ww11.saldobonus.info Open in urlscan Pro
2606:4700:3035::6815:3b18 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ww11.saldobonus.info/
Effective URL:
https://ww11.saldobonus.info/
Submission: On October 25 via api (October 25th 2023, 6:52:29 pm UTC) from US — Scanned from US

Summary HTTP 57 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 9 domains to perform 57 HTTP transactions. The main IP is 2606:4700:3035::6815:3b18, located in United States and belongs to CLOUDFLARENET, US. The main domain is ww11.saldobonus.info.
TLS certificate: Issued by GTS CA 1P5 on October 18th 2023. Valid for: 3 months.

This is the only time ww11.saldobonus.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3034::ac43:d3cd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
29	2606:4700:303... 2606:4700:3035::6815:3b18	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2607:f8b0:400... 2607:f8b0:4004:c17::84	15169 (GOOGLE) (GOOGLE)
1	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
2	104.20.219.77 104.20.219.77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4004:c1b::61	15169 (GOOGLE) (GOOGLE)
1	185.93.1.251 185.93.1.251	60068 (CDN77 ^_^) (CDN77 ^_^)
2	2a03:2880:f00... 2a03:2880:f003:c0e:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2607:f8b0:400... 2607:f8b0:4004:c06::66	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f10... 2a03:2880:f103:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
57	10

1 2606:4700:3034::ac43:d3cd (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ww11.saldobonus.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2606:4700:3035::6815:3b18 (United States)

ASN13335 (CLOUDFLARENET, US)

ww11.saldobonus.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2607:f8b0:4004:c17::84 (Washington, United States)

ASN15169 (GOOGLE, US)

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.20.219.77 (None, )

ASN13335 (CLOUDFLARENET, US)

www.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1b::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.93.1.251 (Chicago, United States)

ASN60068 (CDN77 ^_^, GB)
PTR: 185-93-1-251.bunnyinfra.net

fonts.bunny.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f003:c0e:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c06::66 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f103:83:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	saldobonus.info 1 redirects ww11.saldobonus.info	840 KB
15	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 11857	5 MB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	21 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 187	56 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	145 KB
2	statcounter.com www.statcounter.com — Cisco Umbrella Rank: 16179 c.statcounter.com — Cisco Umbrella Rank: 10381	15 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 116	185 B
1	bunny.net fonts.bunny.net — Cisco Umbrella Rank: 14060	1 KB
1	w.org s.w.org — Cisco Umbrella Rank: 2957	757 B
57	9

	Domain	Requested by
30	ww11.saldobonus.info	1 redirects ww11.saldobonus.info
15	blogger.googleusercontent.com	ww11.saldobonus.info
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	ww11.saldobonus.info connect.facebook.net
2	www.googletagmanager.com	ww11.saldobonus.info www.googletagmanager.com
1	www.facebook.com	ww11.saldobonus.info
1	c.statcounter.com	www.statcounter.com
1	fonts.bunny.net	ww11.saldobonus.info
1	www.statcounter.com	ww11.saldobonus.info
1	s.w.org	ww11.saldobonus.info
57	10

This site contains links to these domains. Also see Links.

Domain
rebrand.ly
bit.ly
buka.win
1.1.1.1
cepat.io
alternatif777.link
angk.at

Subject Issuer	Validity	Valid
saldobonus.info GTS CA 1P5	`2023-10-18` - `2024-01-16`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.w.org Sectigo ECC Domain Validation Secure Server CA	`2022-12-06` - `2024-01-06`	a year	crt.sh
statcounter.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-24` - `2023-12-24`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
fonts.bunny.net R3	`2023-10-16` - `2024-01-14`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-04` - `2023-11-02`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://ww11.saldobonus.info/
Frame ID: DE0F859F0B772B9454E6F155EF1F699C
Requests: 58 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Gamebonus - Info Freebet Bonus BetGratis Terbaru Setiap Hari

Page URL History Show full URLs

http://ww11.saldobonus.info/ HTTP 301
https://ww11.saldobonus.info/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Statcounter (Analytics) Expand

Overall confidence: 100%
Detected patterns

statcounter\.com/counter/counter

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

57
Requests

98 %
HTTPS

70 %
IPv6

9
Domains

10
Subdomains

10
IPs

2
Countries

5834 kB
Transfer

6894 kB
Size

7
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://rebrand.ly/dadubola88

Search URL Search Domain Scan URL

URL: https://bit.ly/45cMRbn

Search URL Search Domain Scan URL

URL: https://rebrand.ly/a10lsjm

Search URL Search Domain Scan URL

URL: https://bit.ly/3LLn5nY

Search URL Search Domain Scan URL

URL: https://rebrand.ly/sar88gacor

Search URL Search Domain Scan URL

URL: https://buka.win/GACOR88

Search URL Search Domain Scan URL

URL: https://buka.win/JITU77

Search URL Search Domain Scan URL

URL: https://rebrand.ly/gofreebet-1

Search URL Search Domain Scan URL

URL: https://1.1.1.1/
Title: Cloudflare Warp

Search URL Search Domain Scan URL

URL: https://bit.ly/46cSOqe

Search URL Search Domain Scan URL

URL: https://bit.ly/46tTU0w

Search URL Search Domain Scan URL

URL: https://cepat.io/indobonusmposport

Search URL Search Domain Scan URL

URL: https://alternatif777.link/indobonus

Search URL Search Domain Scan URL

URL: https://angk.at/bannerbozq

Search URL Search Domain Scan URL

URL: https://angk.at/indobnsmacan

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ww11.saldobonus.info/ HTTP 301
https://ww11.saldobonus.info/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

57 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ww11.saldobonus.info/
Redirect Chain

http://ww11.saldobonus.info/
https://ww11.saldobonus.info/

440 KB
75 KB

995ms
929ms

Document
text/html

2606:4700:3035::6815:3b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ww11.saldobonus.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3b18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.0.30
Resource Hash: 03630897efef3e01ed63e648d67e1e6f8eca1600f975dd35d05165d3e963a713

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81bca7f99fc49aef-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 25 Oct 2023 18:52:22 GMT
link: <https://ww11.saldobonus.info/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=POuwbCSS8FaDJZjn21Y2cHlvv4H6OF6Oj7ZCLPRkCLB2Wcrh3MUU0CCZwS2mYwIDH6AlCP5xtbbOIYR3Byr%2F8YgJmdFrcO3joZbh77X2bHoO9VlZ%2Foe1h%2F8GqfPFIO%2FmafwVRRJeVIZHg6i1twvUvmI%2BEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-litespeed-cache: hit
x-powered-by: PHP/8.0.30
x-turbo-charged-by: LiteSpeed

Redirect headers

CF-RAY: 81bca7f8fe3cdab1-MIA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Wed, 25 Oct 2023 18:52:21 GMT
Expires: Wed, 25 Oct 2023 19:52:21 GMT
Location: https://ww11.saldobonus.info/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c7p0AXLjmpvROClBKmxn0p3Y9KKCQYzBI9cPcKva93AcMY9%2B84Qqoen5QPeXp5jz54ucWZCNsJtxqAGnvXFrL%2BrTZW1UlCcuw2J6WeK2iLiquDA72QwYDo8WaRnGzTHSiWrOdfIjVG2jhxmv2j7QDQ2BlA%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 dashicons.min.css
ww11.saldobonus.info/wp-includes/css/ 58 KB
35 KB 42ms
40ms Stylesheet
text/css 2606:4700:3035::6815:3b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ww11.saldobonus.info/wp-includes/css/dashicons.min.css?ver=6.3.2
Requested by: Host: ww11.saldobonus.info
URL: https://ww11.saldobonus.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3b18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ww11.saldobonus.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:52:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 16 Apr 2021 00:46:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 45790
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xt%2BFy3EoBpKj1K%2FLGsUIwZIuFQrY3TBpQvzfZznpz7BD%2FddVMoggokgVhlpyFeQK2pVH7clj0ALxIvdotmsoQgfNxZzSm%2B0rkySCTrXVd2BdVmNIwtsQNOB%2FmdlZG2O3YSQZl7tqj%2F4iajC3bsACo%2B%2BAyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
cf-ray: 81bca8003d1e9aef-MIA
alt-svc: h3=":443"; ma=86400
expires: Wed, 01 Nov 2023 06:09:12 GMT

