.jpg
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f0eb978add69be94d793fad4adf6f51e827dc388cb5042dce2e8bfd8810a13b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/9982.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 04:54:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: qual=85, origFmt=jpeg, origSize=43578
content-disposition: inline; filename="onur-binay-aJE97FULn_g-unsplash-520x347.webp"
alt-svc: h3=":443"; ma=86400
content-length: 37538
cf-bgj: imgq:85,h2pri
last-modified: Sat, 23 Apr 2022 00:32:46 GMT
server: cloudflare
etag: "6263492e-aa3a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9e%2BaNiOvs%2FUNbttuZhjXUP%2FAih1zru8g4sYI8uATZhUOtT7%2Fp4VU%2BdsYfVA5UBlVFHXUFptxvPlHl2gGH1TR0jjCfIhnfQVkmnJulJ5VrYxF0EQtLRLqomqtFhkgtQ6%2BnKrRUO4VPLTmmibR77w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83cf720abd9141df-EWR
expires: Sat, 28 Dec 2024 04:12:05 GMT

GET
H3 200 %E5%85%A8%E7%90%83%E6%8E%92%E5%90%8D5%E7%9A%84VPN-520x347.png
www.freedidi.com/wp-content/uploads/2020/07/ 192 KB
193 KB 89ms
87ms Image
image/webp 2606:4700:20::681a:52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.freedidi.com/wp-content/uploads/2020/07/%E5%85%A8%E7%90%83%E6%8E%92%E5%90%8D5%E7%9A%84VPN-520x347.png
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56827563224805984bf17e7cdc536d05ba2fc9e969426508a4d0772c8a6d83cc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/9982.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 04:54:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=307790
content-disposition: inline; filename="%E5%85%A8%E7%90%83%E6%8E%92%E5%90%8D5%E7%9A%84VPN-520x347.webp"
alt-svc: h3=":443"; ma=86400
content-length: 197086
cf-bgj: imgq:85,h2pri
last-modified: Sun, 27 Jun 2021 23:28:50 GMT
server: cloudflare
etag: "60d909b2-4b24e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V6to40LxZVEde9mzpLesPwj1kNT4S3sVvSBl7PwGsaY%2BJczINoI3u%2BCdl6BjWnJC6xmPgt86%2BG7xG7DqCAPT79IhJvsXWY0Um%2Fd5C552RjGZEIjwnMx1ydjTLfBRTcKoU5Uv8ogaZsu5CtgxZ7Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83cf720abd9241df-EWR
expires: Sat, 28 Dec 2024 03:48:20 GMT

GET
H3 200 vultr.png
www.freedidi.com/wp-content/uploads/2017/ 23 KB
24 KB 16ms
15ms Image
image/webp 2606:4700:20::681a:52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.freedidi.com/wp-content/uploads/2017/vultr.png
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e0d206383593c6a65df277c26e7ff38ec7273b2ac5958a51cda444202427204

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/9982.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 04:54:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13721
cf-polished: origFmt=png, origSize=30219
content-disposition: inline; filename="vultr.webp"
alt-svc: h3=":443"; ma=86400
content-length: 23994
cf-bgj: imgq:85,h2pri
last-modified: Sun, 18 Oct 2020 14:40:52 GMT
server: cloudflare
etag: "5f8c53f4-760b"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kBZg9pQYgtNUSvCHPXTkgXYVs4Zs8jExbmrmfBfi9Ehy3KRglB5WH3h7E8R3Flqi8VwO%2BeoWVTs2rr9H%2FiceRcKNyVGcgF5mRVPBQX2SAusODFK82ubZooYer7piAaQmtP3%2BcR0DgOcmlNbhWWg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83cf720abd9341df-EWR
expires: Fri, 27 Dec 2024 22:38:39 GMT

GET
H3 200 logo-2.png
www.freedidi.com/wp-content/uploads/ 16 KB
16 KB 17ms
15ms Image
image/webp 2606:4700:20::681a:52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.freedidi.com/wp-content/uploads/logo-2.png
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 814e3cdad59610fb46160dc8695198f003b3932fac3e14671efd32eff5d15b0b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/9982.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 04:54:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6812
cf-polished: origFmt=png, origSize=25899
content-disposition: inline; filename="logo-2.webp"
alt-svc: h3=":443"; ma=86400
content-length: 15946
cf-bgj: imgq:85,h2pri
last-modified: Tue, 26 Jul 2022 16:28:58 GMT
server: cloudflare
etag: "62e0164a-652b"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7qVTuNp2TP5zJdO5RYCorwuvHDMiVGYX8j6TDCyV8FMmlDTp20H9Z0nPXOpxmeklEU61lMX5o3uE8zxJNmPjU3aapGID4Ku8D543871gtODt1kQQImNFCz6WYxVKFOi5KUgZxEbbQPXJM85krCg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83cf720abd9441df-EWR
expires: Sat, 28 Dec 2024 02:01:07 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 399 KB
135 KB 73ms
62ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3907260628152818

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

74e902da7510e538e4949ad6e725dcf9e987381e9b2b565b9249c659e85f9d0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 04:54:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137920
x-xss-protection: 0
server: cafe
etag: 10942279955400410868
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Dec 2023 04:54:30 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame FFBB 9 KB
4 KB 64ms
12ms Document
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3907260628152818

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.freedidi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 16158
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Dec 2023 00:25:13 GMT
etag: 5585625838579639069
expires: Fri, 12 Jan 2024 00:25:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 wp-emoji-release.min.js Show response
www.freedidi.com/wp-includes/js/ 18 KB
5 KB 13ms
12ms Script
application/javascript 2606:4700:20::681a:52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freedidi.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/9982.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 04:54:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 02 Feb 2023 00:53:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 75
etag: W/"63db0985-4904"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a5vHaqF6XvExq2E%2F5kYLQ2t8OM9WkPFV%2BqzD3aSWWpw3%2BgQOTKilNG6CHn%2BeMLd8oyBajMhprum94vIAFucHcElTmE66ApSN7x6wKVrvE4sJmSC4bVAptVeCypqCSucYESzrMPao9G18BbY4PwA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 83cf720bde8141df-EWR
alt-svc: h3=":443"; ma=86400
expires: Sat, 28 Dec 2024 03:51:53 GMT

GET
H3

200

main.js Show response
www.freedidi.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/ Frame 6691
Redirect Chain

https://www.freedidi.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.freedidi.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

7 KB
4 KB

12ms
12ms

Script
application/javascript

2606:4700:20::681a:52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.freedidi.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

Requested by

Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html

Protocol

Server

2606:4700:20::681a:52 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e042723e769b7fb1ce1611948e8d568581aac38ee21c44896d1ac430b454d54

