www.rubyfortune.com Open in urlscan Pro
104.18.89.101 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://rubyfortune.com/
Effective URL:
https://www.rubyfortune.com/de/
Submission Tags: tranco_l324
Submission: On November 21 via api (November 21st 2021, 11:47:09 am UTC) from DE — Scanned from DE

Summary HTTP 64 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 20 IPs in 5 countries across 19 domains to perform 64 HTTP transactions. The main IP is 104.18.89.101, located in and belongs to CLOUDFLARENET, US. The main domain is www.rubyfortune.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 29th 2021. Valid for: a year.

This is the only time www.rubyfortune.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 37	104.18.89.101 104.18.89.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 5	104.18.16.170 104.18.16.170	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:4557	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.31.220.156 185.31.220.156	34738 (WHL-ASN) (WHL-ASN)
1	104.18.171.226 104.18.171.226	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3032::6815:3366	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3033::6815:29e6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3033::6815:4bce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:ec3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::681a:fc3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:6c0... 2a02:26f0:6c00:28d::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
64	20

37 104.18.89.101 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

rubyfortune.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.rubyfortune.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pop.rubyfortune.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.16.170 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.rechannelapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4557 (United States)

ASN13335 (CLOUDFLARENET, US)

dm.imagethumb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.31.220.156 (Belize)

ASN34738 (WHL-ASN, BZ)

www.spingamespalace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.171.226 (None, )

ASN13335 (CLOUDFLARENET, US)

www.spincasino.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:3366 (United States)

ASN13335 (CLOUDFLARENET, US)

www.clubonlinegaming.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:29e6 (United States)

ASN13335 (CLOUDFLARENET, US)

www.goluckynugget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:4bce (United States)

ASN13335 (CLOUDFLARENET, US)

www.luckyslotsnugget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:ec3 (United States)

ASN13335 (CLOUDFLARENET, US)

tpg.lobbycontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:fc3 (United States)

ASN13335 (CLOUDFLARENET, US)

bre.lobbycontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:28d::19fd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	rubyfortune.com 3 redirects rubyfortune.com www.rubyfortune.com pop.rubyfortune.com	594 KB
5	rechannelapi.com 1 redirects www.rechannelapi.com	2 KB
4	google-analytics.com www.google-analytics.com	40 KB
3	lobbycontent.com tpg.lobbycontent.com bre.lobbycontent.com	12 KB
3	jsdelivr.net cdn.jsdelivr.net	11 KB
2	googleapis.com fonts.googleapis.com	2 KB
2	googletagmanager.com www.googletagmanager.com	89 KB
1	gstatic.com fonts.gstatic.com	44 KB
1	typekit.net p.typekit.net	162 B
1	cloudflare.com cdnjs.cloudflare.com	5 KB
1	luckyslotsnugget.com www.luckyslotsnugget.com	634 B
1	goluckynugget.com www.goluckynugget.com	635 B
1	clubonlinegaming.com www.clubonlinegaming.com	632 B
1	spincasino.com www.spincasino.com	477 B
1	spingamespalace.com www.spingamespalace.com	154 B
1	imagethumb.com dm.imagethumb.com	1 KB
1	google.de www.google.de	501 B
1	google.com www.google.com	501 B
1	doubleclick.net stats.g.doubleclick.net	445 B
64	19

	Domain	Requested by
20	www.rubyfortune.com	1 redirects www.rubyfortune.com
15	pop.rubyfortune.com	www.rubyfortune.com pop.rubyfortune.com
5	www.rechannelapi.com	1 redirects www.rubyfortune.com www.rechannelapi.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com pop.rubyfortune.com
3	cdn.jsdelivr.net	www.rubyfortune.com pop.rubyfortune.com
2	bre.lobbycontent.com	pop.rubyfortune.com
2	fonts.googleapis.com	pop.rubyfortune.com
2	www.googletagmanager.com	www.rubyfortune.com pop.rubyfortune.com
2	rubyfortune.com	2 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	p.typekit.net	pop.rubyfortune.com
1	tpg.lobbycontent.com	pop.rubyfortune.com
1	cdnjs.cloudflare.com	pop.rubyfortune.com
1	www.luckyslotsnugget.com	www.rechannelapi.com
1	www.goluckynugget.com	www.rechannelapi.com
1	www.clubonlinegaming.com	www.rechannelapi.com
1	www.spincasino.com	www.rechannelapi.com
1	www.spingamespalace.com	www.rechannelapi.com
1	dm.imagethumb.com	www.googletagmanager.com
1	www.google.de	www.rubyfortune.com
1	www.google.com	www.rubyfortune.com
1	stats.g.doubleclick.net	www.google-analytics.com
64	22

This site contains links to these domains. Also see Links.

Domain
auth.rubyfortune.com
www.buffalopartners.com
playersupportcentre.com
vip.thepalacegroup.com
www.authorisation.mga.org.mt
secure.ecogra.org
www.begambleaware.org

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-29` - `2022-06-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
spinpalacegames.com R3	`2021-10-20` - `2022-01-18`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-16` - `2022-07-21`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.rubyfortune.com/de/
Frame ID: 996A90341EF737077439C280F0F3B6BB
Requests: 28 HTTP requests in this frame

Frame: https://pop.rubyfortune.com/blockpop/rubyfortune/?promoid=451&s=RFTYPEINTRAFFIC&a=RFTYPEINTRAFFIC&SessionVisitId=ea8bf5f7-e152-4370-9519-409b4556b3f1&ul=DE&country=DE
Frame ID: 649165CDF6526A9972E8BD725332D529
Requests: 27 HTTP requests in this frame

Frame: https://www.rechannelapi.com/media.html
Frame ID: 310762B9EE0950A2F49215F273588A0C
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Auf hochwertige Onlinespiele freuen | Ruby Fortune™ Online Casino

Page URL History Show full URLs

http://rubyfortune.com/ HTTP 301
https://rubyfortune.com/ HTTP 301
https://www.rubyfortune.com/ HTTP 301
https://www.rubyfortune.com/de/ Page URL

Page Statistics

64
Requests

100 %
HTTPS

80 %
IPv6

19
Domains

22
Subdomains

20
IPs

5
Countries

802 kB
Transfer

1621 kB
Size

12
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://auth.rubyfortune.com/de/registration/?promoid=451&s=rftypeintraffic&a=rftypeintraffic&sessionvisitid=ea8bf5f7-e152-4370-9519-409b4556b3f1
Title: 1. Bonus Erste Einzahlung: 100% Bonus bis zu 250€ 2. Bonus Zweite Einzahlung: 100% Bonus bis zu 250€ 3. Bonus Dritte Einzahlung: 100% Bonus bis zu 250€

Search URL Search Domain Scan URL

URL: https://auth.rubyfortune.com/de/login/?promoid=451&s=rftypeintraffic&a=rftypeintraffic&sessionvisitid=ea8bf5f7-e152-4370-9519-409b4556b3f1
Title: Login

Search URL Search Domain Scan URL

URL: https://www.buffalopartners.com/
Title: Partnerprogramm

Search URL Search Domain Scan URL

URL: https://playersupportcentre.com/rfc/de/rtp/
Title: Auszahlungsprozentsätze

Search URL Search Domain Scan URL

URL: http://vip.thepalacegroup.com/deutsch/
Title: VIP

Search URL Search Domain Scan URL

URL: https://www.authorisation.mga.org.mt/verification.aspx?lang=de&company=5ab337cc-9171-4de8-8e35-f50d52557016

Search URL Search Domain Scan URL

URL: https://secure.ecogra.org/certification/24a9536f-6f30-4d66-b07e-35b4448666f6

Search URL Search Domain Scan URL

URL: https://www.begambleaware.org/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://rubyfortune.com/ HTTP 301
https://rubyfortune.com/ HTTP 301
https://www.rubyfortune.com/ HTTP 301
https://www.rubyfortune.com/de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://www.rechannelapi.com/ HTTP 302
https://www.rechannelapi.com/media.html

64 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.rubyfortune.com/de/
Redirect Chain

http://rubyfortune.com/
https://rubyfortune.com/
https://www.rubyfortune.com/
https://www.rubyfortune.com/de/

128 KB
23 KB

2791ms
2790ms

Document
text/html

104.18.89.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rubyfortune.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.89.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

997540c1e9aa3e510f2b7a075e08b3b94ebdb3b350ede4aea039039a4b727e74

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sun, 21 Nov 2021 11:47:04 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: -1
x-frame-options: SAMEORIGIN
x-ua-compatible: IE=Edge
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b19ae4ceef1360d-MAN
content-encoding: gzip

Redirect headers

date: Sun, 21 Nov 2021 11:47:01 GMT
content-type: text/html; charset=utf-8
cache-control: private
location: /de/
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b19ae4b5cac360d-MAN

GET
H2 200 GetResource.ashx
www.rubyfortune.com/CMSPages/ 496 B
435 B 201ms
200ms Stylesheet
text/css 104.18.89.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rubyfortune.com/CMSPages/GetResource.ashx?stylesheetname=rfc_modals-base

Requested by

Host: www.rubyfortune.com
URL: https://www.rubyfortune.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.89.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

e47a42d5d5f19bdbeeeada6b2bbd6ee28e44ddbc24d7eae87a23d0c8852ad0a9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rubyfortune.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:47:04 GMT
content-encoding: gzip
etag: W/"cssstylesheet|3e6edb90-372b-44b1-b380-462295cd8f41"
cf-cache-status: DYNAMIC
last-modified: Fri, 07 May 2021 06:44:09 GMT
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: public, must-revalidate
content-disposition: attachment; filename="rfc_modals-base.css"
cf-ray: 6b19ae5e7b10360d-MAN
expires: Sun, 21 Nov 2021 11:47:04 GMT

GET
H2 200 GetResource.ashx
www.rubyfortune.com/CMSPages/ 28 KB
6 KB 200ms
198ms Stylesheet
text/css 104.18.89.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rubyfortune.com/CMSPages/GetResource.ashx?stylesheetname=rfc_tailwindcss_purged

Requested by

Host: www.rubyfortune.com
URL: https://www.rubyfortune.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.89.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