GET
H2 200 jquery.min.js Show response
ww11.saldobonus.info/wp-includes/js/jquery/ 85 KB
31 KB 48ms
46ms Script
application/javascript 2606:4700:3035::6815:3b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ww11.saldobonus.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Requested by: Host: ww11.saldobonus.info
URL: https://ww11.saldobonus.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3b18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ww11.saldobonus.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:52:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Aug 2023 16:44:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 45791
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ARwHpi7T8iVD7z7wSka%2F%2FKY2nnGW45o5A%2B0tGDPAvQHFKj8Mp%2Bu%2Bxslzk17V4vLhVLb9gL3RyDndfl2eYWydX7Tzz7qo18lP1I47UBX7lcbKuHVUN3NZ4YhbbjZq%2F%2BMsHEpgeWb7x89Bxcya4r%2BgbJIkAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
cf-ray: 81bca8003d219aef-MIA
alt-svc: h3=":443"; ma=86400
expires: Wed, 01 Nov 2023 06:09:10 GMT

GET
H2 200 jquery-migrate.min.js Show response
ww11.saldobonus.info/wp-includes/js/jquery/ 13 KB
5 KB 196ms
195ms Script
application/javascript 2606:4700:3035::6815:3b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ww11.saldobonus.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: ww11.saldobonus.info
URL: https://ww11.saldobonus.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3b18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ww11.saldobonus.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:52:22 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 09 Aug 2023 16:44:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1AFeA6JaW4hqgoZ%2BNaC3Ep8EkrSzzK7leHx8l548sOM1%2BJgNIEftFdXkmDp9PmIRtCJKLkRZCfOVdIghE55ctnrTW%2FAygPE5h7E2%2BnoGFe7Xfl7VJFPuDcQLt%2BmJ4gktpd8E0dWrbAy1gwkoZ%2F%2BlqXl9ZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
cf-ray: 81bca8003d239aef-MIA
alt-svc: h3=":443"; ma=86400
expires: Wed, 01 Nov 2023 18:52:22 GMT

GET
H2 200 hustle-icons-font.woff2
ww11.saldobonus.info/wp-content/plugins/wordpress-popup/assets/hustle-ui/fonts/ 6 KB
6 KB 44ms
42ms Font
font/woff2 2606:4700:3035::6815:3b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ww11.saldobonus.info/wp-content/plugins/wordpress-popup/assets/hustle-ui/fonts/hustle-icons-font.woff2
Requested by: Host: ww11.saldobonus.info
URL: https://ww11.saldobonus.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3b18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69f370353fef12fbaceef8e636067f722fec5761595ad354e6bcea5e07393f01

Request headers

Referer: https://ww11.saldobonus.info/
Origin: https://ww11.saldobonus.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:52:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 45791
alt-svc: h3=":443"; ma=86400
content-length: 6284
last-modified: Thu, 12 Oct 2023 16:21:12 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kMj8nUqZNhg1tqs6cJEEYlCi6glQGPEsLvYrba2bkiQhZiNpFB9bC1GpPW3Vsg6tbC%2FKs%2BNBufCx3sb8W%2FiJ%2FqvDrr9d9Pz07G7elYMm%2FGUpPHxMnOPs%2Fek5rPR8JT8q8qmqCDNP4HmfMruw%2FseJUpbAOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 81bca8003d249aef-MIA
expires: Wed, 01 Nov 2023 06:09:11 GMT

GET
H2 200 gamebonus.asia_.png
ww11.saldobonus.info/wp-content/uploads/2023/07/ 9 KB
9 KB 354ms
353ms Image
image/png 2606:4700:3035::6815:3b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ww11.saldobonus.info/wp-content/uploads/2023/07/gamebonus.asia_.png
Requested by: Host: ww11.saldobonus.info
URL: https://ww11.saldobonus.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3b18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1b1269be44fb4bb67f4f80242aa7795a04963e8794dba92ffe3bc6ddb33f5d3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ww11.saldobonus.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:52:22 GMT
cf-cache-status: MISS
last-modified: Wed, 12 Jul 2023 19:45:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5oA%2Fl3rz8K2KImg6Gx8%2FzLnvB%2FPLrpyP%2Ba7eO1l5gVBfQkNYq4s9S%2Frzu0hU8EjvtYy8hIcdmoSBATfjFr5UKcCojTecNY67OmH1Rw%2BCqp3jtmYQQnFWr3m46oRE7krLOvyQDxx9qM82hw1pxTcuow2sHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 81bca8003d299aef-MIA
alt-svc: h3=":443"; ma=86400
content-length: 8944
expires: Wed, 01 Nov 2023 18:52:22 GMT

GET
H2 200 daduemas88-ads.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhyko1ANNVrn3mkjmuzrQFoZofn2wHg5v6MinVlYWQveu5NYIyxCiBcEG5MXvX89ZuSREJmP7NZUrfBBCFGnuzZdh8rJKeqZ-vhGEjnMswg8tfVMFoqmIabr-PZiB-JJ8PpKI5EoUK8NLdc-HUk... 101 KB
101 KB 958ms
845ms Image
image/gif 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhyko1ANNVrn3mkjmuzrQFoZofn2wHg5v6MinVlYWQveu5NYIyxCiBcEG5MXvX89ZuSREJmP7NZUrfBBCFGnuzZdh8rJKeqZ-vhGEjnMswg8tfVMFoqmIabr-PZiB-JJ8PpKI5EoUK8NLdc-HUk_NfloesozeIRE8tgC5GNasoIgFBoOiQjvHZPPiFMCoSf/s1050/daduemas88-ads.gif

Requested by

Host: ww11.saldobonus.info
URL: https://ww11.saldobonus.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a4807d3c9351eb03f03185d306318d3506dc81a9b5ffe0e662cc726a4521c0bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ww11.saldobonus.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:52:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v59c"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="daduemas88-ads.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 103444
x-xss-protection: 0
expires: Thu, 26 Oct 2023 18:52:23 GMT

GET
H2 200 pete77.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjLdCF91DmFR5oOlFlLX2jLwXmaIiPt_fKvCBaAJnVcbMa_fLPNpRBWDRc57ekHZXoDsF6HIR05A0_9s5TF5VNBU__0TDom3xrBpdN4szwDn0BEmZXG4JXzHwZpr0CuzmuMRYMtCsweRmq-hjLp... 108 KB
108 KB 695ms
689ms Image
image/gif 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjLdCF91DmFR5oOlFlLX2jLwXmaIiPt_fKvCBaAJnVcbMa_fLPNpRBWDRc57ekHZXoDsF6HIR05A0_9s5TF5VNBU__0TDom3xrBpdN4szwDn0BEmZXG4JXzHwZpr0CuzmuMRYMtCsweRmq-hjLpc-g9zTmbl47ocLN1YInQvy8GcymKEvwUI3UmbZPvQ6PG/s1150/pete77.gif

Requested by

Host: ww11.saldobonus.info
URL: https://ww11.saldobonus.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

525627c24500b011c1906d775dacd98078bf5f041d663f3ba2720a3f222878cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ww11.saldobonus.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:52:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v5b5"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="pete77.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110129
x-xss-protection: 0
expires: Thu, 26 Oct 2023 18:52:23 GMT

GET
H2 200 LAPAK77.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgaNI_wQilQIK1oNJZMD2mAkTybAFxa82HPXr1SRzxZ4vWiaI1TZO1rUfudpDkU6F8SVj3P5EbqbPJyBvFIMTroi1VMrtlbG4P_tqv2mD2xjNf2idLH0SV_X0fvjptRbiuyhuIrOfUShPwvRG7J... 165 KB
165 KB 610ms
604ms Image
image/gif 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgaNI_wQilQIK1oNJZMD2mAkTybAFxa82HPXr1SRzxZ4vWiaI1TZO1rUfudpDkU6F8SVj3P5EbqbPJyBvFIMTroi1VMrtlbG4P_tqv2mD2xjNf2idLH0SV_X0fvjptRbiuyhuIrOfUShPwvRG7JM6rZYF4H1c4uHmvx25_0hY-Q45-FDHDqQjGHmXZG9inz/s1050/LAPAK77.gif

Requested by

Host: ww11.saldobonus.info
URL: https://ww11.saldobonus.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

28142709f6433eb46fea341fc6918ba757ddda174c1e08ae1928cc17f8857c16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ww11.saldobonus.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:52:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v597"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="LAPAK77.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168966
x-xss-protection: 0
expires: Thu, 26 Oct 2023 18:52:23 GMT

GET
H2 200 warungslot.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj2gEOKZM-nu9XyFWLY21r9zJhdr13_jLRqJVU4_J4_PTDlrGVvGntNP0yKaIuQ0vn1EzlZfyzeFWc5mYLr0wZaOGe25O7W15xBd7jNuYo0xEReyOdhmYA7JFiYjHdd6H_wto9aQQNK3jbSxg5d... 132 KB
132 KB 752ms
746ms Image
image/gif 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj2gEOKZM-nu9XyFWLY21r9zJhdr13_jLRqJVU4_J4_PTDlrGVvGntNP0yKaIuQ0vn1EzlZfyzeFWc5mYLr0wZaOGe25O7W15xBd7jNuYo0xEReyOdhmYA7JFiYjHdd6H_wto9aQQNK3jbSxg5dmZZNvGd3r52rREaftqnUovCKl2GfkgMS-JVH5ytREvvu/s1150/warungslot.gif