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 04:54:31 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E3547yIqDZX9xXDJdgPNpX3agXJQGyugLLouHscuOaHKG4BGf2TyiRcYXqrJKsNPoXCuErHmW1Ics5pxlqpdwirN1616bBpZAqrhWaXsW0q1jv8UhlLJZ9Z3tdrIleg8YE8B%2FTUhmIPbFwotaPA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 83cf720cef5841df-EWR
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Fri, 29 Dec 2023 04:54:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2FQ1J33Gs2ECuG6UCbZbKU5Ga%2FUcJGP9n3Srn4CKTGQRruq88%2Fgnu8VmSwqL6N9IQZg4IwKeWTVFwSbxVsjgS4ptenyFK1YKs7J%2FDdsTfrOb4pX374FTwlxhKUiLbjQNmiKf7Z1qzNjdkl92btM%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
cache-control: max-age=300, public
cf-ray: 83cf720bde8241df-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 AGSKWxXkr2Dl-T_5XBwj5FHw99tV3xla-aoi70WP3FTG0PZBYRXgXlWmWmEwF5fgyoidzUfqRJZIOCu5GbGhGEWuybUdtF4RljQ6oPKjyu9pisRQ0XOd7qCUPTojiHOoUSEbgBWwva-8kA== Show response
fundingchoicesmessages.google.com/f/ 13 KB
7 KB 63ms
63ms Script
application/javascript 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXkr2Dl-T_5XBwj5FHw99tV3xla-aoi70WP3FTG0PZBYRXgXlWmWmEwF5fgyoidzUfqRJZIOCu5GbGhGEWuybUdtF4RljQ6oPKjyu9pisRQ0XOd7qCUPTojiHOoUSEbgBWwva-8kA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAzODI1NjcxLDU0MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL3d3dy5mcmVlZGlkaS5jb20vOTk4Mi5odG1sIixudWxsLFtbOCwiVXZGQlFSMzRTNVUiXSxbOSwiZW4tVVMiXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMxTgAzZgX7fv5x3yC2FM5A7d8L4hw/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0b5da448cf6d21c91e38ccdb7aaaee83c560c308bc22896ddc306a64766e0f66

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-VEduw_HV6dZwNTi7u6EgVw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 04:54:31 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-VEduw_HV6dZwNTi7u6EgVw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9142 248 KB
57 KB 1015ms
1012ms Document
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3907260628152818&output=html&adk=1812271804&adf=3025194257&lmt=1703823125&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.freedidi.com%2F9982.html&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703825670953&bpp=8&bdt=436&idt=234&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=876683534106&frm=20&pv=2&ga_vid=780049610.1703825671&ga_sid=1703825671&ga_hid=830999351&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079437%2C95320884&oid=2&pvsid=1847314782874931&tmod=1403364271&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=268

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d731d7dc602d6386b68ab417632c047e3307366a91b7a5bdefc38b9ce82f6eb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.freedidi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 57886
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Dec 2023 04:54:32 GMT
expires: Fri, 29 Dec 2023 04:54:32 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 26ms
25ms Image
image/gif 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=sidebar%20s2%20group&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 04:54:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 26ms
25ms Image
image/gif 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=sidebar%20s2%20group&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 04:54:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FFB7 116 KB
32 KB 469ms
467ms Document
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3907260628152818&output=html&h=590&slotname=8860042738&adk=3730733119&adf=140651668&pi=t.ma~as.8860042738&w=1180&cr_col=4&cr_row=2&fwrn=2&lmt=1703823125&rafmt=9&format=1180x590&url=https%3A%2F%2Fwww.freedidi.com%2F9982.html&ea=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703825670961&bpp=2&bdt=445&idt=268&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=876683534106&frm=20&pv=1&ga_vid=780049610.1703825671&ga_sid=1703825671&ga_hid=830999351&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=100&ady=3138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079437%2C95320884&oid=2&pvsid=1847314782874931&tmod=1403364271&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=275

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

837ab14bf00664ef0349917ae297de643e6db03ecac082270c09cc26178c3d7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.freedidi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 32795
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Dec 2023 04:54:31 GMT
expires: Fri, 29 Dec 2023 04:54:31 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 26B3 46 KB
11 KB 447ms
442ms Document
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3907260628152818&output=html&h=600&slotname=8121676132&adk=1871830121&adf=2363148817&pi=t.ma~as.8121676132&w=220&fwrn=4&fwrnh=100&lmt=1703823125&rafmt=1&format=220x600&url=https%3A%2F%2Fwww.freedidi.com%2F9982.html&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703825670963&bpp=1&bdt=447&idt=278&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1180x590&nras=1&correlator=876683534106&frm=20&pv=1&ga_vid=780049610.1703825671&ga_sid=1703825671&ga_hid=830999351&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1340&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079437%2C95320884&oid=2&pvsid=1847314782874931&tmod=1403364271&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=283

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e88d00da89f0f486d9d18addabae7a20a74ca61e0907186dae22e485883c9a95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.freedidi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-expose-headers: x-google-amp-ad-validated-version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 11288
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Dec 2023 04:54:31 GMT
expires: Fri, 29 Dec 2023 04:54:31 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C5EA 720 B
381 B 273ms
272ms Document
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3907260628152818&output=html&h=280&slotname=8121676132&adk=2110978461&adf=1795251393&pi=t.ma~as.8121676132&w=1200&fwrn=4&fwrnh=100&lmt=1703823125&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.freedidi.com%2F9982.html&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703825670965&bpp=1&bdt=448&idt=320&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1180x590%2C220x600&nras=1&correlator=876683534106&frm=20&pv=1&ga_vid=780049610.1703825671&ga_sid=1703825671&ga_hid=830999351&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=3974&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079437%2C95320884&oid=2&pvsid=1847314782874931&tmod=1403364271&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=323

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

363998745ac9f99a116e10ae08665db2ac6161478b235402a4325fca3967fef3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.freedidi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 357
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Dec 2023 04:54:31 GMT
expires: Fri, 29 Dec 2023 04:54:31 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 83cf72080aa38c89 Show response
www.freedidi.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 6691 0
556 B 25ms
23ms XHR
text/plain 2606:4700:20::681a:52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freedidi.com/cdn-cgi/challenge-platform/h/g/jsd/r/83cf72080aa38c89
Requested by: Host: www.freedidi.com
URL: https://www.freedidi.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 29 Dec 2023 04:54:31 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AIqoU5NX%2Be7jR7FjJoWwzwTwj9oEgWfFWs2nSC2qba0aMk5gAGqzey8gO3obYiolp%2FKR4tVWr5W2xkKT0s6mxMvom4pnSJ1T%2FZFIgECYXAsWs9MyV8s1MTYF72yC2kgi7Yaw5dv4vUQEoiJ%2FZak%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 83cf720e485941df-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310301456000/ Frame F7CC 196 KB
56 KB 89ms
16ms Script
text/javascript 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3907260628152818&output=html&h=600&slotname=8121676132&adk=1871830121&adf=2363148817&pi=t.ma~as.8121676132&w=220&fwrn=4&fwrnh=100&lmt=1703823125&rafmt=1&format=220x600&url=https%3A%2F%2Fwww.freedidi.com%2F9982.html&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703825670963&bpp=1&bdt=447&idt=278&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1180x590&nras=1&correlator=876683534106&frm=20&pv=1&ga_vid=780049610.1703825671&ga_sid=1703825671&ga_hid=830999351&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1340&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079437%2C95320884&oid=2&pvsid=1847314782874931&tmod=1403364271&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=283