6d414a5c6d11d1e6fe24e49538dab9ef8bdc50b5ba373a8f50ccbd2f0f854979

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rubyfortune.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:47:04 GMT
content-encoding: gzip
etag: W/"cssstylesheet|2c478796-ea60-472d-89f9-d2b15f1d96af"
cf-cache-status: DYNAMIC
last-modified: Thu, 29 Jul 2021 13:39:51 GMT
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: public, must-revalidate
content-disposition: attachment; filename="rfc_tailwindcss_purged.css"
cf-ray: 6b19ae5e7b12360d-MAN
expires: Sun, 21 Nov 2021 11:47:04 GMT

GET
H2 200 GetResource.ashx
www.rubyfortune.com/CMSPages/ 4 KB
804 B 203ms
201ms Stylesheet
text/css 104.18.89.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rubyfortune.com/CMSPages/GetResource.ashx?stylesheetname=rfc_tailwindcss_rtl

Requested by

Host: www.rubyfortune.com
URL: https://www.rubyfortune.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.89.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

91fc06dfd3d7f3060d6148ec39e9f6adf5002614fb137a78d1ea67cb28e36db1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rubyfortune.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:47:04 GMT
content-encoding: gzip
etag: W/"cssstylesheet|2c51cddf-a6a1-4c50-8fac-244940a6f076"
cf-cache-status: DYNAMIC
last-modified: Thu, 29 Jul 2021 10:51:32 GMT
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: public, must-revalidate
content-disposition: attachment; filename="rfc_tailwindcss_rtl.css"
cf-ray: 6b19ae5e7b14360d-MAN
expires: Sun, 21 Nov 2021 11:47:04 GMT

GET
H2 200 GetResource.ashx
www.rubyfortune.com/CMSPages/ 454 B
446 B 206ms
204ms Stylesheet
text/css 104.18.89.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rubyfortune.com/CMSPages/GetResource.ashx?stylesheetname=rfc_accordions-base

Requested by

Host: www.rubyfortune.com
URL: https://www.rubyfortune.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.89.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

65a329b8b4afef1675f9e26b4ce4de5d5d36529c45d8a4d0f4137829c5e65bd6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rubyfortune.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:47:04 GMT
content-encoding: gzip
etag: W/"cssstylesheet|f03f59ef-0b02-4de7-97b8-bc6e75d2bd16"
cf-cache-status: DYNAMIC
last-modified: Mon, 31 May 2021 07:22:09 GMT
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: public, must-revalidate
content-disposition: attachment; filename="rfc_accordions-base.css"
cf-ray: 6b19ae5e7b15360d-MAN
expires: Sun, 21 Nov 2021 11:47:04 GMT

GET
H2 200 GetResource.ashx
www.rubyfortune.com/CMSPages/ 199 B
307 B 200ms
199ms Stylesheet
text/css 104.18.89.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rubyfortune.com/CMSPages/GetResource.ashx?_webparts=1720

Requested by

Host: www.rubyfortune.com
URL: https://www.rubyfortune.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.89.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

dc01ebf58a2be9acd3256d9c6ba04eb05c91243166cf61d87ce7e688e0518db0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rubyfortune.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:47:04 GMT
content-encoding: gzip
etag: W/"webpart|CountryPop"
cf-cache-status: DYNAMIC
last-modified: Mon, 25 Oct 2021 13:54:48 GMT
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: public, must-revalidate
content-disposition: attachment; filename="CountryPop.css"
cf-ray: 6b19ae5e7b16360d-MAN
expires: Sun, 21 Nov 2021 11:47:04 GMT

GET
H2 200 GetResource.ashx
www.rubyfortune.com/CMSPages/ 418 B
451 B 207ms
206ms Stylesheet
text/css 104.18.89.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rubyfortune.com/CMSPages/GetResource.ashx?_webpartlayouts=684

Requested by

Host: www.rubyfortune.com
URL: https://www.rubyfortune.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.89.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

cf9c3d272eff7ce5423c70ec0efc7afccadf453d16c3d3b219ea03f49568ef61

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rubyfortune.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:47:04 GMT
content-encoding: gzip
etag: W/"webpartlayout|8f83069b-5f76-400c-b2ad-ff6264ce2d4f"
cf-cache-status: DYNAMIC
last-modified: Tue, 12 Oct 2021 16:24:29 GMT
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: public, must-revalidate
content-disposition: attachment; filename="CountryPop_CountryPop.css"
cf-ray: 6b19ae5e7b17360d-MAN
expires: Sun, 21 Nov 2021 11:47:04 GMT

GET
H2 200 WebResource.axd Show response
www.rubyfortune.com/ 23 KB
5 KB 131ms
130ms Script
application/x-javascript 104.18.89.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rubyfortune.com/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZOTrtu3bhbQP9chZDab6T3T6rpswiAn_48uhi_cxqxLvNMyaTui3c8d2zcm5Ahj9CA2&t=637461053481343508

Requested by

Host: www.rubyfortune.com
URL: https://www.rubyfortune.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.89.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rubyfortune.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:47:04 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Wed, 13 Jan 2021 01:29:08 GMT
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: public
cf-ray: 6b19ae5e7b18360d-MAN
expires: Mon, 21 Nov 2022 10:44:46 GMT

GET
H2 200 ScriptResource.axd Show response
www.rubyfortune.com/ 100 KB
25 KB 208ms
208ms Script
application/x-javascript 104.18.89.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rubyfortune.com/ScriptResource.axd?d=NJmAwtEo3Ipnlaxl6CMhvoy67p3qE3k42XFApznJi2W3UkfFBBRMeqc-lFV2cQU5ndvUZYZDGyLGGzy7kPfmDfWzEnj7T_O-WV2t2hR9XkuYRI-pVjmwQe3MimJCkpDncoHE_DJ3s1b1xE3p7gBTx4rW8TdHynrlXB1uuk5GcHo1&t=2fe674eb

Requested by

Host: www.rubyfortune.com
URL: https://www.rubyfortune.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.89.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rubyfortune.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:47:04 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Sun, 21 Nov 2021 10:44:46 GMT
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: public
cf-ray: 6b19ae5e7b19360d-MAN
content-length: 25609
expires: Mon, 21 Nov 2022 10:44:46 GMT

GET
H2 200 ScriptResource.axd Show response
www.rubyfortune.com/ 39 KB
10 KB 480ms
480ms Script
application/x-javascript 104.18.89.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rubyfortune.com/ScriptResource.axd?d=dwY9oWetJoJoVpgL6Zq8OMKmQqyWLfY_N9kzpd1JIUsGWJun3qCLNH6b5kr5mNGIQZ0kvySaYOXd0xRfy-AsbRPJWKGdkQZeNa_kbDVxlOAjB17FLC9mQnMUUJeqFR6CUPaCYDYzQHfVFgs_xzWSvI1hzgMIivuPEA3OMf-L2mA1&t=2fe674eb

Requested by

Host: www.rubyfortune.com
URL: https://www.rubyfortune.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.89.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rubyfortune.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:47:04 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Sun, 21 Nov 2021 10:44:46 GMT
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: public
cf-ray: 6b19ae5e7b1d360d-MAN
content-length: 9984
expires: Mon, 21 Nov 2022 10:44:46 GMT

GET
H2 200 offerbreakdown_logo.png
www.rubyfortune.com/rubyfortune.com/media/rfc_media_library/pops/ 13 KB
13 KB 40ms
40ms Image
image/png 104.18.89.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rubyfortune.com/rubyfortune.com/media/rfc_media_library/pops/offerbreakdown_logo.png

Requested by

Host: www.rubyfortune.com
URL: https://www.rubyfortune.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.89.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

64b6493631fb2fe6e8f5b1e7ee423aac2029f6a9ce2ae72d2b98a32009b4df1e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rubyfortune.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:47:04 GMT
cf-cache-status: HIT
age: 49
x-powered-by: ASP.NET
content-length: 12939
last-modified: Tue, 22 Jun 2021 09:53:10 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "fc80b9684c67d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6b19ae5fdd09360d-MAN
expires: Sun, 21 Nov 2021 15:47:04 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 127 KB
45 KB 330ms
24ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KKJXLR

Requested by

Host: www.rubyfortune.com
URL: https://www.rubyfortune.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0b157a85a5ff8d533c2850091a7f1e516ba0d326126c106fe143156efcdd6755

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rubyfortune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:47:04 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45201
x-xss-protection: 0
last-modified: Sun, 21 Nov 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 21 Nov 2021 11:47:04 GMT

GET
H2 200 logo.png
www.rubyfortune.com/rubyfortune.com/media/rfc_media_library/header/ 5 KB
5 KB 43ms
43ms Image
image/png 104.18.89.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rubyfortune.com/rubyfortune.com/media/rfc_media_library/header/logo.png

Requested by

Host: www.rubyfortune.com
URL: https://www.rubyfortune.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.89.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

f5a967e3f0ea6446511b885e8151de75bb005a6509e15496dc2f78920674af6c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rubyfortune.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:47:04 GMT
cf-cache-status: HIT
age: 49
x-powered-by: ASP.NET
content-length: 5030
last-modified: Fri, 18 Jun 2021 07:23:11 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "1f8261cb1264d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6b19ae60ae50360d-MAN
expires: Sun, 21 Nov 2021 15:47:04 GMT

GET
H2 200 hero_1920.jpg
www.rubyfortune.com/rubyfortune.com/media/rfc_media_library/offer_area/ 93 KB
93 KB 38ms
38ms Image
image/jpeg 104.18.89.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rubyfortune.com/rubyfortune.com/media/rfc_media_library/offer_area/hero_1920.jpg

Requested by

Host: www.rubyfortune.com
URL: https://www.rubyfortune.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.89.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

d5385b52dd2d581c03c3fcbeaaa1688e912fc7cd66ea49484e7f561509dae489

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rubyfortune.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:47:04 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 49
x-powered-by: ASP.NET
last-modified: Fri, 18 Jun 2021 07:23:11 GMT
content-length: 95197
cf-bgj: h2pri
server: cloudflare
etag: "a7b9a7cb1264d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6b19ae60ce80360d-MAN
expires: Sun, 21 Nov 2021 15:47:04 GMT