Requested by

Host: ww11.saldobonus.info
URL: https://ww11.saldobonus.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7d805f0ad574ddc3a589025c043c156af29fc1023868da310774bde8388313a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ww11.saldobonus.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:52:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v5b3"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="warungslot.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135485
x-xss-protection: 0
expires: Thu, 26 Oct 2023 18:52:23 GMT

GET
H2 200 sar88.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEipmc8b-rMyDSodfVgqmSErpi1_bX_WtyvmZ5iN7BQlVkFabYwhShCP7w77mvG8L0vysD3cti6iOyvNiqHKHpPmKnV5wuZAXLKE_FWzeoqpCq7bXDurSTtXdbhBnCI-SWfYvGkVH-2U8-YONaJp... 47 KB
47 KB 791ms
786ms Image
image/gif 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEipmc8b-rMyDSodfVgqmSErpi1_bX_WtyvmZ5iN7BQlVkFabYwhShCP7w77mvG8L0vysD3cti6iOyvNiqHKHpPmKnV5wuZAXLKE_FWzeoqpCq7bXDurSTtXdbhBnCI-SWfYvGkVH-2U8-YONaJp4adKR1yu0SisVw09PIwoWiBYThTAEBVNQRHSHvC4NLJS/s1150/sar88.gif

Requested by

Host: ww11.saldobonus.info
URL: https://ww11.saldobonus.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

cc4d97df4e88d32e432905c78e5a247be13d5c3a48c56a563265a116a111cdda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ww11.saldobonus.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:52:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v11b"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="sar88.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48142
x-xss-protection: 0
expires: Thu, 26 Oct 2023 18:52:23 GMT

GET
H2 200 gacor88.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiS1ufRLEpPdQIgvG3tAC-2AS1b9lvr_piUGNmm2T6MXWGfTO_WplfEUymrIi3F01Di0TQGkiM1fXl8DPFZaWrc3wo2D0VXvRRSq32frYdnIMxnixeLWLh40aO1dM1IiP0Yhrk_sF7JgYY7OslX... 686 KB
686 KB 420ms
414ms Image
image/gif 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiS1ufRLEpPdQIgvG3tAC-2AS1b9lvr_piUGNmm2T6MXWGfTO_WplfEUymrIi3F01Di0TQGkiM1fXl8DPFZaWrc3wo2D0VXvRRSq32frYdnIMxnixeLWLh40aO1dM1IiP0Yhrk_sF7JgYY7OslX6B1xve-rL_BFYo9GTgJHLlzKDLPasecKDLUan42cFTCJ/s1150/gacor88.gif

Requested by

Host: ww11.saldobonus.info
URL: https://ww11.saldobonus.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7120f45f33c8c3f89f3fd5da4e2f2f4ff34cf6d1c125d793b22613c3c060a4bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ww11.saldobonus.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:52:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v582"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="gacor88.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 702053
x-xss-protection: 0
expires: Thu, 26 Oct 2023 18:52:23 GMT

GET
H2 200 jitu77.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhedgtJIpOAJySTT5cmi6Zr4pPoScDlI29Xt9ZYm0mpgOPuGoUEuumiYNG32wA0vc29yC2oU44IbZCr1g2A1d6VWb6FT-gAVQPMZ7s65mUzynoNqSqBhPxUOOt3A8CfHeE4l2aqEBX4EDEXdsAH... 560 KB
560 KB 670ms
665ms Image
image/gif 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhedgtJIpOAJySTT5cmi6Zr4pPoScDlI29Xt9ZYm0mpgOPuGoUEuumiYNG32wA0vc29yC2oU44IbZCr1g2A1d6VWb6FT-gAVQPMZ7s65mUzynoNqSqBhPxUOOt3A8CfHeE4l2aqEBX4EDEXdsAHnvlm0u0C57f_kdl31ZnyekFiKbQdMozX_Q0BnqlNppOM/s1150/jitu77.gif

Requested by

Host: ww11.saldobonus.info
URL: https://ww11.saldobonus.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d5cac8aa4a0d91b6008b4e2ef0a6c1351fabd0d427305d711e9a61ae6031e569

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ww11.saldobonus.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:52:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v583"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="jitu77.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 572928
x-xss-protection: 0
expires: Thu, 26 Oct 2023 18:52:23 GMT

GET
H2 200 dewagacor77.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiPLBiwniXV_RZJsXG4OqVlHOCOZI4MHVt0HG0Y3wPMitiHpXCYmbOXPXYtcgNT-JwRaVfi3dF2yK7ow29-tG3XN32o4v01Qr8rykW5xOTyhTNpHYI1VgGDAL58Thu4UfOBgN1PTTCBzvQOC5FR... 1 MB
1 MB 651ms
646ms Image
image/gif 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiPLBiwniXV_RZJsXG4OqVlHOCOZI4MHVt0HG0Y3wPMitiHpXCYmbOXPXYtcgNT-JwRaVfi3dF2yK7ow29-tG3XN32o4v01Qr8rykW5xOTyhTNpHYI1VgGDAL58Thu4UfOBgN1PTTCBzvQOC5FRzhagKDgaKtBrANkAj_cjMsMP8-6dshcsl3BNzK0SpLMy/s1150/dewagacor77.gif

Requested by

Host: ww11.saldobonus.info
URL: https://ww11.saldobonus.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b116f5518e9a58ecb4da0ae810a75f45d9ed51bcad85dcff4d77910a8cba599f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ww11.saldobonus.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:52:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v583"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="dewagacor77.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1326930
x-xss-protection: 0
expires: Thu, 26 Oct 2023 18:52:23 GMT

GET
H2 200 1f525.svg
s.w.org/images/core/emoji/14.0.0/svg/ 822 B
757 B 91ms
27ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f525.svg

Requested by

Host: ww11.saldobonus.info
URL: https://ww11.saldobonus.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

4fa646a4dbc10513ddeb70561789483638faf456e15186f4eb7291c5c455cbb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ww11.saldobonus.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-nc: HIT mia 2
date: Wed, 25 Oct 2023 18:52:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:43 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 SEKTORPLAY88-Freebet-Bonus-Saldo-20K-Gratis-Terbaru-Setiap-Hari-300x178.png
ww11.saldobonus.info/wp-content/uploads/2023/10/ 51 KB
51 KB 511ms
511ms Image
image/png 2606:4700:3035::6815:3b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ww11.saldobonus.info/wp-content/uploads/2023/10/SEKTORPLAY88-Freebet-Bonus-Saldo-20K-Gratis-Terbaru-Setiap-Hari-300x178.png
Requested by: Host: ww11.saldobonus.info
URL: https://ww11.saldobonus.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3b18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 710ab540ce68325400e85da88234c8baf99554f15f91edfb35ff29e5c99473c0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ww11.saldobonus.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:52:22 GMT
cf-cache-status: MISS
last-modified: Mon, 16 Oct 2023 10:57:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cmSd3GgWS3ddGTAvuP96%2BVfMX9OhJoSAo1KcKOtAQ3qUlt4K9EqMRt8eGF6IiRfjp%2BUawFMy%2BvY7DQi0%2FWPrzZQh9EXa%2BRu63y5hxfJDzcwKvAXB569TqtK%2Fmbei41lBVRs8bm09vo04mmuszp6H3xxlTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 81bca8003d279aef-MIA
alt-svc: h3=":443"; ma=86400
content-length: 52112
expires: Wed, 01 Nov 2023 18:52:22 GMT

GET
H3 200 PANDORA188-Freebet-Bonus-Saldo-20K-Gratis-Terbaru-Setiap-Hari-300x178.png
ww11.saldobonus.info/wp-content/uploads/2023/10/ 51 KB
52 KB 631ms
627ms Image
image/png 2606:4700:3035::6815:3b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ww11.saldobonus.info/wp-content/uploads/2023/10/PANDORA188-Freebet-Bonus-Saldo-20K-Gratis-Terbaru-Setiap-Hari-300x178.png
Requested by: Host: ww11.saldobonus.info
URL: https://ww11.saldobonus.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3b18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ae953134e452372275b8e76d2f46adf4a6bd708bfdb98d895b5b8f211f6b228