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 22 Dec 2023 20:11:10 GMT
age: 549801
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56081
x-xss-protection: 0
server: sffe
etag: "6a17d296884b026a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 21 Dec 2024 20:11:10 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame F7CC 15 KB
5 KB 118ms
45ms Script
text/javascript 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 23 Dec 2023 00:00:36 GMT
age: 536035
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "0b7142e00666043e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 22 Dec 2024 00:00:36 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame F7CC 95 KB
29 KB 114ms
41ms Script
text/javascript 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 23 Dec 2023 05:20:38 GMT
age: 516833
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29077
x-xss-protection: 0
server: sffe
etag: "7b1f1965b6cd6fda"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 22 Dec 2024 05:20:38 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame F7CC 5 KB
2 KB 112ms
40ms Script
text/javascript 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 23 Dec 2023 07:38:24 GMT
age: 508567
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "5b0a82507b260c6e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 22 Dec 2024 07:38:24 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame F7CC 40 KB
13 KB 108ms
37ms Script
text/javascript 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 23 Dec 2023 16:05:30 GMT
age: 478141
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "9817e561a46c70fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 22 Dec 2024 16:05:30 GMT

GET
DATA 200
OK truncated
/ Frame F7CC 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6e04d59b6414d076dc9f4c00daad1a2b7225767e2f09f9a0afc099e293efce41

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Grammar_check_Animated_4__1_.gif
tpc.googlesyndication.com/sadbundle/2106353951716554142/ Frame F7CC 40 KB
41 KB 26ms
7ms Image
image/gif 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/2106353951716554142/Grammar_check_Animated_4__1_.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ce7b25cdce25699bdf4d8f7a4b099782ed5db3ba8367854bbaec7a5d7d415a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Thu, 26 Dec 2024 04:36:15 GMT
date: Wed, 27 Dec 2023 04:36:15 GMT
x-content-type-options: nosniff
age: 173896
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41318
x-xss-protection: 0
last-modified: Fri, 23 Jul 2021 23:11:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 zh_cn.png
tpc.googlesyndication.com/pagead/images/abg/ Frame F7CC 3 KB
3 KB 27ms
9ms Image
image/png 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_cn.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b287987abdcc38e98f8d96f5fcff98d98460c0002b2fec0f0b625b77f2948055

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 01:21:04 GMT
x-content-type-options: nosniff
server: cafe
age: 12807
etag: 12051390396603846657
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3217
x-xss-protection: 0
expires: Sat, 30 Dec 2023 01:21:04 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame F7CC 344 B
474 B 26ms
8ms Image
image/png 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 20:03:50 GMT
x-content-type-options: nosniff
server: cafe
age: 31841
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Fri, 29 Dec 2023 20:03:50 GMT

GET
H2 200 e21910fd923a6283b5d44b2382eabc86.js Show response
www.gstatic.com/mysidia/ Frame FFB7 9 KB
4 KB 68ms
19ms Script
text/javascript 2607:f8b0:4020:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e21910fd923a6283b5d44b2382eabc86.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3907260628152818&output=html&h=590&slotname=8860042738&adk=3730733119&adf=140651668&pi=t.ma~as.8860042738&w=1180&cr_col=4&cr_row=2&fwrn=2&lmt=1703823125&rafmt=9&format=1180x590&url=https%3A%2F%2Fwww.freedidi.com%2F9982.html&ea=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703825670961&bpp=2&bdt=445&idt=268&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=876683534106&frm=20&pv=1&ga_vid=780049610.1703825671&ga_sid=1703825671&ga_hid=830999351&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=100&ady=3138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079437%2C95320884&oid=2&pvsid=1847314782874931&tmod=1403364271&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=275

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 03:56:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 521872
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4064
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 22 Mar 2024 03:56:39 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame FFB7 2 KB
903 B 14ms
6ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:57:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39419
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 17:57:32 GMT

GET
H2 200 50459845d1cbd526a76ea757de42d266.js Show response
www.gstatic.com/mysidia/ Frame FFB7 23 KB
10 KB 65ms
18ms Script
text/javascript 2607:f8b0:4020:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/50459845d1cbd526a76ea757de42d266.js?tag=exit_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9caffafcdae7b42e3d074103c18a33640d4edf81401c216e99dbb77a15dfa511

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:26:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 498510
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9842
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 22 Mar 2024 10:26:01 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame FFB7 23 KB
9 KB 6ms
5ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:07:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42451
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 17:07:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame FFB7 3 KB
1 KB 5ms
3ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:07:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42431
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 17:07:20 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame FFB7 20 KB
9 KB 13ms
5ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:07:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42431
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 17:07:20 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame FFB7 203 KB
65 KB 96ms
37ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 04:54:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Dec 2023 04:54:31 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/5425271705813892699/ Frame FFB7 49 KB
49 KB 5ms
4ms Image
image/jpeg 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5425271705813892699/14763004658117789537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d6314629d72c154c855b64ae523badd743cfeeece9d5f0a31a65eff7eb5878b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Thu, 26 Dec 2024 01:21:14 GMT
date: Wed, 27 Dec 2023 01:21:14 GMT
x-content-type-options: nosniff
age: 185597
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50355
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 20:55:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/14930764146640671789/ Frame FFB7 126 KB
126 KB 6ms
6ms Image
image/jpeg 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14930764146640671789/14763004658117789537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a57de6b380adbfe9c4a974f0164544c006afbce844bbae6fdb2b98f6fbd768b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 25 Dec 2024 12:31:08 GMT
date: Tue, 26 Dec 2023 12:31:08 GMT
x-content-type-options: nosniff
age: 231803
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129331
x-xss-protection: 0
last-modified: Sat, 25 Jun 2022 15:58:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame FFB7 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e63cec15757c256f17497b2d20747a0f3c8b56717dae9f4829c0485ed842a066

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012310301456000/ 23 KB
8 KB 13ms
12ms Script
text/javascript 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/amp4ads-host-v0.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02980cbd7a7a4e5fd4959cc281ee86d9d737f6257ab80c8f3b85a5eef9c31ddc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 22 Dec 2023 15:57:59 GMT
age: 564992
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7813
x-xss-protection: 0
server: sffe
etag: "1d4497e3d264bf30"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 21 Dec 2024 15:57:59 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame FFB7
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C1Oi8B1GOZYKwEKeA3rsPjpemsAjdrq2IdcKCz8uhEdrZHhABIOHv_ngoAmDJxqmLwKTYD6AB6f31zwPIAQaoAwHIAwKqBO4BT9ClV02rX-rhGHcsaqjftmbuppIFLxkXxFy5nb-DQONoyvm...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xaa226f381c91c6980000000000000000%22,%222%22:%220xb6cb5d3a5e2b4f2d0000000000000000%22,%223%22:%220xaf1009...