GET
H2 200 hero_1920_slots.jpg
www.rubyfortune.com/rubyfortune.com/media/rfc_media_library/offer_area/ 147 KB
147 KB 52ms
51ms Image
image/jpeg 104.18.89.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rubyfortune.com/rubyfortune.com/media/rfc_media_library/offer_area/hero_1920_slots.jpg

Requested by

Host: www.rubyfortune.com
URL: https://www.rubyfortune.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.89.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

6956df54356280da020ec11b587be5a4f24fbdfd0355d604856646a202781dae

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rubyfortune.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:47:04 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 49
x-powered-by: ASP.NET
last-modified: Fri, 18 Jun 2021 07:23:12 GMT
content-length: 150155
cf-bgj: h2pri
server: cloudflare
etag: "ca11b6cb1264d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6b19ae60ce81360d-MAN
expires: Sun, 21 Nov 2021 15:47:04 GMT

GET
H2 200 placeholder.png
www.rubyfortune.com/rubyfortune.com/media/rfc_media_library/ 95 B
198 B 59ms
58ms Image
image/png 104.18.89.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rubyfortune.com/rubyfortune.com/media/rfc_media_library/placeholder.png

Requested by

Host: www.rubyfortune.com
URL: https://www.rubyfortune.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.89.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rubyfortune.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:47:04 GMT
cf-cache-status: HIT
age: 49
x-powered-by: ASP.NET
content-length: 95
last-modified: Tue, 22 Jun 2021 09:22:21 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "d7a4ba1a4867d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6b19ae60ce83360d-MAN
expires: Sun, 21 Nov 2021 15:47:04 GMT

GET
H2 200 intersection-observer.js Show response
cdn.jsdelivr.net/npm/intersection-observer@0.7.0/ 22 KB
7 KB 125ms
31ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/intersection-observer@0.7.0/intersection-observer.js

Requested by

Host: www.rubyfortune.com
URL: https://www.rubyfortune.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1dc6d2d43514d1d8956877d1f2ef347cd5abdb8ecf8e47aba59d87b8a6da49bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rubyfortune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:47:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2300397
x-jsd-version: 0.7.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19136-FRA, cache-mxp6933-MXP
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"57ad-m3EaUx6495LHE8zS0+QpFP8kqM0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6b19ae61cb823747-MXP

GET
H2 200 lazyload.min.js Show response
cdn.jsdelivr.net/npm/vanilla-lazyload@17.3.1/dist/ 7 KB
3 KB 126ms
32ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vanilla-lazyload@17.3.1/dist/lazyload.min.js

Requested by

Host: www.rubyfortune.com
URL: https://www.rubyfortune.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6a23e6a3399b52a5576c28b2236b48953949793fc17f2c733d35b084d7a0085

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rubyfortune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:47:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2300405
x-jsd-version: 17.3.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19158-FRA, cache-mxp6982-MXP
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"1d61-wcBCP//7m5LJeuNOb3Rtiff9UGo"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6b19ae61cb843747-MXP

GET
H2 200 device_fingerprint.js Show response
www.rubyfortune.com/CMSScripts/Custom/ 36 KB
9 KB 58ms
58ms Script
application/javascript 104.18.89.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rubyfortune.com/CMSScripts/Custom/device_fingerprint.js

Requested by

Host: www.rubyfortune.com
URL: https://www.rubyfortune.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.89.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

5953bbb53c110ec77851885b2a67d1f7093ff9dcd893a7a1331c3cd9bea72746

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rubyfortune.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:47:04 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 49
x-powered-by: ASP.NET
content-length: 9043
last-modified: Wed, 06 Oct 2021 08:42:24 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "0d886158ebad71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6b19ae613f3a360d-MAN
expires: Sun, 21 Nov 2021 15:47:04 GMT

GET
H2 200 / Show response
pop.rubyfortune.com/blockpop/rubyfortune/ Frame 6491 9 KB
3 KB 1418ms
1404ms Document
text/html 104.18.89.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pop.rubyfortune.com/blockpop/rubyfortune/?promoid=451&s=RFTYPEINTRAFFIC&a=RFTYPEINTRAFFIC&SessionVisitId=ea8bf5f7-e152-4370-9519-409b4556b3f1&ul=DE&country=DE
Requested by: Host: www.rubyfortune.com
URL: https://www.rubyfortune.com/de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.89.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5c8e3ad52167a2c84340a4576d0b7ee6274400796edfb232eef244a4f6c6d554

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.rubyfortune.com/

Response headers

date: Sun, 21 Nov 2021 11:47:05 GMT
content-type: text/html; charset=utf-8
cache-control: private
vary: Accept-Encoding
x-aspnetmvc-version: 5.2
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b19ae61d810360d-MAN
content-encoding: gzip

GET
H2

200

media.html Show response
www.rechannelapi.com/ Frame 3107
Redirect Chain

https://www.rechannelapi.com/
https://www.rechannelapi.com/media.html

182 B
269 B

149ms
148ms

Document
text/html

104.18.16.170
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rechannelapi.com/media.html
Requested by: Host: www.rubyfortune.com
URL: https://www.rubyfortune.com/de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.16.170 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 046950cf8c0971520a1dd22270bfe2c0314814aea7fa49ab0d2ad2c9597b8a97

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.rubyfortune.com/

Response headers

date: Sun, 21 Nov 2021 11:47:04 GMT
content-type: text/html
last-modified: Fri, 26 Mar 2021 08:33:46 GMT
x-correlation-id: 51ed3150-fe61-48f2-ac8c-80a4781bb8b6
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b19ae632dc735d7-MAN
content-encoding: gzip

Redirect headers

date: Sun, 21 Nov 2021 11:47:04 GMT
content-type: text/html
location: /media.html
x-correlation-id: 2922ff43-5bfc-42d8-8e66-3ccec6f4ea6d
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b19ae622ca535d7-MAN

POST
H2 200 / Show response
www.rubyfortune.com/api/casinoprogressive/counters/ 14 KB
2 KB 132ms
131ms XHR
application/json 104.18.89.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rubyfortune.com/api/casinoprogressive/counters/

Requested by

Host: www.rubyfortune.com
URL: https://www.rubyfortune.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.89.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

60234babe159bcce71bf84e13d48229da2513012608b8f7f7129e9b7f0081c5d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.rubyfortune.com/de/
api-key: 8513a494-f3bb-45d7-8347-a2b252c0b38b
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 21 Nov 2021 11:47:04 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: public, max-age=3600
cf-ray: 6b19ae62086a360d-MAN

POST
H2 200 DeviceFingerprintCookieLookup Show response
www.rubyfortune.com/api/CrossDomainAutoLogin/ 41 B
123 B 781ms
780ms XHR
application/json 104.18.89.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rubyfortune.com/api/CrossDomainAutoLogin/DeviceFingerprintCookieLookup

Requested by

Host: www.rubyfortune.com
URL: https://www.rubyfortune.com/CMSScripts/Custom/device_fingerprint.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.89.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

588f97bb2abc9970e55b97498247b054823139e87e8c44e1fd22cb108b87593b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.rubyfortune.com/de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 21 Nov 2021 11:47:05 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: public, max-age=3600
cf-ray: 6b19ae637a65360d-MAN
content-length: 41

GET
H2 200 box_games.jpg
www.rubyfortune.com/rubyfortune.com/media/rfc_media_library/content_blocks/ 114 KB
114 KB 43ms
42ms Image
image/jpeg 104.18.89.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rubyfortune.com/rubyfortune.com/media/rfc_media_library/content_blocks/box_games.jpg?ext=.jpg

Requested by

Host: www.rubyfortune.com
URL: https://www.rubyfortune.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.89.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

b039bcb5c57eaa75a9c4ccc3193f5b06c4dc00599253467cb474dc9caa483526

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rubyfortune.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:47:04 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 47
x-powered-by: ASP.NET
last-modified: Mon, 12 Jul 2021 08:39:51 GMT
content-length: 116488
cf-bgj: h2pri
server: cloudflare
etag: "237287bf976d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6b19ae638a93360d-MAN
expires: Sun, 21 Nov 2021 15:47:04 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 38ms
9ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KKJXLR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rubyfortune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2757
date: Sun, 21 Nov 2021 11:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 21 Nov 2021 13:01:07 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
210 B 18ms
17ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=654101426&t=pageview&_s=1&dl=https%3A%2F%2Fwww.rubyfortune.com%2Fde%2F&dp=%2Fde&ul=en-us&de=UTF-8&dt=Auf%20hochwertige%20Onlinespiele%20freuen%20%7C%20Ruby%20Fortune%E2%84%A2%20Online%20Casino&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=55557013&gjid=117964101&cid=516238194.1637495225&tid=UA-46028713-14&_gid=1628934500.1637495225&_r=1&gtm=2wgba1KKJXLR&cd51=brand&cd58=de-DE&cd61=ea8bf5f7-e152-4370-9519-409b4556b3f1&cd68=null&cd70=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.45%20Safari%2F537.36&cd73=2021-11-21T11%3A47%3A04.881%2B00%3A00&cd74=&cd75=&cd83=RFTYPEINTRAFFIC&cd84=RFTYPEINTRAFFIC&cd85=No%20Visit%20Data%20Found&cd86=RFC&cd91=brand&cd97=bereichern%20sie%20ihr%20leben%20mit%20luxuri%C3%B6sen%20spielen%2C%20glanz%20%26%20glamour%20sowie%20gro%C3%9Fen%20gewinnchancen.%20casinospiele%20%26%20hochwertige%20angebote%20bei%20ruby%20fortune%E2%84%A2%20onl&cd98=mlt%2Fmit&cd62=516238194.1637495225&z=1577875026

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rubyfortune.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 21 Nov 2021 11:47:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.rubyfortune.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
445 B 65ms
21ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-46028713-14&cid=516238194.1637495225&jid=55557013&gjid=117964101&_gid=1628934500.1637495225&_u=YEBAAEAAAAAAAC~&z=1316634772