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ww11.saldobonus.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:52:23 GMT
cf-cache-status: MISS
last-modified: Mon, 16 Oct 2023 10:48:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cSyWz89rxezYIFowVoJqniZFwpoRVxUiUIOTJUw%2Bvldw8kPm1zAjHOZ2hSijFURZfGLsPhAWDBM5%2BJ%2FNUbGpRXUKNuw2nPORbGqFJY4De0c2nK37OYcczNqnJd4nVFNYVFthvUavrLneu9rjDj9IagZ5sw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 81bca80178d14988-MIA
alt-svc: h3=":443"; ma=86400
content-length: 52564
expires: Wed, 01 Nov 2023 18:52:22 GMT

GET
H3 200 NEOJOKER-Freebet-Bonus-Saldo-10K-Gratis-Terbaru-Setiap-Hari-300x178.png
ww11.saldobonus.info/wp-content/uploads/2023/10/ 53 KB
54 KB 804ms
800ms Image
image/png 2606:4700:3035::6815:3b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ww11.saldobonus.info/wp-content/uploads/2023/10/NEOJOKER-Freebet-Bonus-Saldo-10K-Gratis-Terbaru-Setiap-Hari-300x178.png
Requested by: Host: ww11.saldobonus.info
URL: https://ww11.saldobonus.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3b18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34ea06a702ca0c8dca1cbded9ca33d3c60727ca5facc8339ba24f8c7a96a47c9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ww11.saldobonus.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:52:23 GMT
cf-cache-status: MISS
last-modified: Mon, 16 Oct 2023 10:41:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p1a09It6PLuBurvzGpVTUsm2wcy%2B6Xll6rCTxtuo5VcKwCCsB4P55mLyP4Lb5IkCD609KI3cDhZTX1Z6BSEKR69qK4G%2FHrHupiHR9azQLxrig4McXab3IPyRF2TxNUr3eg4%2FotHvLHPg4iKKPmloHgPuzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 81bca80178d24988-MIA
alt-svc: h3=":443"; ma=86400
content-length: 54776
expires: Wed, 01 Nov 2023 18:52:22 GMT

GET
H2 200 Mimpisakti-slot.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjijs3m8H-a5JBFo8gD_HSKKmooz3xvdAeY2oIGR0nVGnGy03HdqOVJMxHPWjeLk6uihFnhpXfUC4Rp9zhvFwZjdwfyT5xdhA9xuUx_GFia84iRA2VbtsM1MMB7-I_VDvk7jbnxPGDEL_COl1l_... 559 KB
560 KB 793ms
788ms Image
image/gif 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjijs3m8H-a5JBFo8gD_HSKKmooz3xvdAeY2oIGR0nVGnGy03HdqOVJMxHPWjeLk6uihFnhpXfUC4Rp9zhvFwZjdwfyT5xdhA9xuUx_GFia84iRA2VbtsM1MMB7-I_VDvk7jbnxPGDEL_COl1l_0363y6VlZQ1xaE2kqR9TG6n0o_lrD_SPWgy82-w_7FCG/s300/Mimpisakti-slot.gif

Requested by

Host: ww11.saldobonus.info
URL: https://ww11.saldobonus.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

459526fbdb95ecddfd698844a8ab041aa4771648e8a4a78096a3c5ff67f5cbe7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ww11.saldobonus.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:52:23 GMT
x-content-type-options: nosniff
server: fife
etag: "vdd"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Mimpisakti-slot.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 572762
x-xss-protection: 0
expires: Thu, 26 Oct 2023 18:52:23 GMT

GET
H3 200 close.png
ww11.saldobonus.info/wp-content/uploads/2022/03/ 2 KB
2 KB 329ms
325ms Image
image/png 2606:4700:3035::6815:3b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ww11.saldobonus.info/wp-content/uploads/2022/03/close.png
Requested by: Host: ww11.saldobonus.info
URL: https://ww11.saldobonus.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3b18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e5c83dcb2e295b8de312ef857e845f5c1b3849ffe6be62d3a5cc2041994e97e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ww11.saldobonus.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:52:22 GMT
cf-cache-status: MISS
last-modified: Mon, 07 Mar 2022 00:00:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2fBso%2FF5bXByaU8N2WGbW9mPixdsGLPZE5wdH52VS%2B4qWoPFlE3xljqCNagVIEa8RH0Igupp4HHCXZf4nSDg5kvTKyE8C6SfX568vdoPpOyeRikBnD5phsuvUs7PK%2B18LE%2BO7UV%2BfkoRD1hB4dItuYFzyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 81bca80178d44988-MIA
alt-svc: h3=":443"; ma=86400
content-length: 1805
expires: Wed, 01 Nov 2023 18:52:22 GMT

GET
H2 200 lunas77.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhgfnVLxzWxjXKUMzB5yt9b2u4AC0RzWnkMZ5ehjsdnwOYds8cHVRuJyKSS0Iem0ggPx1wsvoG2BQcrAb0U_4SKziUGKmyU5aClKYcnaCCcGtyQg-mGCciEcuBLfMxrpc_Ra7qfF_nf1B9I0i9q... 17 KB
17 KB 690ms
685ms Image
image/gif 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhgfnVLxzWxjXKUMzB5yt9b2u4AC0RzWnkMZ5ehjsdnwOYds8cHVRuJyKSS0Iem0ggPx1wsvoG2BQcrAb0U_4SKziUGKmyU5aClKYcnaCCcGtyQg-mGCciEcuBLfMxrpc_Ra7qfF_nf1B9I0i9qqurWyPoFK969P_iYV_CxLsRVrqg6T5GvXdNSTzSWrFLa/s522/lunas77.gif

Requested by

Host: ww11.saldobonus.info
URL: https://ww11.saldobonus.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e4684e104b0d16abc2faeaae93b0cabac2a5dff8571fa94143e2698180b3b586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ww11.saldobonus.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:52:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v5b1"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="lunas77.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17006
x-xss-protection: 0
expires: Thu, 26 Oct 2023 18:52:23 GMT

GET
H2 200 sedayu88.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEihWhhRbEnpE31KAZuRrUZIO_lV6BuYLHaYQ0GVOQnf5G4Ck15YEmkUfQOhSFaaCZdRVP_M2r0j5tVArgkABJdJ0jWUPQO-JszQ6n5usro2qlz3lqeKcx-58JApbJtXXmG5yJ0g_8_fPTKLCWUf... 32 KB
32 KB 753ms
748ms Image
image/gif 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEihWhhRbEnpE31KAZuRrUZIO_lV6BuYLHaYQ0GVOQnf5G4Ck15YEmkUfQOhSFaaCZdRVP_M2r0j5tVArgkABJdJ0jWUPQO-JszQ6n5usro2qlz3lqeKcx-58JApbJtXXmG5yJ0g_8_fPTKLCWUf0sXHo4Ys9i_IUyiK6MTTRbqpqbZGq11Cm2KU1JVLa1mq/s522/sedayu88.gif

Requested by

Host: ww11.saldobonus.info
URL: https://ww11.saldobonus.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

69b370daac3d8e9072abd9ea561dc4edd943925fef66055b3ec231d5d697f860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ww11.saldobonus.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:52:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v5b0"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="sedayu88.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33058
x-xss-protection: 0
expires: Thu, 26 Oct 2023 18:52:23 GMT

GET
H2 200 counter.js Show response
www.statcounter.com/counter/ 40 KB
15 KB 118ms
41ms Script
application/javascript 104.20.219.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.statcounter.com/counter/counter.js
Requested by: Host: ww11.saldobonus.info
URL: https://ww11.saldobonus.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b6a7ca7428363767b92f9cf0ebc6dc31c5228022e2d2cb5016c0d9493021d1c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ww11.saldobonus.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:52:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Oct 2023 16:46:13 GMT
server: cloudflare
age: 40212
etag: W/"6537f4d5-a1eb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 81bca801fa1a3352-MIA
expires: Wed, 25 Oct 2023 19:42:10 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
67 KB 191ms
79ms Script
application/javascript 2607:f8b0:4004:c1b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-158527556-1

Requested by

Host: ww11.saldobonus.info
URL: https://ww11.saldobonus.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

89864b29248f4755f3da345e7ccf8e23485ca568232e86f6c3f8bfd79e999f78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ww11.saldobonus.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:52:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68635
x-xss-protection: 0
last-modified: Wed, 25 Oct 2023 18:14:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 25 Oct 2023 18:52:22 GMT

GET
H2 200 MPOSPORT-700x210.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiXALMGJTG724yIurb9kLyANmFgXkdwG7GHttZW76rbRjkJkNM9YN6Ow48NJNywblk_0nUqD4XxIhmR9y9lx2y8p0wo4QINaNCWkbBYHyGxurdT03qjPfEI3lNltN6pAj4YDpSxnIuRS6AjeA_4... 317 KB
317 KB 796ms
792ms Image
image/gif 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiXALMGJTG724yIurb9kLyANmFgXkdwG7GHttZW76rbRjkJkNM9YN6Ow48NJNywblk_0nUqD4XxIhmR9y9lx2y8p0wo4QINaNCWkbBYHyGxurdT03qjPfEI3lNltN6pAj4YDpSxnIuRS6AjeA_40yql66MavbDDqeDFfJ88733tmKeIiiCla6oElJVfXA/s700/MPOSPORT-700x210.gif