0
0

71ms
44ms

Fetch
text/css

172.217.13.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xaa226f381c91c6980000000000000000%22,%222%22:%220xb6cb5d3a5e2b4f2d0000000000000000%22,%223%22:%220xaf100929bce22fdc0000000000000000%22,%224%22:%220xba92ac2ba00961a00000000000000000%22,%225%22:%220xef2f8374b7c9e5a80000000000000000%22},%22debug_key%22:%229740412030026218999%22,%22debug_reporting%22:true,%22destination%22:%22https://favoritesearches.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22972914409%22],%2222%22:[%22true%22],%224%22:[%2212-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214184815870890241857%22}&andc=true

Requested by

Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html

Protocol

Server

172.217.13.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 04:54:32 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xaa226f381c91c6980000000000000000","2":"0xb6cb5d3a5e2b4f2d0000000000000000","3":"0xaf100929bce22fdc0000000000000000","4":"0xba92ac2ba00961a00000000000000000","5":"0xef2f8374b7c9e5a80000000000000000"},"debug_key":"9740412030026218999","debug_reporting":true,"destination":"https://favoritesearches.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["972914409"],"22":["true"],"4":["12-29"],"6":["true"]},"priority":"500","source_event_id":"14184815870890241857"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 29 Dec 2023 04:54:32 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 29 Dec 2023 04:54:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xaa226f381c91c6980000000000000000","2":"0xb6cb5d3a5e2b4f2d0000000000000000","3":"0xaf100929bce22fdc0000000000000000","4":"0xba92ac2ba00961a00000000000000000","5":"0xef2f8374b7c9e5a80000000000000000"},"debug_key":"9740412030026218999","debug_reporting":true,"destination":"https://favoritesearches.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["972914409"],"22":["true"],"4":["12-29"],"6":["true"]},"priority":"500","source_event_id":"14184815870890241857"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame FFB7
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C4Vm7B1GOZYKwEKeA3rsPjpemsAjptafqcczbzav7EGQQAiDh7_54KAJgycapi8Ck2A-gAZW2r54DyAEGqAMByAMCqgTwAU_Q-Fhmq1zq4Rh3LGqo37Zm7qaSBS8ZF8RcuZ2_g0DjaMr5oUf...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x27d32e7ab032ff4f0000000000000000%22,%222%22:%220x2e8a7875f50f78560000000000000000%22,%223%22:%220xc296c6...

0
0

73ms
44ms

Fetch
text/css

172.217.13.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x27d32e7ab032ff4f0000000000000000%22,%222%22:%220x2e8a7875f50f78560000000000000000%22,%223%22:%220xc296c6bb5d6686340000000000000000%22,%224%22:%220xf48bab78522225400000000000000000%22,%225%22:%220x920936928a76ffa0000000000000000%22},%22debug_key%22:%2212614604685715945510%22,%22debug_reporting%22:true,%22destination%22:%22https://avast.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22868997909%22],%2222%22:[%22true%22],%224%22:[%2212-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217149421164512247617%22}&andc=true

Requested by

Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html

Protocol

Server

172.217.13.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 04:54:32 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x27d32e7ab032ff4f0000000000000000","2":"0x2e8a7875f50f78560000000000000000","3":"0xc296c6bb5d6686340000000000000000","4":"0xf48bab78522225400000000000000000","5":"0x920936928a76ffa0000000000000000"},"debug_key":"12614604685715945510","debug_reporting":true,"destination":"https://avast.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["868997909"],"22":["true"],"4":["12-29"],"6":["true"]},"priority":"500","source_event_id":"17149421164512247617"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 29 Dec 2023 04:54:32 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 29 Dec 2023 04:54:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x27d32e7ab032ff4f0000000000000000","2":"0x2e8a7875f50f78560000000000000000","3":"0xc296c6bb5d6686340000000000000000","4":"0xf48bab78522225400000000000000000","5":"0x920936928a76ffa0000000000000000"},"debug_key":"12614604685715945510","debug_reporting":true,"destination":"https://avast.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["868997909"],"22":["true"],"4":["12-29"],"6":["true"]},"priority":"500","source_event_id":"17149421164512247617"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F7CC 0
23 B 52ms
51ms Image
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CNDlYB1GOZZiAEsbDxtYPieOGiA__wsSIdeeSq-q8Eb__uePXAhABIOHv_nhgycapi8Ck2A-gAf_bisgDyAEJqAMByAMIqgTpAU_Q-yN28rJPufStxsoCdqTn9Oe3rfdgAQNb0kiBRESbi9YO6Bk-BWxldlQjjq9rXDfZRCff2b3SBNf31KfrmFjH2gqJJ0GVigWxZYaQIWdg6y3QQFfe48-xrhJSGhlCEKOPkdmwNbiO_aJjixp94rJXMSKY8w8CKlxVxdkeRplZfSGqiQ9dcx5fgIA7Vb8x0AhMWmokwoQavrdNTqhx3j9mlkPWKmZ476o3O1zKMCuqSeJ3A7EN-maOOEQA9VyWmuN5s4ADrW_TbztLKUFVn1PfFliZhkSQoYtA_nk4WAjtKQx4udMmGB2OwAS_xvaWuwOIBZS_hJgskgUECAQYAZIFBAgFGASgBi6AB9HbraICqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQi5IR0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOljF65Wf7bODA5oJjgFodHRwczovL3d3dy5ncmFtbWFybHkuY29tL2E_dXRtX21lZGl1bT1jcGMmdXRtX3NvdXJjZT1nZG4mdXRtX2NhbXBhaWduPTExODYxNTY1MzMyJnV0bV9jb250ZW50PTY0MjQxNjY5MDI4MSZ1dG1fdGVybT13d3cuZnJlZWRpZGkuY29tJmRldmljZT1jgAoByAsBogwcKhoKGOS0sQLutbECtbixAuS0sQLutbECu7uxAtoMEAoKEPCby-HFure1bRICAQPYEwuIFAHQFQGAFwGyFxwKGggAEhRwdWItMzkwNzI2MDYyODE1MjgxOBgA&sigh=FR6DEDRZnp4&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSGwAvHhf_oXANvixJ9X1ORg5gHp8BDg91YVY2tRgB&template_id=419&cbvp=2

Requested by

Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3907260628152818&output=html&h=600&slotname=8121676132&adk=1871830121&adf=2363148817&pi=t.ma~as.8121676132&w=220&fwrn=4&fwrnh=100&lmt=1703823125&rafmt=1&format=220x600&url=https%3A%2F%2Fwww.freedidi.com%2F9982.html&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703825670963&bpp=1&bdt=447&idt=278&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1180x590&nras=1&correlator=876683534106&frm=20&pv=1&ga_vid=780049610.1703825671&ga_sid=1703825671&ga_hid=830999351&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1340&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079437%2C95320884&oid=2&pvsid=1847314782874931&tmod=1403364271&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=283
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 29 Dec 2023 04:54:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 29 Dec 2023 04:54:32 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 91ms
43ms Preflight
text/html 172.217.13.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 29 Dec 2023 04:54:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 88ms
42ms Preflight
text/html 172.217.13.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 29 Dec 2023 04:54:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 45ms
45ms Image
image/gif 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=8.570410106221358

Requested by

Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NsSqmsZM_7y7lRAWZuXQCw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 04:54:32 GMT
content-security-policy: script-src 'report-sample' 'nonce-NsSqmsZM_7y7lRAWZuXQCw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 44ms
44ms Image
image/gif 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=2.7434840357703028

Requested by

Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9hcMXvGom1cW9VCfEsGJrw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 04:54:32 GMT
content-security-policy: script-src 'report-sample' 'nonce-9hcMXvGom1cW9VCfEsGJrw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXJU8-jH-sCP9NxSLLZR0C_17FqOyGZBeVVSkIIDFFf3oxyEegbwG-fYeUa4QVZ1CDbx6p31TcRbFjZWFxOuidx2PZ6fnVSEg4d33YpRx6nQU1YcqnhX5YqCQLdMAk2ZbttfodT9w== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 71ms
43ms XHR
text/html 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXJU8-jH-sCP9NxSLLZR0C_17FqOyGZBeVVSkIIDFFf3oxyEegbwG-fYeUa4QVZ1CDbx6p31TcRbFjZWFxOuidx2PZ6fnVSEg4d33YpRx6nQU1YcqnhX5YqCQLdMAk2ZbttfodT9w==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TiHLN_F3dxOIR4V77xZC0g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.freedidi.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 29 Dec 2023 04:54:32 GMT
content-security-policy: script-src 'report-sample' 'nonce-TiHLN_F3dxOIR4V77xZC0g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.freedidi.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 35ms
35ms XHR
application/json 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