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rubyfortune.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 21 Nov 2021 11:47:05 GMT
content-type: text/plain
access-control-allow-origin: https://www.rubyfortune.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 media.js Show response
www.rechannelapi.com/js/ Frame 3107 2 KB
1 KB 47ms
47ms Script
application/javascript 104.18.16.170
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rechannelapi.com/js/media.js
Requested by: Host: www.rechannelapi.com
URL: https://www.rechannelapi.com/media.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.16.170 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61290357f9802af6ac82887832d157b255dbc6beefd55216bc00f446efbea4f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rechannelapi.com/media.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

cf-ray: 6b19ae643f5f35d7-MAN
date: Sun, 21 Nov 2021 11:47:05 GMT
x-correlation-id: 89264ed1-0d16-4a22-bf0d-3f0e42bd5b29
cf-cache-status: HIT
last-modified: Fri, 26 Mar 2021 08:33:46 GMT
server: cloudflare
age: 48
etag: W/"1d7221abca2d8fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
content-encoding: gzip
expires: Sun, 21 Nov 2021 15:47:05 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 59ms
32ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-46028713-14&cid=516238194.1637495225&jid=55557013&_u=YEBAAEAAAAAAAC~&z=413906339

Requested by

Host: www.rubyfortune.com
URL: https://www.rubyfortune.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rubyfortune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Nov 2021 11:47:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 56ms
32ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-46028713-14&cid=516238194.1637495225&jid=55557013&_u=YEBAAEAAAAAAAC~&z=413906339

Requested by

Host: www.rubyfortune.com
URL: https://www.rubyfortune.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rubyfortune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Nov 2021 11:47:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 domains Show response
www.rechannelapi.com/api/telemetry/ Frame 3107 675 B
309 B 183ms
183ms XHR
application/json 104.18.16.170
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rechannelapi.com/api/telemetry/domains
Requested by: Host: www.rechannelapi.com
URL: https://www.rechannelapi.com/js/media.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.16.170 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f462f48000a98262e1408df9145f897f5f1a19f0fcf5a86d18196784faa1b12a

Request headers

Referer: https://www.rechannelapi.com/media.html
X-Domain-For-Test: www.rubyfortune.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:47:05 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/json; charset=utf-8
x-correlation-id: 6430952b-f20f-4d3a-bb21-bffca259b5a2
cf-ray: 6b19ae648fc935d7-MAN

GET
H2 200 gtm-global.js Show response
dm.imagethumb.com/gtm/shared/ 2 KB
1 KB 271ms
213ms Script
application/x-javascript 2606:4700:20::ac43:4557
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dm.imagethumb.com/gtm/shared/gtm-global.js?v=21102021_0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KKJXLR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4557 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0e043cedcf425272f6b4eba8af74f4d731f8f8da9334a1be02f1a34d18604c10

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rubyfortune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:47:05 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 11 Mar 2019 12:05:06 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: W/"427397aa2d8d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cN1t%2BYFCiggYog4S6Ct1tJ%2F37BIVQon%2BUbzDxp6FZ7YXg6zJbULlCXfGFDXhFUXUgZ1ZPmtbpGCl1%2FzZgCi3uBnEgC3RbRvMHPMfmZvdZWqgwgO6oBJW5Xqk22dvJH%2BtcjJU%2BxIi6yfpWnvx6kZc"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b19ae654c4b5a25-MXP

GET
H/1.1 200
OK version Show response
www.spingamespalace.com/api/telemetry/ Frame 3107 51 B
154 B 154ms
41ms XHR
application/json 185.31.220.156
WHL-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.spingamespalace.com/api/telemetry/version
Requested by: Host: www.rechannelapi.com
URL: https://www.rechannelapi.com/js/media.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.31.220.156 , Belize, ASN34738 (WHL-ASN, BZ),
Reverse DNS
Software: /
Resource Hash: 40812f6fbe2244f3b749b1d7b73f5c2166c95e91db8febe82ce34e95c1a29c70

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rechannelapi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Content-Length: 51
Content-Type: application/json

GET
H2 200 version Show response
www.spincasino.com/api/telemetry/ Frame 3107 51 B
477 B 205ms
141ms XHR
application/json 104.18.171.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.spincasino.com/api/telemetry/version
Requested by: Host: www.rechannelapi.com
URL: https://www.rechannelapi.com/js/media.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.171.226 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40812f6fbe2244f3b749b1d7b73f5c2166c95e91db8febe82ce34e95c1a29c70

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rechannelapi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:47:05 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/json
access-control-allow-origin: *
cf-ray: 6b19ae661917cddf-CDG

GET
H2 200 version Show response
www.clubonlinegaming.com/api/telemetry/ Frame 3107 51 B
632 B 225ms
169ms XHR
application/json 2606:4700:3032::6815:3366
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clubonlinegaming.com/api/telemetry/version
Requested by: Host: www.rechannelapi.com
URL: https://www.rechannelapi.com/js/media.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:3366 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40812f6fbe2244f3b749b1d7b73f5c2166c95e91db8febe82ce34e95c1a29c70

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rechannelapi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:47:05 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7FINngeUArwVCDOH0LyvjciXbWx0ix8dk8sl1yYmXjAjO6WEyZ1jQNQJtcXwCD2gp2f0QIZ3y5NZP2EoAqLEpVQu1GQgsstR%2FPeWvgF2hW%2F5jcL5Eh5xLdngigueztM1%2FDHpiOsBVU7DjVjdChjdCjUoFgJVVYY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cf-ray: 6b19ae660b9e0f72-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 version Show response
www.goluckynugget.com/api/telemetry/ Frame 3107 51 B
635 B 258ms
191ms XHR
application/json 2606:4700:3033::6815:29e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.goluckynugget.com/api/telemetry/version
Requested by: Host: www.rechannelapi.com
URL: https://www.rechannelapi.com/js/media.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:29e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40812f6fbe2244f3b749b1d7b73f5c2166c95e91db8febe82ce34e95c1a29c70

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rechannelapi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:47:05 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dyVqKJCYRC4tlH8mFGj2B94LCLNp%2FzhdghVi780LHYFgeAXKj1N0kbo9ul%2FWHv8tgqCUS7u2dxGyQ%2BLvTecoysMz42AcgQeO6yDAfcnPOi2xZYOkPwEW%2Bb7CJtVXpJI2H4Yy%2BWd8fKVn9WtnU%2BxPeqKZT%2Bs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cf-ray: 6b19ae66193a5a13-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 version Show response
www.luckyslotsnugget.com/api/telemetry/ Frame 3107 51 B
634 B 269ms
206ms XHR
application/json 2606:4700:3033::6815:4bce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.luckyslotsnugget.com/api/telemetry/version
Requested by: Host: www.rechannelapi.com
URL: https://www.rechannelapi.com/js/media.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:4bce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40812f6fbe2244f3b749b1d7b73f5c2166c95e91db8febe82ce34e95c1a29c70

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.rechannelapi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:47:05 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7XaOYEZbLOsHtRVW2RTL6P0JPjRZyEc9mw7uAZaxgLcHnfNzxo%2B0wtyrA26UGiv9uLzap8%2FmM4xtmoGlzODCr1lthFW%2B0IGw%2FnJ9JoH%2F%2FtWuyuc9uJuTom37dnO9J7wtZatU7NT2LitqiO1yVAp1dAHl7g01wew%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cf-ray: 6b19ae661e4259dd-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H2 200 store Show response
www.rechannelapi.com/api/telemetry/ Frame 3107 41 B
157 B 206ms
206ms XHR
application/json 104.18.16.170
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rechannelapi.com/api/telemetry/store
Requested by: Host: www.rechannelapi.com
URL: https://www.rechannelapi.com/js/media.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.16.170 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 350061cfa8a8ab84d156d446b7352700659ae50bdd43e3570426e411d0721d0a

Request headers

Referer: https://www.rechannelapi.com/media.html
X-Domain-For-Test: www.rubyfortune.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 21 Nov 2021 11:47:05 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/json; charset=utf-8
x-correlation-id: b9d897c3-6f30-44c1-860b-06008e71bf1a
cf-ray: 6b19ae676c0335d7-MAN

GET
H2 200 css
fonts.googleapis.com/ Frame 6491 5 KB
1 KB 42ms
17ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700&display=swap

Requested by

Host: pop.rubyfortune.com
URL: https://pop.rubyfortune.com/blockpop/rubyfortune/?promoid=451&s=RFTYPEINTRAFFIC&a=RFTYPEINTRAFFIC&SessionVisitId=ea8bf5f7-e152-4370-9519-409b4556b3f1&ul=DE&country=DE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

62bd7091eeb23e4141a0eb78186579f42b66d1ed8508e0e65bfe3675fc27fce6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pop.rubyfortune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 21 Nov 2021 10:21:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 21 Nov 2021 11:47:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 21 Nov 2021 11:47:06 GMT

GET
H3 200 slick.css
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ Frame 6491 2 KB
1 KB 58ms
33ms Stylesheet
text/css 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pop.rubyfortune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:47:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2300414
x-jsd-version: 1.8.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19162-FRA, cache-mxp6924-MXP
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"6f0-qUoFmzF4tK3sCeMoGs4oGaMAlaQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6b19ae6acdd50e02-MXP

GET
H2 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ Frame 6491 70 KB
5 KB 75ms
26ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pop.rubyfortune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:47:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 388007
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4216
timing-allow-origin: *
last-modified: Mon, 07 Sep 2020 12:33:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f5628a2-11846"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A4N0A95fBB4CdQcVZtsXR7R4qfBNx1K%2FPNM0xIPyNSDHemgK%2B3DAEzUjM84cVtArqKLmDWAlET9RMq%2FeRZJ%2Biq7UjSDJMChzQz67NHX9io3p1rLgG2wCuvxAtWy%2F7%2BLcbwTsNCFitzcWT%2FfjaPhkJzoT"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b19ae6afe150f56-MXP
expires: Fri, 11 Nov 2022 11:47:06 GMT