Requested by

Host: ww11.saldobonus.info
URL: https://ww11.saldobonus.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a57443dd8e1b8182b7cb60b6100de1faa37a05ab92e6e7dcf22db546a96c4fad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ww11.saldobonus.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:52:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v3ff"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="MPOSPORT-700x210.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 324145
x-xss-protection: 0
expires: Thu, 26 Oct 2023 18:52:23 GMT

GET
H2 200 MPO777-1000x300.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh20ds0u4hTdXqOBRNqdOCnl9t32y6L7lhMnEZBNN9UKRgOqEIlvj_aHCXiO6p6HDKRy0TsQTnFEWdw5yvW7S7e2DCHDA-bvoLzPd9YHtdU3P8CDYtpsXHr80W7J3toQTf7X039sjLiNjPA4Iz6... 53 KB
53 KB 758ms
754ms Image
image/gif 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh20ds0u4hTdXqOBRNqdOCnl9t32y6L7lhMnEZBNN9UKRgOqEIlvj_aHCXiO6p6HDKRy0TsQTnFEWdw5yvW7S7e2DCHDA-bvoLzPd9YHtdU3P8CDYtpsXHr80W7J3toQTf7X039sjLiNjPA4Iz6wn1TX-jJuKMRxvGJt2_0QU5jBKXM3knYbgoE5GegfQ/s1000/MPO777-1000x300.gif

Requested by

Host: ww11.saldobonus.info
URL: https://ww11.saldobonus.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8d2eb8571d65cdacb301057c56eb5413752f7cf11f869d31eb6113702636781f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ww11.saldobonus.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:52:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v4c4"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="MPO777-1000x300.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53794
x-xss-protection: 0
expires: Thu, 26 Oct 2023 18:52:23 GMT

GET
H2 200 LODE777-Gif-1000x300.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgognScdMna8U-pYDJozoPOXuf-DPvjS5xAbx-i_Odm4VHtFqpPyOFv20J7jcg35lciDL5P9H6CdqKUBcq9cQB5AbLD9--n8IQDQFW6YVdcyO1NOuW8n1gFrl6voAcf6HNyJUiKq0DriJdK3Dsn... 296 KB
297 KB 790ms
786ms Image
image/gif 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgognScdMna8U-pYDJozoPOXuf-DPvjS5xAbx-i_Odm4VHtFqpPyOFv20J7jcg35lciDL5P9H6CdqKUBcq9cQB5AbLD9--n8IQDQFW6YVdcyO1NOuW8n1gFrl6voAcf6HNyJUiKq0DriJdK3Dsns--jz-PRT7ic3nzXVPJSl2zRSbh8URMDT5fNGfs86A/s1000/LODE777-Gif-1000x300.gif

Requested by

Host: ww11.saldobonus.info
URL: https://ww11.saldobonus.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

850c1f9c148a5e6f4deb0f429cad86cdbff814e45c506207471ca002aff1e7ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ww11.saldobonus.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:52:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v83"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="LODE777-Gif-1000x300.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 303353
x-xss-protection: 0
expires: Thu, 26 Oct 2023 18:52:23 GMT

GET
H2 200 MACANTOGEL.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhf4NXkFse3nDlG5d71hfAPX1rQALuQx2Gnkcu4x2lfEGPiWAWKNoySDHvwSOK7zbqntBLGYrWg7hqDy2qQ7DLcwXziPsNBtFEa49BqIDN1HMNIlWSaD3hjpl5XwVNPSaNfLU_IJMS0GM6byic_... 352 KB
353 KB 761ms
757ms Image
image/gif 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhf4NXkFse3nDlG5d71hfAPX1rQALuQx2Gnkcu4x2lfEGPiWAWKNoySDHvwSOK7zbqntBLGYrWg7hqDy2qQ7DLcwXziPsNBtFEa49BqIDN1HMNIlWSaD3hjpl5XwVNPSaNfLU_IJMS0GM6byic_FKOc6dc9C_av4VvsHCGyMO48xOzHjsWsYNQYVT3Cpg/s1000/MACANTOGEL.gif

Requested by

Host: ww11.saldobonus.info
URL: https://ww11.saldobonus.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9ff8d07c178566c16c104558df34d63efb8f9de54384637bf9bf15f30ad9733e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ww11.saldobonus.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:52:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v4e3"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="MACANTOGEL.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 360662
x-xss-protection: 0
expires: Thu, 26 Oct 2023 18:52:23 GMT

GET
H2 200 css
fonts.bunny.net/ 6 KB
1 KB 192ms
58ms Stylesheet
text/css 185.93.1.251
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.bunny.net/css?family=Roboto%3Aregular%2C700&display=swap&ver=1.0
Requested by: Host: ww11.saldobonus.info
URL: https://ww11.saldobonus.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.93.1.251 Chicago, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 185-93-1-251.bunnyinfra.net
Software: BunnyCDN-IL1-1029 /
Resource Hash: 7cc0872162dbb0bfe4cab7a86c52c7f44390087cd03f3f6bb2d92c7b5609af7d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ww11.saldobonus.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:52:22 GMT
content-encoding: br
cdn-edgestorageid: 871
x-do-app-origin: 1fb91846-e6b7-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
cdn-cachedat: 09/05/2023 15:58:03
cdn-pullzone: 781720
last-modified: Tue, 05 Sep 2023 15:58:03 GMT
server: BunnyCDN-IL1-1029
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: STALE
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
cdn-requestid: 3c59118997b8a87bc26c9d489f69d126
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 hustle-ui.min.js Show response
ww11.saldobonus.info/wp-content/plugins/wordpress-popup/assets/hustle-ui/js/ 106 KB
29 KB 504ms
499ms Script
application/javascript 2606:4700:3035::6815:3b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ww11.saldobonus.info/wp-content/plugins/wordpress-popup/assets/hustle-ui/js/hustle-ui.min.js?ver=4.8.2
Requested by: Host: ww11.saldobonus.info
URL: https://ww11.saldobonus.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3b18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67a14a59133ef972898d5049626e0cab88ee40943b2053934833afb49284c183

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ww11.saldobonus.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:52:23 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 16:21:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2BUtCwtqF3hx5pL9%2F0CKHUq0cXEIHpTp1Alx1iqpd22IgXOO74KL6PjT2G31DW%2FndDfHNaI23dvW0cr%2B%2FAtACWW9vwy4emutFyQacq6EPjfy8DbopKF0AE7a3jymM%2FMHft%2FU2pPSR8DcW9ixRNkqlfYQTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
cf-ray: 81bca80178c34988-MIA
alt-svc: h3=":443"; ma=86400
expires: Wed, 01 Nov 2023 18:52:22 GMT

GET
H3 200 underscore.min.js Show response
ww11.saldobonus.info/wp-includes/js/ 18 KB
8 KB 357ms
353ms Script
application/javascript 2606:4700:3035::6815:3b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ww11.saldobonus.info/wp-includes/js/underscore.min.js?ver=1.13.4
Requested by: Host: ww11.saldobonus.info
URL: https://ww11.saldobonus.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3b18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ww11.saldobonus.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:52:22 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 02 Nov 2022 10:37:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zSvmHlD12E48AIvmmSYAABYPH7xq6e6xRZM%2Bl4h6ZIs1T27XMSzxqzvXKe1ZaM1%2FuZNXM%2Fn46BGYrL0UbtQkmbXRCsl6vrcYLUHbAHdC7e1eoe%2BbfXmNsSpmQn%2Fz4QiadtS6hf9vFUTaXzaMReLq4n5IYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
cf-ray: 81bca80178c54988-MIA
alt-svc: h3=":443"; ma=86400
expires: Wed, 01 Nov 2023 18:52:22 GMT

GET
H3 200 front.min.js Show response
ww11.saldobonus.info/wp-content/plugins/wordpress-popup/assets/js/ 46 KB
16 KB 486ms
482ms Script
application/javascript 2606:4700:3035::6815:3b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ww11.saldobonus.info/wp-content/plugins/wordpress-popup/assets/js/front.min.js?ver=4.8.2
Requested by: Host: ww11.saldobonus.info
URL: https://ww11.saldobonus.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3b18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9eb8d09282e625962caced51c19324f16a958430a5e486901f9b1ac9b5263e07