167568ed44ca0bd07fce71d3d71265ffa12334366a1cec3166558346027d546c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 04:54:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12209
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 160 KB
55 KB 34ms
34ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51ebbf675367a7d314d11c55b8faf3bb3a867ae5ae460aaa827ba83803b97b8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 04:54:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56001
x-xss-protection: 0
server: cafe
etag: 2271962874441362495
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Dec 2023 04:54:32 GMT

GET
H3 200 ca-pub-3907260628152818 Show response
fundingchoicesmessages.google.com/i/ 182 KB
60 KB 56ms
56ms Script
application/javascript 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-3907260628152818?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8fa1be0fb5b47a37ae08f2e1c92051d2a3ceea00d1915b5a33ac6f19bf80097c

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-yC5_C_bLGPYyYxIH2wuCKQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 04:54:32 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-yC5_C_bLGPYyYxIH2wuCKQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 rum Show response
www.freedidi.com/cdn-cgi/ 0
142 B 6ms
5ms XHR
text/plain 2606:4700:20::681a:52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.freedidi.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:52 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.freedidi.com/9982.html
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: application/json

Response headers

date: Fri, 29 Dec 2023 04:54:32 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.freedidi.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 83cf7213dd7041df-EWR

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 23ms
23ms Image
image/gif 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pflna&evt=place&vh=1200&eid=44759875%2C44759926%2C44759837%2C31079437%2C95320884&hl=zh-CN&pvc=1847314782874931

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 04:54:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 35ms
35ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 04:54:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 29 Dec 2023 04:54:32 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 0AC9 9 KB
4 KB 13ms
12ms Document
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.freedidi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 16311
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Dec 2023 00:22:41 GMT
etag: 5585625838579639069
expires: Fri, 12 Jan 2024 00:22:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9CD3 13 KB
5 KB 8ms
7ms Document
text/html 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.freedidi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 7747
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 29 Dec 2023 02:45:25 GMT
expires: Sat, 28 Dec 2024 02:45:25 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6969 829 B
1 KB 84ms
40ms Document
text/html 2607:f8b0:4020:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

451f143b689a77af9581f47b6ca7536d56c515a49fc0c78cb086c97debd3890c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TyfxqqtozsqMUOm4GPIN-Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.freedidi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-TyfxqqtozsqMUOm4GPIN-Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 29 Dec 2023 04:54:32 GMT
expires: Fri, 29 Dec 2023 04:54:32 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 css2
fonts.googleapis.com/ Frame 0AC9 4 KB
767 B 19ms
19ms Stylesheet
text/css 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 29 Dec 2023 04:54:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 29 Dec 2023 03:18:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 29 Dec 2023 04:54:32 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0AC9 205 B
519 B 14ms
12ms Image
image/png 2607:f8b0:4020:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 20:11:11 GMT
x-content-type-options: nosniff
age: 549801
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 21 Dec 2024 20:11:11 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0AC9 604 B
696 B 14ms
13ms Image
image/png 2607:f8b0:4020:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 11:53:01 GMT
x-content-type-options: nosniff
age: 493291
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 22 Dec 2024 11:53:01 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 0AC9 16 KB
7 KB 5ms
4ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 12:37:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58635
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6766
x-xss-protection: 0
server: cafe
etag: 14924840246271906451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 12:37:17 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 0AC9 22 KB
9 KB 6ms
5ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 12:37:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58635
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9210
x-xss-protection: 0
server: cafe
etag: 13914886398874665762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 12:37:17 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 9CD3 39 KB
15 KB 4ms
3ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 02:22:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9121
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 28 Dec 2024 02:22:31 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 759A 2 KB
480 B 20ms
19ms Stylesheet
text/css 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins%3A400%2C600

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e537bb0b81601eabcdc6dd4e2eb938917a7c6887765651882ec0ed5081c26c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 29 Dec 2023 04:54:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 29 Dec 2023 04:05:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 29 Dec 2023 04:54:32 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 759A 2 KB
822 B 4ms
4ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:57:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39420
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 17:57:32 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 759A 23 KB
9 KB 4ms
4ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:07:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42452
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 17:07:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 759A 3 KB
1 KB 5ms
3ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:07:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42432
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 17:07:20 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 759A 20 KB
8 KB 5ms
4ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:07:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42432
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 17:07:20 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 759A 203 KB
64 KB 52ms
51ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 04:54:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Dec 2023 04:54:32 GMT

GET
H3 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 759A 37 KB
15 KB 14ms
13ms Script
text/javascript 2607:f8b0:4020:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 11:46:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148068
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 26 Mar 2024 11:46:44 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6969 0
0 25ms
25ms Image
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=1847314782874931&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js Show response
pagead2.googlesyndication.com/bg/ Frame 79E8 51 KB
19 KB 4ms
4ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js

Requested by

Host: www.freedidi.com
URL: https://www.freedidi.com/9982.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e61a5274401d098ca96cd8b36e4030f75bcb644047b18cf0deb1f916c863f126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:48:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 216385
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19933
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Dec 2024 16:48:07 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9CD3 0
10 B 4ms
3ms Image
text/plain 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?vYgaLw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 04:54:32 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 frontale. Show response
fundingchoicesmessages.google.com/f/AGSKWxVnnmBumRvr6GxkqOp59XGl0e4ykGevkN4LkqhllnqEe6RGf44Fnlg6MkbxfMGlB0xoWoKMr8VuU2o093Y3OJAXT7QBJH3N8xisDpabwE4q4jjt0kZT8kMwEHpcXRUn7P7FJB-PtCHNyPm5zJ1GZNYBtPMMG... 54 B
109 B 46ms
46ms Script
application/javascript 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVnnmBumRvr6GxkqOp59XGl0e4ykGevkN4LkqhllnqEe6RGf44Fnlg6MkbxfMGlB0xoWoKMr8VuU2o093Y3OJAXT7QBJH3N8xisDpabwE4q4jjt0kZT8kMwEHpcXRUn7P7FJB-PtCHNyPm5zJ1GZNYBtPMMGl7G5DTJcarKx5kqJBZuuQS4z4_2F3Ap/_/square-ad._link_ads-_ad3./sponslink_/nb/frontale.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.UvFBQR34S5U.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMz3yAw6EdmQsjd3aj68pMJW_AFq6g/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b19117c47f0075f53d47620ceda1115e1032e6e7105a3d74171772237e4d2b91

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-5w06rBe9Kw5RI_gPd7WHCg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 04:54:32 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-5w06rBe9Kw5RI_gPd7WHCg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 30 KB
11 KB 4ms
3ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19d44854a4b979ec52fc326e1ba83ee2d8a3882dcbdf4c9ad74470eefce4e5f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 04:21:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1982
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11389
x-xss-protection: 0
server: cafe
etag: 13573587406519424940
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 29 Dec 2023 05:21:30 GMT