GET
H2 200 style.css
pop.rubyfortune.com/Content/css/app/ Frame 6491 57 KB
13 KB 154ms
151ms Stylesheet
text/css 104.18.89.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pop.rubyfortune.com/Content/css/app/style.css
Requested by: Host: pop.rubyfortune.com
URL: https://pop.rubyfortune.com/blockpop/rubyfortune/?promoid=451&s=RFTYPEINTRAFFIC&a=RFTYPEINTRAFFIC&SessionVisitId=ea8bf5f7-e152-4370-9519-409b4556b3f1&ul=DE&country=DE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.89.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5c032c81a410541f7bae764f0447d0b4d5662388049bbf406ad12c0e36612a05

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pop.rubyfortune.com/blockpop/rubyfortune/?promoid=451&s=RFTYPEINTRAFFIC&a=RFTYPEINTRAFFIC&SessionVisitId=ea8bf5f7-e152-4370-9519-409b4556b3f1&ul=DE&country=DE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:47:06 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 02 Nov 2021 10:24:02 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: "0d5fc1d3cfd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6b19ae6abce9360d-MAN
content-length: 13172
expires: Sun, 21 Nov 2021 15:47:06 GMT

GET
H2 200 ie-styles.css
pop.rubyfortune.com/Content/css/app/ Frame 6491 4 KB
1 KB 146ms
143ms Stylesheet
text/css 104.18.89.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pop.rubyfortune.com/Content/css/app/ie-styles.css
Requested by: Host: pop.rubyfortune.com
URL: https://pop.rubyfortune.com/blockpop/rubyfortune/?promoid=451&s=RFTYPEINTRAFFIC&a=RFTYPEINTRAFFIC&SessionVisitId=ea8bf5f7-e152-4370-9519-409b4556b3f1&ul=DE&country=DE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.89.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e72b6cc1476a6b1cfba289f00e0161591c3db4bb3c208b8fc808c4041e9dff18

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pop.rubyfortune.com/blockpop/rubyfortune/?promoid=451&s=RFTYPEINTRAFFIC&a=RFTYPEINTRAFFIC&SessionVisitId=ea8bf5f7-e152-4370-9519-409b4556b3f1&ul=DE&country=DE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:47:06 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 02 Nov 2021 10:24:02 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: "0d5fc1d3cfd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6b19ae6abcf0360d-MAN
content-length: 1282
expires: Sun, 21 Nov 2021 15:47:06 GMT

GET
H2 200 styles.css
pop.rubyfortune.com/App_Themes/RFC/css/ Frame 6491 1 KB
573 B 153ms
151ms Stylesheet
text/css 104.18.89.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pop.rubyfortune.com/App_Themes/RFC/css/styles.css
Requested by: Host: pop.rubyfortune.com
URL: https://pop.rubyfortune.com/blockpop/rubyfortune/?promoid=451&s=RFTYPEINTRAFFIC&a=RFTYPEINTRAFFIC&SessionVisitId=ea8bf5f7-e152-4370-9519-409b4556b3f1&ul=DE&country=DE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.89.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 461f27cde0212c610b6de2ed6d441b8838aa154e8c4a60cb62c96184b8b5ca74

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pop.rubyfortune.com/blockpop/rubyfortune/?promoid=451&s=RFTYPEINTRAFFIC&a=RFTYPEINTRAFFIC&SessionVisitId=ea8bf5f7-e152-4370-9519-409b4556b3f1&ul=DE&country=DE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:47:06 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 02 Nov 2021 10:24:01 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: "8076c6c0d3cfd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6b19ae6abcf6360d-MAN
content-length: 469
expires: Sun, 21 Nov 2021 15:47:06 GMT

GET
H2 200 modernizr Show response
pop.rubyfortune.com/bundles/ Frame 6491 22 KB
10 KB 156ms
154ms Script
text/javascript 104.18.89.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pop.rubyfortune.com/bundles/modernizr?v=w9fZKPSiHtN4N4FRqV7jn-3kGoQY5hHpkwFv5TfMrus1
Requested by: Host: pop.rubyfortune.com
URL: https://pop.rubyfortune.com/blockpop/rubyfortune/?promoid=451&s=RFTYPEINTRAFFIC&a=RFTYPEINTRAFFIC&SessionVisitId=ea8bf5f7-e152-4370-9519-409b4556b3f1&ul=DE&country=DE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.89.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4a87e4d5a949776e0197b33dbb1806748cacda1aa2afb4c2bbd7da8e6aa71fe8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pop.rubyfortune.com/blockpop/rubyfortune/?promoid=451&s=RFTYPEINTRAFFIC&a=RFTYPEINTRAFFIC&SessionVisitId=ea8bf5f7-e152-4370-9519-409b4556b3f1&ul=DE&country=DE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:47:06 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Sun, 21 Nov 2021 11:47:06 GMT
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public
cf-ray: 6b19ae6abcfa360d-MAN
content-length: 10121
expires: Mon, 21 Nov 2022 11:47:06 GMT

GET
H2 200 rfc-logo.png
tpg.lobbycontent.com/media/ Frame 6491 5 KB
6 KB 281ms
208ms Image
image/png 2606:4700:20::681a:ec3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpg.lobbycontent.com/media/rfc-logo.png
Requested by: Host: pop.rubyfortune.com
URL: https://pop.rubyfortune.com/blockpop/rubyfortune/?promoid=451&s=RFTYPEINTRAFFIC&a=RFTYPEINTRAFFIC&SessionVisitId=ea8bf5f7-e152-4370-9519-409b4556b3f1&ul=DE&country=DE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 49d3683f083ed5cd7afc00862edc7e2c8cf15e837d20faad01e6a3001836c4ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pop.rubyfortune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:47:06 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
content-length: 5483
last-modified: Wed, 10 Oct 2018 13:52:38 GMT
server: cloudflare
etag: "be87d481a060d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2FDPhwEhcxfZFmtvOfpbyrr2ZfMcBjU%2ByA%2BdaB7u56UBFwosyUboyba1l6ufLD7N%2FJqNvkOZQPdPjfBQ6c8dOXqOd3MiI2XLdUueDO6ii%2FEhBXfG0SpzPCjEl2xlnj6BDZBnP2yVstLABLgWhO%2BHvh31"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 6b19ae6ca8fd5a07-MXP

GET
H2 200 betway-dark.png
bre.lobbycontent.com/media/ Frame 6491 1 KB
2 KB 257ms
198ms Image
image/png 2606:4700:20::681a:fc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bre.lobbycontent.com/media/betway-dark.png
Requested by: Host: pop.rubyfortune.com
URL: https://pop.rubyfortune.com/blockpop/rubyfortune/?promoid=451&s=RFTYPEINTRAFFIC&a=RFTYPEINTRAFFIC&SessionVisitId=ea8bf5f7-e152-4370-9519-409b4556b3f1&ul=DE&country=DE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5bea3e95cb39e2f8575d1974667e9ae7ad3030f02f7b77f404d6a0b4d7da0a8d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pop.rubyfortune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:47:06 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
content-length: 1445
last-modified: Fri, 28 May 2021 14:16:51 GMT
server: cloudflare
etag: "dd6a581acc53d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HGcR5dRgQm5XADFBVUE1H5PKb6N67vjIRdL27ce0YvwJy%2BphDk%2BwQOud2cZ2mfKwxk%2BkFsiQZt8pjtebUAAuJxij8Zbh3omeiWFmVye6MJ0M5NFuT18N8MuwcD%2BHaMIuwIc8HuL91vFXgFFEKB4J7vdv"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 6b19ae6c89343757-MXP

GET
H2 200 chat-bubble-icon.png
pop.rubyfortune.com/Content/img/ Frame 6491 474 B
545 B 145ms
144ms Image
image/png 104.18.89.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pop.rubyfortune.com/Content/img/chat-bubble-icon.png
Requested by: Host: pop.rubyfortune.com
URL: https://pop.rubyfortune.com/blockpop/rubyfortune/?promoid=451&s=RFTYPEINTRAFFIC&a=RFTYPEINTRAFFIC&SessionVisitId=ea8bf5f7-e152-4370-9519-409b4556b3f1&ul=DE&country=DE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.89.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 70c717d2a680c2302392f7ddd82f928137dcbc3200e35b36a681620adfcd1a56

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pop.rubyfortune.com/blockpop/rubyfortune/?promoid=451&s=RFTYPEINTRAFFIC&a=RFTYPEINTRAFFIC&SessionVisitId=ea8bf5f7-e152-4370-9519-409b4556b3f1&ul=DE&country=DE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:47:06 GMT
cf-cache-status: MISS
last-modified: Tue, 02 Nov 2021 10:24:02 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: "0d5fc1d3cfd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6b19ae6c4f47360d-MAN
content-length: 474
expires: Sun, 21 Nov 2021 15:47:06 GMT

GET
H2 200 jquery Show response
pop.rubyfortune.com/bundles/ Frame 6491 86 KB
39 KB 151ms
149ms Script
text/javascript 104.18.89.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pop.rubyfortune.com/bundles/jquery?v=8Oos0avDZyPg-cbyVzvkIfERIE1DGSe3sRQdCSYrgEQ1
Requested by: Host: pop.rubyfortune.com
URL: https://pop.rubyfortune.com/blockpop/rubyfortune/?promoid=451&s=RFTYPEINTRAFFIC&a=RFTYPEINTRAFFIC&SessionVisitId=ea8bf5f7-e152-4370-9519-409b4556b3f1&ul=DE&country=DE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.89.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c6c9c55306e0cc0fbd50b3488121de96630e66f6744a6538e97e982d64144889

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pop.rubyfortune.com/blockpop/rubyfortune/?promoid=451&s=RFTYPEINTRAFFIC&a=RFTYPEINTRAFFIC&SessionVisitId=ea8bf5f7-e152-4370-9519-409b4556b3f1&ul=DE&country=DE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:47:06 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Sun, 21 Nov 2021 11:47:06 GMT
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public
cf-ray: 6b19ae6bae52360d-MAN
content-length: 40204
expires: Mon, 21 Nov 2022 11:47:06 GMT