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ww11.saldobonus.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:52:23 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 16:21:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ACr82LCkhGBkWekhrP0yOXfRUFOEqB7UBJgtXwl668KA0qCQuTZCuULjqy74eCdtwetqADrSC5Ecq4DHNAxB5KM8fmu1f%2BgeS3nnyYRSVSZo0wmrkqsrp99W%2BmP8P1I%2F770SvJccSDxXn%2BnHudzzP2sv8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
cf-ray: 81bca80178c94988-MIA
alt-svc: h3=":443"; ma=86400
expires: Wed, 01 Nov 2023 18:52:22 GMT

GET
H3 200 js-plugin-min.js Show response
ww11.saldobonus.info/wp-content/themes/newkarma/js/ 41 KB
16 KB 469ms
465ms Script
application/javascript 2606:4700:3035::6815:3b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ww11.saldobonus.info/wp-content/themes/newkarma/js/js-plugin-min.js?ver=2.0.4
Requested by: Host: ww11.saldobonus.info
URL: https://ww11.saldobonus.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3b18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55f4f528f4c62e2c2b3f9e5b353deacf94182c35b3d36d4c6cea50dcfa95195f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ww11.saldobonus.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:52:23 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 16 Jun 2023 19:15:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yhEMXOLlAAy05zZBjIpVqm7oxEkw5XchxsSOdwpyxtJmDEb%2BHU5nWLTyJSuGCb%2FwV0VtI7Zlft4fYf%2BBL4%2FgXUFRNEXwYnlzbSU%2BUv4pzmthIVjElo9gUOwJW9N3AtDlD7SBGgPzxxvSptiqC9%2BXfacK6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
cf-ray: 81bca80178ca4988-MIA
alt-svc: h3=":443"; ma=86400
expires: Wed, 01 Nov 2023 18:52:22 GMT

GET
H3 200 autoptimize_single_75b1726fc3fcf56d39c1ac46064d09d4.js Show response
ww11.saldobonus.info/wp-content/cache/autoptimize/js/ 3 KB
2 KB 339ms
335ms Script
application/javascript 2606:4700:3035::6815:3b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ww11.saldobonus.info/wp-content/cache/autoptimize/js/autoptimize_single_75b1726fc3fcf56d39c1ac46064d09d4.js?ver=2.0.4
Requested by: Host: ww11.saldobonus.info
URL: https://ww11.saldobonus.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3b18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6e069719e5f6524f6a5b0902b653f8e577ec004cfa872574c4fc4a07c94b932

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ww11.saldobonus.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:52:22 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 25 Oct 2023 03:21:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=19rScsUgiHszTQzvCXBCXJ49nXrALHdtGrZsV4bfxGCxWzg1HI6LWMhqu2Ahkj0dhViAJV0k7xDqNQ%2BGdAIVPb1%2F4cbEVcc20VhYaNMnSXcAWQWrG0haRahHMrJ0SuwK6gFDhw5K3d6JgXSIshWXG%2FQG2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=30672000, immutable
x-turbo-charged-by: LiteSpeed
cf-ray: 81bca80178cc4988-MIA
alt-svc: h3=":443"; ma=86400
expires: Mon, 14 Oct 2024 18:52:22 GMT

GET
BLOB 200
OK 016d15d6-f7de-4bd5-862d-623eaf17cd22
https://ww11.saldobonus.info/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ww11.saldobonus.info/016d15d6-f7de-4bd5-862d-623eaf17cd22
Requested by: Host: ww11.saldobonus.info
URL: https://ww11.saldobonus.info/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 199 KB
53 KB 168ms
55ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: ww11.saldobonus.info
URL: https://ww11.saldobonus.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0ec8bc3ef1eb0c6ff43a2f94234c9487df3bf5e5f6b511693ca32cbb89bb665d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ww11.saldobonus.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 25 Oct 2023 18:52:22 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53588
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: SZ7W2fZpzf0SaZqaWmEY9giwGP0lI4al/oYJuJi1lpLMG7i06EucPh3sZA3Nhu45UJVZct3YzHco014ThEyutQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
DATA 200
OK truncated
/ 31 KB
31 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc9c387b513b4d43675910f780fa03e92b9a4b58432b402a8f0a801a0d5ae855

Request headers

Referer
Origin: https://ww11.saldobonus.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H3 200 MPO8821-Freebet-Bonus-Gratis-Saldo-Rp.-15.000-Setiap-Hari-300x178.png
ww11.saldobonus.info/wp-content/uploads/2023/10/ 52 KB
53 KB 770ms
769ms Image
image/png 2606:4700:3035::6815:3b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ww11.saldobonus.info/wp-content/uploads/2023/10/MPO8821-Freebet-Bonus-Gratis-Saldo-Rp.-15.000-Setiap-Hari-300x178.png
Requested by: Host: ww11.saldobonus.info
URL: https://ww11.saldobonus.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3b18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 803fe2910be4aeedee6c95272808708078d356d52d61dd9cfb191ab60357c24e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ww11.saldobonus.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:52:23 GMT
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 16:44:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fXq2F2DWksdObvaT%2FsOpE2G5FQ%2BM8%2FBWNobwtPjGAZMQ4Itn3Mat6VANbJ9azxLHmMq0PbKHvXoNotROlIGUQvmUldxS%2FuTpmOoA8P8VrPBpRfFlQ7AKssJ7tFT1kkOU6haJlVke5fd%2Fpm%2FXcr0MQSqjzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 81bca80198f84988-MIA
alt-svc: h3=":443"; ma=86400
content-length: 53666
expires: Wed, 01 Nov 2023 18:52:22 GMT

GET
H3 200 CASPER77-Freebet-Bonus-Gratis-Saldo-Rp.-10.000-Setiap-Hari-300x178.png
ww11.saldobonus.info/wp-content/uploads/2023/10/ 53 KB
53 KB 788ms
786ms Image
image/png 2606:4700:3035::6815:3b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ww11.saldobonus.info/wp-content/uploads/2023/10/CASPER77-Freebet-Bonus-Gratis-Saldo-Rp.-10.000-Setiap-Hari-300x178.png
Requested by: Host: ww11.saldobonus.info
URL: https://ww11.saldobonus.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3b18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdfd5b05b341377c175228a22d5429d2b92590e365dff936f6ae7aea54faff7b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ww11.saldobonus.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:52:23 GMT
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 16:37:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2FJRZzXcpOlDNt%2B9qd6r5iWEG8d%2FS0%2F2kcNChdMQq2s2HaWS7jmYSOVLlzLWHqHWv%2BH1%2BMrXiVjgUWCPD9qe84BGZc65mjOOhYysCKlYrIBoNu5SyUFBQ86%2FBJcm%2BNFEbOyzCqj%2FPYVDEZfDAYzYTdjj1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 81bca80198fc4988-MIA
alt-svc: h3=":443"; ma=86400
content-length: 54021
expires: Wed, 01 Nov 2023 18:52:22 GMT

GET
H3 200 GARUDA123-Freebet-Bonus-Gratis-Saldo-Rp.-10.000-Setiap-Hari-300x178.png
ww11.saldobonus.info/wp-content/uploads/2023/10/ 57 KB
57 KB 773ms
771ms Image
image/png 2606:4700:3035::6815:3b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ww11.saldobonus.info/wp-content/uploads/2023/10/GARUDA123-Freebet-Bonus-Gratis-Saldo-Rp.-10.000-Setiap-Hari-300x178.png
Requested by: Host: ww11.saldobonus.info
URL: https://ww11.saldobonus.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3b18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9f0036e5805aec5f9f0319cd14969262a93d9187fb8bbd36c2e19bcc1aa9d10

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ww11.saldobonus.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:52:23 GMT
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 16:34:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2BvpK0JyGLceBYliKGf5GHTKkdZjQKjL%2BF0M%2FyKQpHp39r%2BT6FLgHvwrjXqPR5mZ%2FhJpjM3jd1VxMlCnQpVUuqlNsFueF8LTsVTyK%2FtKAvQY3npJlLbbTIvGoqmaI%2Bt525qR030NCrbGE%2Fcufy1Hq7KXCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 81bca80199024988-MIA
alt-svc: h3=":443"; ma=86400
content-length: 58209
expires: Wed, 01 Nov 2023 18:52:22 GMT