POST
H3 204 AGSKWxXJU8-jH-sCP9NxSLLZR0C_17FqOyGZBeVVSkIIDFFf3oxyEegbwG-fYeUa4QVZ1CDbx6p31TcRbFjZWFxOuidx2PZ6fnVSEg4d33YpRx6nQU1YcqnhX5YqCQLdMAk2ZbttfodT9w== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 44ms
44ms XHR
text/html 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXJU8-jH-sCP9NxSLLZR0C_17FqOyGZBeVVSkIIDFFf3oxyEegbwG-fYeUa4QVZ1CDbx6p31TcRbFjZWFxOuidx2PZ6fnVSEg4d33YpRx6nQU1YcqnhX5YqCQLdMAk2ZbttfodT9w==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BdaJbLu6aUUEmkYGDax3TA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.freedidi.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 29 Dec 2023 04:54:32 GMT
content-security-policy: script-src 'report-sample' 'nonce-BdaJbLu6aUUEmkYGDax3TA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.freedidi.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXJU8-jH-sCP9NxSLLZR0C_17FqOyGZBeVVSkIIDFFf3oxyEegbwG-fYeUa4QVZ1CDbx6p31TcRbFjZWFxOuidx2PZ6fnVSEg4d33YpRx6nQU1YcqnhX5YqCQLdMAk2ZbttfodT9w== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 45ms
44ms XHR
text/html 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXJU8-jH-sCP9NxSLLZR0C_17FqOyGZBeVVSkIIDFFf3oxyEegbwG-fYeUa4QVZ1CDbx6p31TcRbFjZWFxOuidx2PZ6fnVSEg4d33YpRx6nQU1YcqnhX5YqCQLdMAk2ZbttfodT9w==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uzCE6L8Ww026rJIBI7md0A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.freedidi.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 29 Dec 2023 04:54:32 GMT
content-security-policy: script-src 'report-sample' 'nonce-uzCE6L8Ww026rJIBI7md0A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.freedidi.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXJU8-jH-sCP9NxSLLZR0C_17FqOyGZBeVVSkIIDFFf3oxyEegbwG-fYeUa4QVZ1CDbx6p31TcRbFjZWFxOuidx2PZ6fnVSEg4d33YpRx6nQU1YcqnhX5YqCQLdMAk2ZbttfodT9w== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 44ms
44ms XHR
text/html 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXJU8-jH-sCP9NxSLLZR0C_17FqOyGZBeVVSkIIDFFf3oxyEegbwG-fYeUa4QVZ1CDbx6p31TcRbFjZWFxOuidx2PZ6fnVSEg4d33YpRx6nQU1YcqnhX5YqCQLdMAk2ZbttfodT9w==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-DYfXJG5lTjpbrtNNJNHy9w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.freedidi.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 29 Dec 2023 04:54:32 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-DYfXJG5lTjpbrtNNJNHy9w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.freedidi.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXJU8-jH-sCP9NxSLLZR0C_17FqOyGZBeVVSkIIDFFf3oxyEegbwG-fYeUa4QVZ1CDbx6p31TcRbFjZWFxOuidx2PZ6fnVSEg4d33YpRx6nQU1YcqnhX5YqCQLdMAk2ZbttfodT9w== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 44ms
43ms XHR
text/html 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXJU8-jH-sCP9NxSLLZR0C_17FqOyGZBeVVSkIIDFFf3oxyEegbwG-fYeUa4QVZ1CDbx6p31TcRbFjZWFxOuidx2PZ6fnVSEg4d33YpRx6nQU1YcqnhX5YqCQLdMAk2ZbttfodT9w==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_fYc4MR0N0-iMK9mds7RCA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.freedidi.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 29 Dec 2023 04:54:32 GMT
content-security-policy: script-src 'report-sample' 'nonce-_fYc4MR0N0-iMK9mds7RCA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.freedidi.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWVpP4t2dp5DkFPV6L0F40ME5nU34PMlxeMhopyGjxRv4M8dFegwbziNKt5cgCt_Vbvm4C0A2l2VAPRF3xgS2LDgHXv_d7t9URk66TyN-iOAnVzwte-N7QEQm0SJ_JQMh71Xxc3UA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
1 KB 59ms
59ms Script
application/javascript 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWVpP4t2dp5DkFPV6L0F40ME5nU34PMlxeMhopyGjxRv4M8dFegwbziNKt5cgCt_Vbvm4C0A2l2VAPRF3xgS2LDgHXv_d7t9URk66TyN-iOAnVzwte-N7QEQm0SJ_JQMh71Xxc3UA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAzODI1NjcyLDk0MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3LmZyZWVkaWRpLmNvbS85OTgyLmh0bWwiLG51bGwsW1s4LCJVdkZCUVIzNFM1VSJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdLFsxNywiWzBdIl0sWzE4LCJbW1swXV1dIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0bacaaa61a210a1bd3f1fbd7de6a1ce8efa6f94a923e9ea568450535848ca95f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-a-N36XMmzpVMr_rK8UAAZA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 04:54:32 GMT
content-security-policy: script-src 'report-sample' 'nonce-a-N36XMmzpVMr_rK8UAAZA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame F7CC 42 B
64 B 26ms
25ms Image
image/gif 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssaSpV24XUyiWMwwHEuAnagZnceyHn8-j6-yKs6_dOoa3v2EFn7V9CBeCLnHmZ7LTyt6VAu5xRaAE99YSTRs2EHGjZqOk7kqokucpSmyrQIyeFVy3fqSCblMmOknnFU9yvUrDLeCAsouqVgj6eWvxLN247w&sai=AMfl-YQ8UQtTZIWXXW3ITvbraG7iaAII_pQ4S9c45bj02DiAqZByWsqLktaIRnz1iBbvTrfGzZsQ2dDFcyhI&sig=Cg0ArKJSzCfJ3bYnHASYEAE&cid=CAQSGwAvHhf_oXANvixJ9X1ORg5gHp8BDg91YVY2tRgB&id=ampim&o=1340,170&d=220,440&ss=1600,1200&bs=1600,1200&mcvt=1007&mtos=0,0,1007,1007,1007&tos=0,0,1007,0,0&tfs=262&tls=1269&g=100&h=100&tt=1269&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 04:54:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUVSTQ_NYmooDTzMYlelfFr_LCQd0v_2XFTIZ6V_nOZhUkc91b1BGulxDm2PaoiZojfbCB5EWxgHvt8Gy1w6jUa6oPNiWMco2tW-8_u-1WNjiyIH6BpDv71jom_sG-Vjibn1Hp7lA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 55ms
54ms Script
application/javascript 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUVSTQ_NYmooDTzMYlelfFr_LCQd0v_2XFTIZ6V_nOZhUkc91b1BGulxDm2PaoiZojfbCB5EWxgHvt8Gy1w6jUa6oPNiWMco2tW-8_u-1WNjiyIH6BpDv71jom_sG-Vjibn1Hp7lA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAzODI1NjczLDgwMDAwMDBdLG51bGwsbnVsbCxudWxsLFtudWxsLFs3LDYsOV0sbnVsbCwyLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3LmZyZWVkaWRpLmNvbS85OTgyLmh0bWwiLG51bGwsW1s4LCJVdkZCUVIzNFM1VSJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdLFsxNywiWzBdIl0sWzE4LCJbW1swXV1dIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