GET
H2 200 jqueryval Show response
pop.rubyfortune.com/bundles/ Frame 6491 31 KB
13 KB 167ms
166ms Script
text/javascript 104.18.89.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pop.rubyfortune.com/bundles/jqueryval?v=S0zjY_C9SrWh_jAKguTKrt0UAVoLX4jD0DmtC1N35rA1
Requested by: Host: pop.rubyfortune.com
URL: https://pop.rubyfortune.com/blockpop/rubyfortune/?promoid=451&s=RFTYPEINTRAFFIC&a=RFTYPEINTRAFFIC&SessionVisitId=ea8bf5f7-e152-4370-9519-409b4556b3f1&ul=DE&country=DE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.89.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4875ead57cd30a8a91299fd3f632dae8e85436e269d2c38109b8b5484e92b4e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pop.rubyfortune.com/blockpop/rubyfortune/?promoid=451&s=RFTYPEINTRAFFIC&a=RFTYPEINTRAFFIC&SessionVisitId=ea8bf5f7-e152-4370-9519-409b4556b3f1&ul=DE&country=DE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:47:06 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Sun, 21 Nov 2021 11:47:06 GMT
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public
cf-ray: 6b19ae6c1f05360d-MAN
content-length: 12791
expires: Mon, 21 Nov 2022 11:47:06 GMT

GET
H2 200 js Show response
pop.rubyfortune.com/bundles/ Frame 6491 2 KB
1 KB 150ms
146ms Script
text/javascript 104.18.89.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pop.rubyfortune.com/bundles/js?v=gNz96SJqFQ8P7NxYjni8ihyYXiM7yDxN_FW0C0GsdcE1
Requested by: Host: pop.rubyfortune.com
URL: https://pop.rubyfortune.com/blockpop/rubyfortune/?promoid=451&s=RFTYPEINTRAFFIC&a=RFTYPEINTRAFFIC&SessionVisitId=ea8bf5f7-e152-4370-9519-409b4556b3f1&ul=DE&country=DE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.89.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a6e35dfe121b122df692a4cc82a3f2286e6936b9314e2e4da6d5d978e183cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pop.rubyfortune.com/blockpop/rubyfortune/?promoid=451&s=RFTYPEINTRAFFIC&a=RFTYPEINTRAFFIC&SessionVisitId=ea8bf5f7-e152-4370-9519-409b4556b3f1&ul=DE&country=DE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:47:06 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Sun, 21 Nov 2021 11:47:06 GMT
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public
cf-ray: 6b19ae6c3f27360d-MAN
content-length: 1188
expires: Mon, 21 Nov 2022 11:47:06 GMT

GET
H2 200 countdown.js Show response
pop.rubyfortune.com/dist/ Frame 6491 2 KB
817 B 142ms
139ms Script
application/javascript 104.18.89.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pop.rubyfortune.com/dist/countdown.js
Requested by: Host: pop.rubyfortune.com
URL: https://pop.rubyfortune.com/blockpop/rubyfortune/?promoid=451&s=RFTYPEINTRAFFIC&a=RFTYPEINTRAFFIC&SessionVisitId=ea8bf5f7-e152-4370-9519-409b4556b3f1&ul=DE&country=DE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.89.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 24fad4440a5df8d52c68b82af13035865fe5b4d6c5887b28ae9442ff235ed020

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pop.rubyfortune.com/blockpop/rubyfortune/?promoid=451&s=RFTYPEINTRAFFIC&a=RFTYPEINTRAFFIC&SessionVisitId=ea8bf5f7-e152-4370-9519-409b4556b3f1&ul=DE&country=DE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:47:06 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 02 Nov 2021 10:24:03 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: "80a3f7c1d3cfd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6b19ae6c3f30360d-MAN
content-length: 680
expires: Sun, 21 Nov 2021 15:47:06 GMT

GET
H2 200 jquery.min.js Show response
pop.rubyfortune.com/Content/js/vendor/ Frame 6491 85 KB
38 KB 170ms
167ms Script
application/javascript 104.18.89.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pop.rubyfortune.com/Content/js/vendor/jquery.min.js
Requested by: Host: pop.rubyfortune.com
URL: https://pop.rubyfortune.com/blockpop/rubyfortune/?promoid=451&s=RFTYPEINTRAFFIC&a=RFTYPEINTRAFFIC&SessionVisitId=ea8bf5f7-e152-4370-9519-409b4556b3f1&ul=DE&country=DE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.89.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pop.rubyfortune.com/blockpop/rubyfortune/?promoid=451&s=RFTYPEINTRAFFIC&a=RFTYPEINTRAFFIC&SessionVisitId=ea8bf5f7-e152-4370-9519-409b4556b3f1&ul=DE&country=DE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:47:06 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 02 Nov 2021 10:24:02 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: "0d5fc1d3cfd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6b19ae6c3f36360d-MAN
content-length: 38876
expires: Sun, 21 Nov 2021 15:47:06 GMT

GET
H2 200 slick.min.js Show response
pop.rubyfortune.com/Content/js/vendor/ Frame 6491 42 KB
14 KB 150ms
147ms Script
application/javascript 104.18.89.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pop.rubyfortune.com/Content/js/vendor/slick.min.js
Requested by: Host: pop.rubyfortune.com
URL: https://pop.rubyfortune.com/blockpop/rubyfortune/?promoid=451&s=RFTYPEINTRAFFIC&a=RFTYPEINTRAFFIC&SessionVisitId=ea8bf5f7-e152-4370-9519-409b4556b3f1&ul=DE&country=DE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.89.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pop.rubyfortune.com/blockpop/rubyfortune/?promoid=451&s=RFTYPEINTRAFFIC&a=RFTYPEINTRAFFIC&SessionVisitId=ea8bf5f7-e152-4370-9519-409b4556b3f1&ul=DE&country=DE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:47:06 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 02 Nov 2021 10:24:02 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: "0d5fc1d3cfd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6b19ae6c4f3a360d-MAN
content-length: 14341
expires: Sun, 21 Nov 2021 15:47:06 GMT

GET
H2 200 slick-init.js Show response
pop.rubyfortune.com/Content/js/ Frame 6491 2 KB
661 B 176ms
175ms Script
application/javascript 104.18.89.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pop.rubyfortune.com/Content/js/slick-init.js
Requested by: Host: pop.rubyfortune.com
URL: https://pop.rubyfortune.com/blockpop/rubyfortune/?promoid=451&s=RFTYPEINTRAFFIC&a=RFTYPEINTRAFFIC&SessionVisitId=ea8bf5f7-e152-4370-9519-409b4556b3f1&ul=DE&country=DE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.89.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b1b6cfa8862c9063860e07cc19b0d0578f781406383bbe9777134efe7810f8f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pop.rubyfortune.com/blockpop/rubyfortune/?promoid=451&s=RFTYPEINTRAFFIC&a=RFTYPEINTRAFFIC&SessionVisitId=ea8bf5f7-e152-4370-9519-409b4556b3f1&ul=DE&country=DE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:47:06 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 02 Nov 2021 10:24:02 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: "0d5fc1d3cfd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6b19ae6d18aa360d-MAN
content-length: 596
expires: Sun, 21 Nov 2021 15:47:06 GMT

GET
H2 200 custom-validations.js Show response
pop.rubyfortune.com/Content/js/ Frame 6491 4 KB
1 KB 160ms
159ms Script
application/javascript 104.18.89.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pop.rubyfortune.com/Content/js/custom-validations.js
Requested by: Host: pop.rubyfortune.com
URL: https://pop.rubyfortune.com/blockpop/rubyfortune/?promoid=451&s=RFTYPEINTRAFFIC&a=RFTYPEINTRAFFIC&SessionVisitId=ea8bf5f7-e152-4370-9519-409b4556b3f1&ul=DE&country=DE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.89.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: aabf71375805a509e7febd3e376ace8abf8ef8db6c6192e885a399cb04e82afe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pop.rubyfortune.com/blockpop/rubyfortune/?promoid=451&s=RFTYPEINTRAFFIC&a=RFTYPEINTRAFFIC&SessionVisitId=ea8bf5f7-e152-4370-9519-409b4556b3f1&ul=DE&country=DE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:47:06 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 02 Nov 2021 10:24:02 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: "0d5fc1d3cfd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6b19ae6d28b2360d-MAN
content-length: 1422
expires: Sun, 21 Nov 2021 15:47:06 GMT

GET
H2 200 app.js Show response
pop.rubyfortune.com/dist/ Frame 6491 4 KB
2 KB 164ms
163ms Script
application/javascript 104.18.89.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pop.rubyfortune.com/dist/app.js
Requested by: Host: pop.rubyfortune.com
URL: https://pop.rubyfortune.com/blockpop/rubyfortune/?promoid=451&s=RFTYPEINTRAFFIC&a=RFTYPEINTRAFFIC&SessionVisitId=ea8bf5f7-e152-4370-9519-409b4556b3f1&ul=DE&country=DE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.89.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d04d3cd719057da5be1b06a0c8e2569a76fefc17f9a8cc284f978d8625156747

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pop.rubyfortune.com/blockpop/rubyfortune/?promoid=451&s=RFTYPEINTRAFFIC&a=RFTYPEINTRAFFIC&SessionVisitId=ea8bf5f7-e152-4370-9519-409b4556b3f1&ul=DE&country=DE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:47:06 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 02 Nov 2021 10:24:03 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: "80a3f7c1d3cfd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6b19ae6d28be360d-MAN
content-length: 1558
expires: Sun, 21 Nov 2021 15:47:06 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 6491 131 KB
45 KB 48ms
26ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5J6WJHS

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6b8f77d9c9a792a421cd9a03589f73e70f946f5645b2ce23c170071acd7b8992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pop.rubyfortune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:47:06 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45748
x-xss-protection: 0
last-modified: Sun, 21 Nov 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 21 Nov 2021 11:47:06 GMT

GET
H2 200 p.css
p.typekit.net/ Frame 6491 5 B
162 B 66ms
23ms Stylesheet
text/css 2a02:26f0:6c00:28d::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=ivl2jty&ht=tk&f=7986.7988&a=15841957&app=typekit&e=css
Requested by: Host: pop.rubyfortune.com
URL: https://pop.rubyfortune.com/Content/css/app/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28d::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pop.rubyfortune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:47:06 GMT
last-modified: Thu, 05 Nov 2020 13:49:42 GMT
server: nginx
etag: "5fa402f6-5"
content-type: text/css
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H3 200 css
fonts.googleapis.com/ Frame 6491 4 KB
633 B 41ms
24ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,900&display=swap