GET
H3 200 BAPAU365-Bonus-Saldo-Freebet-Gratis-Terbaru-Rp-10.000-Hari-Ini-300x178.png
ww11.saldobonus.info/wp-content/uploads/2023/10/ 38 KB
39 KB 641ms
639ms Image
image/png 2606:4700:3035::6815:3b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ww11.saldobonus.info/wp-content/uploads/2023/10/BAPAU365-Bonus-Saldo-Freebet-Gratis-Terbaru-Rp-10.000-Hari-Ini-300x178.png
Requested by: Host: ww11.saldobonus.info
URL: https://ww11.saldobonus.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3b18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afcb1f1bbb76b468244a07213dd6f73f30a961efc3ab764571d51de2fe26f5a6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ww11.saldobonus.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:52:23 GMT
cf-cache-status: MISS
last-modified: Tue, 03 Oct 2023 19:52:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dJHvj4SX%2FLPBj6zBqyCd5zOItXTxG56lFj8a%2FvkJHxdeUCowYNnw1u7jXGmntpaVN289ycsENRb4bLuixyfBsBr%2BaEeejks5RAHofiWGHiZHMURuScBoHhTslgBq6IBHc8DdcUnFwdQo%2BEkf2PfoPW8uGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 81bca80199054988-MIA
alt-svc: h3=":443"; ma=86400
content-length: 39154
expires: Wed, 01 Nov 2023 18:52:22 GMT

GET
H3 200 SLOT69-Bonus-Saldo-Freebet-Gratis-Terbaru-Rp-20.000-Hari-Ini-300x178.png
ww11.saldobonus.info/wp-content/uploads/2023/10/ 52 KB
52 KB 646ms
644ms Image
image/png 2606:4700:3035::6815:3b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ww11.saldobonus.info/wp-content/uploads/2023/10/SLOT69-Bonus-Saldo-Freebet-Gratis-Terbaru-Rp-20.000-Hari-Ini-300x178.png
Requested by: Host: ww11.saldobonus.info
URL: https://ww11.saldobonus.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3b18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1420246f643143a478eaab869d3e5f8caa9771a77b32c122801b35f0d2d9dbd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ww11.saldobonus.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:52:23 GMT
cf-cache-status: MISS
last-modified: Tue, 03 Oct 2023 19:42:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gcrw6t4v8BMftQpxf1IWF0TP1YbDErkNsEGIGMG1F3H7egxX4uBl7p2oE%2Fs07rRXed0rNByKU1vcbjDzLu2edzAPPSNZbREICeyJugz%2F448gpanzd7AJrZsuTbm6jUcplNg%2Bb4NgWmo87YW%2FtSPDTeRNZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 81bca80199084988-MIA
alt-svc: h3=":443"; ma=86400
content-length: 53147
expires: Wed, 01 Nov 2023 18:52:22 GMT

GET
H3 200 BROTOGEL-Bonus-Saldo-Freebet-Gratis-Terbaru-Tanpa-Deposit-300x178.png
ww11.saldobonus.info/wp-content/uploads/2023/10/ 56 KB
57 KB 613ms
612ms Image
image/png 2606:4700:3035::6815:3b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ww11.saldobonus.info/wp-content/uploads/2023/10/BROTOGEL-Bonus-Saldo-Freebet-Gratis-Terbaru-Tanpa-Deposit-300x178.png
Requested by: Host: ww11.saldobonus.info
URL: https://ww11.saldobonus.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3b18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c5fb004dbd53a61f51ad2a12c56e65a177d3bcd976eead6e00a94c6b4a718d0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ww11.saldobonus.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:52:23 GMT
cf-cache-status: MISS
last-modified: Mon, 02 Oct 2023 19:34:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ganCFTL04x4YYZQjh99OfBB9pd5h1ulASZFCn9i3s3ZZhiuEJnPmtAGIna0llNvYQYK7Zoh%2BudGdB7iHIOx8BiFsA9FO9cAsdsrGeoieHRRc0SFY7M%2BnCr%2FgtU61kdL0agGAgU8SRzNJRPuReT09QxofnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 81bca80199094988-MIA
alt-svc: h3=":443"; ma=86400
content-length: 57855
expires: Wed, 01 Nov 2023 18:52:22 GMT

GET
H3 200 Dewa399-Bonus-Saldo-Freebet-Gratis-Terbaru-Tanpa-Deposit-300x178.png
ww11.saldobonus.info/wp-content/uploads/2023/09/ 56 KB
56 KB 757ms
755ms Image
image/png 2606:4700:3035::6815:3b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ww11.saldobonus.info/wp-content/uploads/2023/09/Dewa399-Bonus-Saldo-Freebet-Gratis-Terbaru-Tanpa-Deposit-300x178.png
Requested by: Host: ww11.saldobonus.info
URL: https://ww11.saldobonus.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3b18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1348bc40346c8c4c8d8657802f6d06e6fc73bad823a557dd34b06958342576ee

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ww11.saldobonus.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:52:23 GMT
cf-cache-status: MISS
last-modified: Fri, 29 Sep 2023 13:40:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sW6BrHJXbrBRVyuK0WiXJJA%2FKoqjg%2BJA6oNI4x97L0kSqQkLWg7aMalgP6XnVQDPe9SoUHN76n0XSOdGXn%2FktcWrIvOezSRXW3AImU0c1kvBiI2QPTHXueJ3gl8lnd80erA314GBQfNigIo2oRDKxQOMYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 81bca801990a4988-MIA
alt-svc: h3=":443"; ma=86400
content-length: 57064
expires: Wed, 01 Nov 2023 18:52:22 GMT

GET
H3 200 SEKTORPLAY88-Freebet-Bonus-Saldo-20K-Gratis-Terbaru-Setiap-Hari-90x90.png
ww11.saldobonus.info/wp-content/uploads/2023/10/ 12 KB
12 KB 355ms
353ms Image
image/png 2606:4700:3035::6815:3b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ww11.saldobonus.info/wp-content/uploads/2023/10/SEKTORPLAY88-Freebet-Bonus-Saldo-20K-Gratis-Terbaru-Setiap-Hari-90x90.png
Requested by: Host: ww11.saldobonus.info
URL: https://ww11.saldobonus.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3b18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57a4c6e36b955484a471c26d67d6b2e7e29ccd970481c79f8b57f9230943937c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ww11.saldobonus.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:52:22 GMT
cf-cache-status: MISS
last-modified: Mon, 16 Oct 2023 10:57:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rZy%2Bn%2BHeI2cjWhRvYP8BaKDd34LgUpLHzsZmWtnxC%2B105BcSKvsCxt8JRn8sYtlHOALBAhAkOIB4Ochm6M6bTfynNwOf0Bkxk925MczGKMNAOx9YG5srYDhyRtrBYcpym8%2FbRSgsAmPZrxDuNZJA2LqNDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 81bca801990c4988-MIA
alt-svc: h3=":443"; ma=86400
content-length: 12123
expires: Wed, 01 Nov 2023 18:52:22 GMT

GET
H3 200 PANDORA188-Freebet-Bonus-Saldo-20K-Gratis-Terbaru-Setiap-Hari-90x90.png
ww11.saldobonus.info/wp-content/uploads/2023/10/ 13 KB
13 KB 355ms
354ms Image
image/png 2606:4700:3035::6815:3b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ww11.saldobonus.info/wp-content/uploads/2023/10/PANDORA188-Freebet-Bonus-Saldo-20K-Gratis-Terbaru-Setiap-Hari-90x90.png
Requested by: Host: ww11.saldobonus.info
URL: https://ww11.saldobonus.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3b18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04f521899c88110230e2d3d7e3c267eb0f98ff9ff36e6384128ddca06b622ede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ww11.saldobonus.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:52:22 GMT
cf-cache-status: MISS
last-modified: Mon, 16 Oct 2023 10:48:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gjkKE4KDyiXw%2F7TMHN5BBRuPzTUZMFC4DUXutSD%2B3fwcih1PL6zUX2KZF9IvNoBceQ2Bssk5B%2BACcph%2BpmQD%2FSWZwQDzQAUQhC7370VQx5WoBIg51a54H1rMZyc1KdeLw%2BISUcmXTZD%2B7cxwXeiU30upgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 81bca801990e4988-MIA
alt-svc: h3=":443"; ma=86400
content-length: 12918
expires: Wed, 01 Nov 2023 18:52:22 GMT

GET
H3 200 NEOJOKER-Freebet-Bonus-Saldo-10K-Gratis-Terbaru-Setiap-Hari-90x90.png
ww11.saldobonus.info/wp-content/uploads/2023/10/ 12 KB
12 KB 327ms
325ms Image
image/png 2606:4700:3035::6815:3b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ww11.saldobonus.info/wp-content/uploads/2023/10/NEOJOKER-Freebet-Bonus-Saldo-10K-Gratis-Terbaru-Setiap-Hari-90x90.png
Requested by: Host: ww11.saldobonus.info
URL: https://ww11.saldobonus.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3b18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e7bdc8396004931f9be64c3804be181e558a9b2f79ec63df2e6f17ed72f6979