49341455181bb800950071dfa5dd2fbfeca392febe6abfb8bd9e975f46a5c505

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qW1HtQtLLGSByZwn8_s5pg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 04:54:33 GMT
content-security-policy: script-src 'report-sample' 'nonce-qW1HtQtLLGSByZwn8_s5pg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXW1z4V0-OYX7YtNFKGMbNWCQLjBCCYSyD4APRhnmrwtDABYXMY4uyE-6KJzKOaWyui_G2uL1pYgy6AWUHZQlyGEzZKKV9FN5AADaUXSVvMzUv6_SjgEUoPPgz30c_Ntl8Q358-hw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 44ms
43ms XHR
text/html 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXW1z4V0-OYX7YtNFKGMbNWCQLjBCCYSyD4APRhnmrwtDABYXMY4uyE-6KJzKOaWyui_G2uL1pYgy6AWUHZQlyGEzZKKV9FN5AADaUXSVvMzUv6_SjgEUoPPgz30c_Ntl8Q358-hw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ggTPrrgUdOtwTHBrKGlY3w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.freedidi.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 29 Dec 2023 04:54:33 GMT
content-security-policy: script-src 'report-sample' 'nonce-ggTPrrgUdOtwTHBrKGlY3w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.freedidi.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXJU8-jH-sCP9NxSLLZR0C_17FqOyGZBeVVSkIIDFFf3oxyEegbwG-fYeUa4QVZ1CDbx6p31TcRbFjZWFxOuidx2PZ6fnVSEg4d33YpRx6nQU1YcqnhX5YqCQLdMAk2ZbttfodT9w== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 42ms
42ms XHR
text/html 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXJU8-jH-sCP9NxSLLZR0C_17FqOyGZBeVVSkIIDFFf3oxyEegbwG-fYeUa4QVZ1CDbx6p31TcRbFjZWFxOuidx2PZ6fnVSEg4d33YpRx6nQU1YcqnhX5YqCQLdMAk2ZbttfodT9w==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-fpx_lwly68d9myFIPgBOuw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.freedidi.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 29 Dec 2023 04:54:33 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-fpx_lwly68d9myFIPgBOuw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.freedidi.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 25ms
25ms Image
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=1847314782874931&bg=!RUalRgnNAAY3kmNgF5I7ADQBe5WfONBz8_gR5F2ATZ3zJwqs6XY123MaoX7CdinslYP7hwvTayFfP1re0oDFWfxk1wXBAgAAALFSAAAAAmgBBwoAhYHwdPvS_t0L3jNi_Fkq8GvqexNXhRV8nRTB-JJ6SHwqujFAj1APEoMwDsYpZjU8ELWVz-O-gN4NTdFXrtRtJY3xtsxtjiWjEfLZvZoyV7ZF_TbGohmfIR9Ukl5jTbLLMtnbnVg7zntwnX82Yir7uJYiCmVCXsYDA5lUqy-vyOODeRcl0yCZAwgsM2NABEPEYdavMBvFX0EH2qDjYboZnthWAwGI0fULAj-5h9-05cJCvdY-712FTmaRc4ZvwWYMPqIyZohMVCtaw_hYIcu-dt1m4EAL9GYHkvL-GEkGvRVXpBChc6trp1MK3MihgwH13JxUqGHHB5odrMLrDw4TDZ6t0c_F-powN2aMopLXGHFPGwPEJsYIGO65YIvi6PFizRIp7NOx6cYx8gW2m-3jOkJ8N2_wLAHVpnZQXq14ofnnlq7nOMcYkkFTOP6kG5gbmjmz3he2s9Mj1jVt0GhNFt4-iqnNG1m9Mopca0R2QB9dg0_Yfom14HswmN8PkoZ9cctGAuMSpz4-0pNFrHVQFhYzQyMmah6Mj9i4DQUYLn5exZKNwc48In32r8CEozBe_gFSih3Pzbcsk2obJ2es47C-jCh0GlCXWjPC24QLIDjHzbImmYjH37pMoS1_e56JHnyFxuDTnr8YRU1cy13Sml3nKV49oRMGKSXwQCAm2ixa4iLzwG7P8MoXhqcHr0HB310T24GSop5e6_ge57OazvFTfcJY7THDg-SKar1cYDj4SKEShMc_PVqgp4I3YCInYI74LW5S78Hgy5Rwp0htQBrfWZQ1ldXDJzC6Gzj0jRFYc5D0qt3rPKyV_JkEhDku9UH8xsAleV4NbPEC7QfTYLT6l8-9fzcYCk1VotvAsWdfVzqCXJDFpUV3acC9_caAEqiMGNtgtnMTUrxfLbX00jMifItkpB1KGGEHD4BjQTgvuk5s6fTdC-abPj32GTDTV6-Uvp3rGIqtTfmvEU8IPz4H46c-MqgjI2dFkKTjnz-RFSQrFSO44ThM4knXa4P2thiUcFmzbB1sq3Y92dJ8XGu2pDo5iwnmEttUMVIhmsBtZlZXoaE3C8BUgs4ucbAiNUhygU4VB3xNqyq8M-c1c-TOla_r6QAPpm38tJ19mtHGCJjq2X19qDzLNcR6_PfpGHH18NIAFHGmk-k1GpQtHaNGxT57GmqJuWq4xEVCibvEPcPVdj6rQB8ccz__5iMaSQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freedidi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