Requested by

Host: pop.rubyfortune.com
URL: https://pop.rubyfortune.com/Content/css/app/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

68caa4b24ba360d11a24204fa9888792cf475760633ee4b2c88046004d4b13c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pop.rubyfortune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 21 Nov 2021 10:06:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 21 Nov 2021 11:47:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 21 Nov 2021 11:47:06 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ Frame 6491 44 KB
44 KB 41ms
14ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pop.rubyfortune.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:52:02 GMT
x-content-type-options: nosniff
age: 165304
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 19 Nov 2022 13:52:02 GMT

GET
H2 200 playnow-black.png
bre.lobbycontent.com/media/ Frame 6491 3 KB
4 KB 263ms
205ms Image
image/png 2606:4700:20::681a:fc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bre.lobbycontent.com/media/playnow-black.png
Requested by: Host: pop.rubyfortune.com
URL: https://pop.rubyfortune.com/blockpop/rubyfortune/?promoid=451&s=RFTYPEINTRAFFIC&a=RFTYPEINTRAFFIC&SessionVisitId=ea8bf5f7-e152-4370-9519-409b4556b3f1&ul=DE&country=DE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b74cb5140e29277136f067fd09e1e299d1fed12c92dad80300b7ada1ad177191

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pop.rubyfortune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 11:47:06 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
content-length: 3521
last-modified: Fri, 28 May 2021 11:31:41 GMT
server: cloudflare
etag: "e7c2c27b553d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jKIvdpX6F0F9xIH%2BlyA4ChZYcr67Mvu6Kxef26D90BR85aFaTtVyKbNJKCbdbw9y6t2nQnNuEnPpDzMNK%2F9WM8FpUW2LkJ1Exj%2BlF6kuAYeQzisUKeCO2bE35s89XMGa0PTmHtXgovhna2TfSGxgMKE%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 6b19ae6c89353757-MXP

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 6491 49 KB
20 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5J6WJHS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pop.rubyfortune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2759
date: Sun, 21 Nov 2021 11:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 21 Nov 2021 13:01:07 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame 6491 35 B
55 B 8ms
8ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=674675363&t=pageview&_s=1&dl=https%3A%2F%2Fpop.rubyfortune.com%2Fblockpop%2Frubyfortune%2F%3Fpromoid%3D451%26s%3DRFTYPEINTRAFFIC%26a%3DRFTYPEINTRAFFIC%26SessionVisitId%3Dea8bf5f7-e152-4370-9519-409b4556b3f1%26ul%3DDE%26country%3DDE&dr=https%3A%2F%2Fwww.rubyfortune.com%2F&dp=%2Fblockpop%2Frubyfortune&ul=en-us&de=UTF-8&dt=Ruby%20Fortune&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAEAB~&jid=&gjid=&cid=516238194.1637495225&tid=UA-46028713-14&_gid=1628934500.1637495225&gtm=2wgba15J6WJHS&cd51=pop_blocked&cd58=de&cd61=No%20Visit%20Data%20Found&cd68=null&cd70=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.45%20Safari%2F537.36&cd73=2021-11-21T11%3A47%3A06.335%2B00%3A00&cd74=promoid%3D451%26s%3DRFTYPEINTRAFFIC%26a%3DRFTYPEINTRAFFIC%26SessionVisitId%3Dea8bf5f7-e152-4370-9519-409b4556b3f1%26ul%3DDE%26country%3DDE&cd75=&cd83=RFTYPEINTRAFFIC&cd84=RFTYPEINTRAFFIC&cd85=No%20Visit%20Data%20Found&cd86=RFC&cd91=pop_blocked&cd97=pops%20for%20ruby%20fortune&cd98=mlt%2Fmit&cd62=516238194.1637495225&z=423126431

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pop.rubyfortune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Nov 2021 16:36:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 69027
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