147 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.freedidi.com/	1970-01-21 02:02:41	Name: cf_clearance Value: F84BxEYnYEE6CfwTAeF1C6l8UIDvjR8ffc39kpaC_3c-1703825671-0-2-5be55ce1.cc58f8b9.ed6ff1b3-0.2.1703825671
.freedidi.com/	1970-01-21 02:38:41	Name: __gads Value: ID=eecb66dcfc1175c7:T=1703825671:RT=1703825671:S=ALNI_Ma0MJEzl8RhWDlt4bT7R2KrhOdCdQ
.freedidi.com/	1970-01-21 02:38:41	Name: __gpi Value: UID=00000daf4d003b3d:T=1703825671:RT=1703825671:S=ALNI_MbTHm1IL4E7yUG8CIt8xmCC9qk_Xg
.doubleclick.net/	1970-01-21 02:53:05	Name: IDE Value: AHWqTUnBvRmA0R5lGbNjlYLishKy4r-4pq9YuE5H1nL-EFNPJsYR661YhTwNeNQ6DMk
.googleadservices.com/	1970-01-20 19:26:41	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-20 17:17:06	Name: test_cookie Value: CheckForPermission
.freedidi.com/	1970-01-21 02:02:41	Name: FCNEC Value: %5B%5B%22AKsRol-DFCj4rllfk5mCM5niwS4HecxMGADvxHEyacv3w57Smfy7Y0qfJ7bX_-kw5G-qdkiGrvDImvCR-2hSsJ3kzL1OnUPBnLzsK1cWimJDZSZwPbbAFpUOn4IITJgCLvlGKSYVwBZgwbgL0_nYdWAaJ5Cqg5FJWw%3D%3D%22%5D%5D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.ampproject.org
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
static.cloudflareinsights.com
tpc.googlesyndication.com
www.ahwei.link
www.freedidi.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
172.217.13.162
2606:4700:20::681a:52
2606:4700::6810:3865
2607:f8b0:4006:809::2002
2607:f8b0:4006:80b::2003
2607:f8b0:4006:80c::200a
2607:f8b0:4006:80f::2001
2607:f8b0:4020:804::2002
2607:f8b0:4020:804::200e
2607:f8b0:4020:806::2001
2607:f8b0:4020:807::2002
2607:f8b0:4020:807::2003
2607:f8b0:4020:807::2004
54.67.42.145
02980cbd7a7a4e5fd4959cc281ee86d9d737f6257ab80c8f3b85a5eef9c31ddc
053f8e07a56575734b3e376a4398321767f5d29953e0d42992328e42b155e748
070e0b7bab0c14229c36c2471906abb72eb9996772cf271e83ab85ec4c4ac70e
089253e7cbb4519bfd3fbd4362018b9b60cbbdad59eb458e080d913bd609b01f
0b5da448cf6d21c91e38ccdb7aaaee83c560c308bc22896ddc306a64766e0f66
0bacaaa61a210a1bd3f1fbd7de6a1ce8efa6f94a923e9ea568450535848ca95f
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
13e5952182fa19577d83c1858ce1a771342ee7aa64ca6eaa411cb8e2c302f791
167568ed44ca0bd07fce71d3d71265ffa12334366a1cec3166558346027d546c
169129c84912473c3eea8cb0783089f986648c26f879f25caf12b9933feedebe
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
19d44854a4b979ec52fc326e1ba83ee2d8a3882dcbdf4c9ad74470eefce4e5f1
1b91fec19f11ef218903a68021aa6b55478e75240f6f7852602d63077e3348b3
1e0a52e09f6a82103811fb05011f1487605df55d406ecaad89c68999d67f8ae0
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
254d80a49d0c9fced2fd0c272e7b868ca726df8189dc9c5735c56a33e7853dfc
27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b
298052dbec4eb0570e729c73bfa01034954d6c9f112ace92a55d367b932c0ba0
2bd3a68b4a16420c317af1cb6d1624eddb0ae1eb7044f0c6d95579eb5d6643e8
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
363998745ac9f99a116e10ae08665db2ac6161478b235402a4325fca3967fef3
38f8ac0374c2bb1477727fda495437bb1093ebc4ea905138540bbaa35f5dbf6f
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
3c7b3ed32991df7fecd94925de903446f7c1257bfeb042cb0b798749e242c559
3ce7b25cdce25699bdf4d8f7a4b099782ed5db3ba8367854bbaec7a5d7d415a2
3dc0bc2b534e4bde8b4eba93fe618d4c13250708d8236979ea7a1aed051b4a35
3e042723e769b7fb1ce1611948e8d568581aac38ee21c44896d1ac430b454d54
3e0d206383593c6a65df277c26e7ff38ec7273b2ac5958a51cda444202427204
41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
451f143b689a77af9581f47b6ca7536d56c515a49fc0c78cb086c97debd3890c
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
49341455181bb800950071dfa5dd2fbfeca392febe6abfb8bd9e975f46a5c505
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4f0eb978add69be94d793fad4adf6f51e827dc388cb5042dce2e8bfd8810a13b
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
51ebbf675367a7d314d11c55b8faf3bb3a867ae5ae460aaa827ba83803b97b8e
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
56827563224805984bf17e7cdc536d05ba2fc9e969426508a4d0772c8a6d83cc
5a65b0ca177f1c0433c0ead611692521c23e6668846a2861fedc09ae11416ffc
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d6314629d72c154c855b64ae523badd743cfeeece9d5f0a31a65eff7eb5878b
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
628e67872505d5c4a47de882844a6c7af2923f9c486a95faab3114499f04da67
63b67dc2449b77021edac9985e599c47578d649d8303330812510422bbd0221d
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
6e04d59b6414d076dc9f4c00daad1a2b7225767e2f09f9a0afc099e293efce41
74e902da7510e538e4949ad6e725dcf9e987381e9b2b565b9249c659e85f9d0c
814e3cdad59610fb46160dc8695198f003b3932fac3e14671efd32eff5d15b0b
8315926271732f097bfa8aa96f8132b40f0a038b24ebd0d0b6b35c05423eaf91
837ab14bf00664ef0349917ae297de643e6db03ecac082270c09cc26178c3d7b
85e74cf367fdd70c3bdbb603df85574f4f7e9a99b6f77c3e0b4cee1c9fe5105c
886c86112a804ef1ddd1cb206af4c8c40e34b73c26652ca231404aa35a6b30d9
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8fa1be0fb5b47a37ae08f2e1c92051d2a3ceea00d1915b5a33ac6f19bf80097c
9169d8be7a8177e5a92a4d04b6de7f6504b938573bf4da5889871c4f376d3849
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
9a57de6b380adbfe9c4a974f0164544c006afbce844bbae6fdb2b98f6fbd768b
9caffafcdae7b42e3d074103c18a33640d4edf81401c216e99dbb77a15dfa511
a3323050ebf52eb4c5c2423504a753d0f9c5c9fb711a78fbb0c3bf6065343af5
b19117c47f0075f53d47620ceda1115e1032e6e7105a3d74171772237e4d2b91
b287987abdcc38e98f8d96f5fcff98d98460c0002b2fec0f0b625b77f2948055
b2d31599822dae1353d655633c6dbd9454ef2138d172798f4a91119eedd6d89d
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
bc5cb6b617fe0620b3ddcbe396776094fbc6e1f074001acb4b6da3a7607c8769
c243166b4e1f3fee93083bce5af424556466416e607317ed3faf2984395a58fc
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cf4285c04e1f1cccedc0999a665ea1aba54b2e95f247c35e4b883c37c0525610
d731d7dc602d6386b68ab417632c047e3307366a91b7a5bdefc38b9ce82f6eb9
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e537bb0b81601eabcdc6dd4e2eb938917a7c6887765651882ec0ed5081c26c67
e61a5274401d098ca96cd8b36e4030f75bcb644047b18cf0deb1f916c863f126
e63cec15757c256f17497b2d20747a0f3c8b56717dae9f4829c0485ed842a066
e88d00da89f0f486d9d18addabae7a20a74ca61e0907186dae22e485883c9a95
eaa75f3ae369c70a57e27b87baa8388ca4ccae41ea479aa90b92cb32edb018f8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f134232a9a19dd6ab40fd09f335cb368f4441e2573462dea23b6201274d0b70b
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
faae6fc0aa94cc5bde5076647c817a23206096a1cbeda10d1c6f3d89d6163ed1

www.freedidi.com Open in urlscan Pro 2606:4700:20::681a:52 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

115 Requests

97 %HTTPS

86 %IPv6

11 Domains

14 Subdomains

14 IPs

2 Countries

2138 kBTransfer

4504 kBSize

7 Cookies

10 Outgoing links

Page URL History

Redirected requests

115 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.freedidi.com Open in urlscan Pro
2606:4700:20::681a:52 Public Scan

Screenshot
Live screenshot

Full Image

115
Requests

97 %
HTTPS

86 %
IPv6

11
Domains

14
Subdomains

14
IPs

2
Countries

2138 kB
Transfer

4504 kB
Size

7
Cookies

115 HTTP transactions
2 data transactions