123 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rubyfortune.com/	1970-01-19 22:51:37	Name: __cf_bm Value: jT4dAtD.FNTF4i3qyQGYfj8eDSlhUBFCHngZAVNVe0E-1637495220-0-AXox4PNxqzy3oHlbeA2/HeCOGVr5v7kTi1VoAwAnWdGZ3qmjRiYA9/m6GPwR/Jp3Mxc+e0YM1YGnD4Js1eWZHNYZvj1Z4bmFRBb1b3o/9V+Y
.rubyfortune.com/	1969-12-31 23:59:59	Name: Visit Value: visitId%3dea8bf5f7-e152-4370-9519-409b4556b3f1%26a%3dRFTYPEINTRAFFIC%26b%3d%26eventId%3dRFTYPEINTRAFFIC%26promoId%3d451%26s%3dRFTYPEINTRAFFIC
.www.rubyfortune.com/	1969-12-31 23:59:59	Name: GA-Details Value: null
www.rubyfortune.com/	1970-01-20 07:37:11	Name: LanguageDetectionCompleted Value: true
www.rubyfortune.com/	1970-01-20 07:37:11	Name: CMSPreferredCulture Value: de-DE
www.rubyfortune.com/	1969-12-31 23:59:59	Name: CMSCsrfCookie Value: I029Dbg6RrtdNuZooJd1Skk+r8TSiA2kIMLIHuRA
www.rubyfortune.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: jt4gj4g1zqhofglvfh0qnqf2
.rechannelapi.com/	1970-01-19 22:51:37	Name: __cf_bm Value: j61uJ_crOEkF1lxOyX_U2iv1ye7jTNyuADZ9Koga9W4-1637495224-0-AYRCnFOkJbbJuRZ9j9Cx7H72VCfL1hgcy7CI0lKAvCkLstwpqURgjDTMILSlVi4xEZ5p4eamSWYfCklvTxzTBNV51liH7PIdec1s6QFJE7Ru
.rubyfortune.com/	1969-12-31 23:59:59	Name: DeviceFingerprint Value: MCx1bmRlZmluZWRDaHJvbWUgUERGIFBsdWdpbixDaHJvbWUgUERGIFZpZXdlcixOYXRpdmUgQ2xpZW50LCx1bmRlZmluZWRhcHBsaWNhdGlvbi9wZGYsYXBwbGljYXRpb24veC1nb29nbGUtY2hyb21lLXBkZixhcHBsaWNhdGlvbi94LW5hY2wsYXBwbGljYXRpb24veC1wbmFjbCwsZmFsc2UsMCxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTYuMC40NjY0LjQ1IFNhZmFyaS81MzcuMzYsZW4tVVMsZW4sOCw0LExpbnV4IHg4Nl82NCw2NzIwMCxzcmdiLE5vbmUsLHRydWUsLGZhbHNlLDAsTGludXggeDg2XzY0LGZhbHNlLHRydWUsMTIzLGNocm9tZSxmYWxzZSxmYWxzZSxmYWxzZSxmYWxzZSx0cnVlLGZhbHNlLEludGVsIElyaXMgT3BlbkdMIEVuZ2luZSwtMjI4ODY5MTAyLDdlM2M0MjdjNTUxOWEyYWM4YTg5NzE3NjY2ZjBmYTRhMjgzNzY4OTE0OWJmMWNlMTAxMTMzZWY1YjRiMjA1NWIsY3Vyc2l2ZSxtb25vc3BhY2Usc2VyaWYsc2Fucy1zZXJpZixmYW50YXN5LGRlZmF1bHQsQXJpYWwsQXJpYWwgQmxhY2ssQXJpYWwgTmFycm93LEFyaWFsIFJvdW5kZWQgTVQgQm9sZCxCb29rIEFudGlxdWEsQm9va21hbiBPbGQgU3R5bGUsQnJhZGxleSBIYW5kIElUQyxCb2RvbmkgTVQsQ2FsaWJyaSxDZW50dXJ5LENlbnR1cnkgR290aGljLENhc3VhbCxDb21pYyBTYW5zIE1TLENvbnNvbGFzLENvcHBlcnBsYXRlIEdvdGhpYyBCb2xkLENvdXJpZXIsQ291cmllciBOZXcsRW5nbGlzaCBUZXh0IE1ULEZlbGl4IFRpdGxpbmcsRnV0dXJhLEdhcmFtb25kLEdlbmV2YSxHZW9yZ2lhLEdlbnRpdW0sSGFldHRlbnNjaHdlaWxlcixIZWx2ZXRpY2EsSW1wYWN0LEpva2VybWFuLEtpbmcsS29vdGVuYXksTGF0aGEsTGliZXJhdGlvbiBTZXJpZixMdWNpZGEgQ29uc29sZSxMYWxpdCxMdWNpZGEgR3JhbmRlLE1hZ25ldG8sTWlzdHJhbCxNb2RlbmEsTW9ub3R5cGUgQ29yc2l2YSxNViBCb2xpLE9DUiBBIEV4dGVuZGVkLE9ueXgsUGFsYXRpbm8gTGlub3R5cGUsUGFweXJ1cyxQYXJjaG1lbnQsUGVyaWNsZXMsUGxheWJpbGwsU2Vnb2UgUHJpbnQsU2hydXRpLFRhaG9tYSxUZVgsVGltZXMsVGltZXMgTmV3IFJvbWFuLFRyZWJ1Y2hldCBNUyxWZXJkYW5hLFZlcm9uYSxzYW5zLXNlcmlmLXRoaW4sQVJOTyBQUk8sQWdlbmN5IEZCLEFyYWJpYyBUeXBlc2V0dGluZyxBcmlhbCBVbmljb2RlIE1TLEF2YW50R2FyZGUgQmsgQlQsQmFua0dvdGhpYyBNZCBCVCxCYXRhbmcsQml0c3RyZWFtIFZlcmEgU2FucyBNb25vLENhbGlicmksQ2VudHVyeSxDZW50dXJ5IEdvdGhpYyxDbGFyZW5kb24sRVVST1NUSUxFLEZyYW5rbGluIEdvdGhpYyxGdXR1cmEgQmsgQlQsRnV0dXJhIE1kIEJULEdPVEhBTSxHaWxsIFNhbnMsSEVMVixIYWV0dGVuc2Nod2VpbGVyLEhlbHZldGljYSBOZXVlLEh1bWFuc3Q1MjEgQlQsTGVlbGF3YWRlZSxMZXR0ZXIgR290aGljLExldmVuaW0gTVQsTHVjaWRhIEJyaWdodCxMdWNpZGEgU2FucyxNZW5sbyxNUyBNaW5jaG8sTVMgT3V0bG9vayxNUyBSZWZlcmVuY2UgU3BlY2lhbHR5LE1TIFVJIEdvdGhpYyxNVCBFeHRyYSxNWVJJQUQgUFJPLE1hcmxldHQsTWVpcnlvIFVJLE1pY3Jvc29mdCBVaWdodXIsTWluaW9uIFBybyxNb25vdHlwZSBDb3JzaXZhLFBNaW5nTGlVLFByaXN0aW5hLFNDUklQVElOQSxTZWdvZSBVSSBMaWdodCxTZXJpZmEsU2ltSGVpLFNtYWxsIEZvbnRzLFN0YWNjYXRvMjIyIEJULFRSQUpBTiBQUk8sVW5pdmVycyBDRSA1NSBNZWRpdW0sVnJpbmRhLGFjb3M6IDEuNDQ3MzU4ODY1ODI3ODUyMixhY29zaDogNzA5Ljg4OTM1NTgyMjcyNixhY29zaFBmOiAzNTUuMjkxMjUxNTAxNjQzLGFzaW46IDAuMTIzNDM3NDYwOTY3MDQ0MzUsYXNpbmg6IDAuODgxMzczNTg3MDE5NTQzLGFzaW5oUGY6IDAuODgxMzczNTg3MDE5NTQyOSxhdGFuaDogMC41NDkzMDYxNDQzMzQwNTQ4LGF0YW5oUGY6IDAuNTQ5MzA2MTQ0MzM0MDU0OCxhdGFuOiAwLjQ2MzY0NzYwOTAwMDgwNjEsc2luOiAwLjgxNzg4MTkxMjExNTkwODUsc2luaDogMS4xNzUyMDExOTM2NDM4MDE0LHNpbmhQZjogMi41MzQzNDIxMDc4NzMzMjQsY29zOiAtMC44MzkwNzE1MjkwMDk1Mzc3LGNvc2g6IDEuNTQzMDgwNjM0ODE1MjQzNyxjb3NoUGY6IDEuNTQzMDgwNjM0ODE1MjQzNyx0YW46IC0xLjQyMTQ0ODgyMzg3NDcyNDUsdGFuaDogMC43NjE1OTQxNTU5NTU3NjQ5LHRhbmhQZjogMC43NjE1OTQxNTU5NTU3NjQ5LGV4cDogMi43MTgyODE4Mjg0NTkwNDUsZXhwbTE6IDEuNzE4MjgxODI4NDU5MDQ1LGV4cG0xUGY6IDEuNzE4MjgxODI4NDU5MDQ1LGxvZzFwOiAyLjM5Nzg5NTI3Mjc5ODM3MDcsbG9nMXBQZjogMi4zOTc4OTUyNzI3OTgzNzA3LHBvd1BJOiAxLjkyNzU4MTQxNjA1NjAyMDRlLTUw
.rubyfortune.com/	1970-01-20 16:22:47	Name: _ga Value: GA1.2.516238194.1637495225
.rubyfortune.com/	1970-01-19 22:53:01	Name: _gid Value: GA1.2.1628934500.1637495225
.rubyfortune.com/	1970-01-19 22:51:35	Name: _gat_UA-46028713-14 Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bre.lobbycontent.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
dm.imagethumb.com
fonts.googleapis.com
fonts.gstatic.com
p.typekit.net
pop.rubyfortune.com
rubyfortune.com
stats.g.doubleclick.net
tpg.lobbycontent.com
www.clubonlinegaming.com
www.goluckynugget.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.luckyslotsnugget.com
www.rechannelapi.com
www.rubyfortune.com
www.spincasino.com
www.spingamespalace.com
104.18.16.170
104.18.171.226
104.18.89.101
185.31.220.156
2606:4700:20::681a:ec3
2606:4700:20::681a:fc3
2606:4700:20::ac43:4557
2606:4700:3032::6815:3366
2606:4700:3033::6815:29e6
2606:4700:3033::6815:4bce
2606:4700::6810:125e
2606:4700::6810:5714
2a00:1450:4001:808::2003
2a00:1450:4001:80e::2003
2a00:1450:4001:811::200a
2a00:1450:4001:828::2004
2a00:1450:4001:829::2008
2a00:1450:4001:82a::200e
2a00:1450:400c:c07::9d
2a02:26f0:6c00:28d::19fd
046950cf8c0971520a1dd22270bfe2c0314814aea7fa49ab0d2ad2c9597b8a97
0b157a85a5ff8d533c2850091a7f1e516ba0d326126c106fe143156efcdd6755
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0e043cedcf425272f6b4eba8af74f4d731f8f8da9334a1be02f1a34d18604c10
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1dc6d2d43514d1d8956877d1f2ef347cd5abdb8ecf8e47aba59d87b8a6da49bb
24fad4440a5df8d52c68b82af13035865fe5b4d6c5887b28ae9442ff235ed020
350061cfa8a8ab84d156d446b7352700659ae50bdd43e3570426e411d0721d0a
398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
40812f6fbe2244f3b749b1d7b73f5c2166c95e91db8febe82ce34e95c1a29c70
461f27cde0212c610b6de2ed6d441b8838aa154e8c4a60cb62c96184b8b5ca74
4875ead57cd30a8a91299fd3f632dae8e85436e269d2c38109b8b5484e92b4e6
49d3683f083ed5cd7afc00862edc7e2c8cf15e837d20faad01e6a3001836c4ec
4a87e4d5a949776e0197b33dbb1806748cacda1aa2afb4c2bbd7da8e6aa71fe8
588f97bb2abc9970e55b97498247b054823139e87e8c44e1fd22cb108b87593b
5953bbb53c110ec77851885b2a67d1f7093ff9dcd893a7a1331c3cd9bea72746
5bea3e95cb39e2f8575d1974667e9ae7ad3030f02f7b77f404d6a0b4d7da0a8d
5c032c81a410541f7bae764f0447d0b4d5662388049bbf406ad12c0e36612a05
5c8e3ad52167a2c84340a4576d0b7ee6274400796edfb232eef244a4f6c6d554
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
60234babe159bcce71bf84e13d48229da2513012608b8f7f7129e9b7f0081c5d
61290357f9802af6ac82887832d157b255dbc6beefd55216bc00f446efbea4f5
62bd7091eeb23e4141a0eb78186579f42b66d1ed8508e0e65bfe3675fc27fce6
64b6493631fb2fe6e8f5b1e7ee423aac2029f6a9ce2ae72d2b98a32009b4df1e
65a329b8b4afef1675f9e26b4ce4de5d5d36529c45d8a4d0f4137829c5e65bd6
66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c
68caa4b24ba360d11a24204fa9888792cf475760633ee4b2c88046004d4b13c3
6956df54356280da020ec11b587be5a4f24fbdfd0355d604856646a202781dae
6b8f77d9c9a792a421cd9a03589f73e70f946f5645b2ce23c170071acd7b8992
6d414a5c6d11d1e6fe24e49538dab9ef8bdc50b5ba373a8f50ccbd2f0f854979
70c717d2a680c2302392f7ddd82f928137dcbc3200e35b36a681620adfcd1a56
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
91fc06dfd3d7f3060d6148ec39e9f6adf5002614fb137a78d1ea67cb28e36db1
997540c1e9aa3e510f2b7a075e08b3b94ebdb3b350ede4aea039039a4b727e74
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a6e35dfe121b122df692a4cc82a3f2286e6936b9314e2e4da6d5d978e183cbd7
aabf71375805a509e7febd3e376ace8abf8ef8db6c6192e885a399cb04e82afe
b039bcb5c57eaa75a9c4ccc3193f5b06c4dc00599253467cb474dc9caa483526
b1b6cfa8862c9063860e07cc19b0d0578f781406383bbe9777134efe7810f8f4
b74cb5140e29277136f067fd09e1e299d1fed12c92dad80300b7ada1ad177191
c6c9c55306e0cc0fbd50b3488121de96630e66f6744a6538e97e982d64144889
cf9c3d272eff7ce5423c70ec0efc7afccadf453d16c3d3b219ea03f49568ef61
d04d3cd719057da5be1b06a0c8e2569a76fefc17f9a8cc284f978d8625156747
d5385b52dd2d581c03c3fcbeaaa1688e912fc7cd66ea49484e7f561509dae489
dc01ebf58a2be9acd3256d9c6ba04eb05c91243166cf61d87ce7e688e0518db0
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e47a42d5d5f19bdbeeeada6b2bbd6ee28e44ddbc24d7eae87a23d0c8852ad0a9
e6a23e6a3399b52a5576c28b2236b48953949793fc17f2c733d35b084d7a0085
e72b6cc1476a6b1cfba289f00e0161591c3db4bb3c208b8fc808c4041e9dff18
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f462f48000a98262e1408df9145f897f5f1a19f0fcf5a86d18196784faa1b12a
f5a967e3f0ea6446511b885e8151de75bb005a6509e15496dc2f78920674af6c

www.rubyfortune.com Open in urlscan Pro 104.18.89.101 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

64 Requests

100 %HTTPS

80 %IPv6

19 Domains

22 Subdomains

20 IPs

5 Countries

802 kBTransfer

1621 kBSize

12 Cookies

8 Outgoing links

Page URL History

Redirected requests

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.rubyfortune.com Open in urlscan Pro
104.18.89.101 Public Scan

Screenshot
Live screenshot

Full Image

64
Requests

100 %
HTTPS

80 %
IPv6

19
Domains

22
Subdomains

20
IPs

5
Countries

802 kB
Transfer

1621 kB
Size

12
Cookies

64 HTTP transactions
0 data transactions