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ww11.saldobonus.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:52:22 GMT
cf-cache-status: MISS
last-modified: Mon, 16 Oct 2023 10:41:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o4DDs9ncCtlml1a4tqJzUR12U6OM89Gfu1OOv5xfA5MlU8oQjiZT5Jp3Gk3Yzs%2Fxf7pamYfSr63PK8UCmqTQ5Vdugm9CV1sypmol6Srm4RBPKoNMhsM4zOto8pAorY4ZuI7f2rQk09oxmPSwS%2FdERiOxHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 81bca80199114988-MIA
alt-svc: h3=":443"; ma=86400
content-length: 11965
expires: Wed, 01 Nov 2023 18:52:22 GMT

GET
H3 200 MPO8821-Freebet-Bonus-Gratis-Saldo-Rp.-15.000-Setiap-Hari-90x90.png
ww11.saldobonus.info/wp-content/uploads/2023/10/ 12 KB
12 KB 384ms
382ms Image
image/png 2606:4700:3035::6815:3b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ww11.saldobonus.info/wp-content/uploads/2023/10/MPO8821-Freebet-Bonus-Gratis-Saldo-Rp.-15.000-Setiap-Hari-90x90.png
Requested by: Host: ww11.saldobonus.info
URL: https://ww11.saldobonus.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3b18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 638b098f42b0e2d52caa0bae97b45873cd079c2bcf16290e248311a84939813c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ww11.saldobonus.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:52:22 GMT
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 16:44:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a90lg%2BUFC9TWojSlE%2FO8N3JlzZOTi2PD6vA3Kjz4LwX%2FqHGFxQhHhbt4d0nBr9mHx0rJpt43DEoT5EK7OAw54mju5TYrAwG6y%2FR4Um6RxkIAb7fKlAnN2bbJR4LdDWHQm5%2BwvUgovqDISNGpltplsb%2BLwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 81bca80199124988-MIA
alt-svc: h3=":443"; ma=86400
content-length: 11842
expires: Wed, 01 Nov 2023 18:52:22 GMT

GET
H3 200 CASPER77-Freebet-Bonus-Gratis-Saldo-Rp.-10.000-Setiap-Hari-90x90.png
ww11.saldobonus.info/wp-content/uploads/2023/10/ 12 KB
12 KB 384ms
382ms Image
image/png 2606:4700:3035::6815:3b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ww11.saldobonus.info/wp-content/uploads/2023/10/CASPER77-Freebet-Bonus-Gratis-Saldo-Rp.-10.000-Setiap-Hari-90x90.png
Requested by: Host: ww11.saldobonus.info
URL: https://ww11.saldobonus.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3b18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16b266773098f66019b109a45babe0fcf419f198b238ba50d2460894f82fb5a4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ww11.saldobonus.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:52:22 GMT
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 16:37:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rdod%2F7M0YyiyR3d3coi2WGkbDcD1OvoLu5GPuSA5%2FAJEMZuLiTEZLe%2B4f5If05eBbLL6o0t9QT0oDd2CUgRzVhNKlFjvOxnhIA5TYQdAz6c5LL0kBmQIWck89RUknc8nSpGd5rF%2FewCDF%2FHJRh53POZIEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 81bca80199134988-MIA
alt-svc: h3=":443"; ma=86400
content-length: 12146
expires: Wed, 01 Nov 2023 18:52:22 GMT

GET
H3 200 GARUDA123-Freebet-Bonus-Gratis-Saldo-Rp.-10.000-Setiap-Hari-90x90.png
ww11.saldobonus.info/wp-content/uploads/2023/10/ 12 KB
12 KB 391ms
389ms Image
image/png 2606:4700:3035::6815:3b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ww11.saldobonus.info/wp-content/uploads/2023/10/GARUDA123-Freebet-Bonus-Gratis-Saldo-Rp.-10.000-Setiap-Hari-90x90.png
Requested by: Host: ww11.saldobonus.info
URL: https://ww11.saldobonus.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3b18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5528bf9d478d88306a5a018b256aa708478a1e35774717e844f6757a3c83902d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ww11.saldobonus.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:52:22 GMT
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 16:34:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OU38JeAk7ZOJ%2B15O04HumMIH3euuNacYjTppIwuFFQo4a6LM2Wf3jujj6QsED%2B1UzBNCZbMCpG0ZpkYAQTY5ZqSnUQlMCF3%2BHfCPqm35%2FolWOSsgpoZlxjmBYMcD9XZ3W4scJS9oMqpa1pzCsFW7IP%2Bp8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 81bca80199154988-MIA
alt-svc: h3=":443"; ma=86400
content-length: 12089
expires: Wed, 01 Nov 2023 18:52:22 GMT

GET
H2 200 t.php Show response
c.statcounter.com/ 192 B
572 B 97ms
87ms XHR
application/json 104.20.219.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/t.php?sc_project=12577135&u1=F569A7FB3E4B4F987D597155632FF864&java=1&security=f1e56fb6&sc_snum=1&sess=de22c1&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//ww11.saldobonus.info/&t=Gamebonus%20-%20Info%20Freebet%20Bonus%20BetGratis%20Terbaru%20Setiap%20Hari&invisible=1&sc_rum_e_s=1592&sc_rum_e_e=1596&sc_rum_f_s=0&sc_rum_f_e=1589&get_config=true
Requested by: Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ww11.saldobonus.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:52:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/json
access-control-allow-origin: https://ww11.saldobonus.info
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials: true
cf-ray: 81bca8025ac23352-MIA
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
77 KB 82ms
81ms Script
application/javascript 2607:f8b0:4004:c1b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DZF1C9VEBN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-158527556-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

27cf469f87ad6e1ac37c9457cbbc03c85b6fb1f1344fcaacfd6b6de06c68b2f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ww11.saldobonus.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:52:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78927
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 25 Oct 2023 18:52:22 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 167ms
53ms Script
text/javascript 2607:f8b0:4004:c06::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-158527556-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::66 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ww11.saldobonus.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 25 Oct 2023 17:56:42 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3341
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 25 Oct 2023 19:56:42 GMT

GET
H2 200 304852876618249 Show response
connect.facebook.net/signals/config/ 6 KB
3 KB 88ms
87ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/304852876618249?v=2.9.135&r=stable&domain=ww11.saldobonus.info

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

38da47503f5b568fecd1b37eaeac28c8b123f4fd7a5dd20f94f904a4429db324

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ww11.saldobonus.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 25 Oct 2023 18:52:23 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: fJq0G8svphPLV80X+L2YIIzWxZx/2Bq2RsHWK9IFFKWvzRdGx970MoiAfSyqOxljdurEEPEyTQFDXzyspyNi9Q==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 166ms
54ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=304852876618249&ev=PageView&dl=https%3A%2F%2Fww11.saldobonus.info%2F&rl=&if=false&ts=1698259943030&sw=1600&sh=1200&v=2.9.135&r=stable&ec=0&o=28&it=1698259942937&coo=false&rqm=GET

Requested by

Host: ww11.saldobonus.info
URL: https://ww11.saldobonus.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ww11.saldobonus.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 25 Oct 2023 18:52:23 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
174 B 68ms
67ms Ping
text/plain 2607:f8b0:4004:c06::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-DZF1C9VEBN&gtm=45je3an0v9110209766&_p=2549575&cid=1498232176.1698259943&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1698259943&sct=1&seg=0&dl=https%3A%2F%2Fww11.saldobonus.info%2F&dt=Gamebonus%20-%20Info%20Freebet%20Bonus%20BetGratis%20Terbaru%20Setiap%20Hari&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DZF1C9VEBN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c06::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ww11.saldobonus.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 18:52:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ww11.saldobonus.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
91 B 61ms
61ms XHR
text/plain 2607:f8b0:4004:c06::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2549575&t=pageview&_s=1&dl=https%3A%2F%2Fww11.saldobonus.info%2F&ul=en-us&de=UTF-8&dt=Gamebonus%20-%20Info%20Freebet%20Bonus%20BetGratis%20Terbaru%20Setiap%20Hari&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1018027938&gjid=492382872&cid=1498232176.1698259943&tid=UA-158527556-1&_gid=1729410162.1698259943&_r=1&gtm=457e3an0&jsscut=1&z=950128779

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::66 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ww11.saldobonus.info/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 18:52:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ww11.saldobonus.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 wp-emoji-release.min.js Show response
ww11.saldobonus.info/wp-includes/js/ 18 KB
5 KB 356ms
355ms Script
application/javascript 2606:4700:3035::6815:3b18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ww11.saldobonus.info/wp-includes/js/wp-emoji-release.min.js?ver=6.3.2
Requested by: Host: ww11.saldobonus.info
URL: https://ww11.saldobonus.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3b18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ww11.saldobonus.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:52:23 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 30 Mar 2023 08:11:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EyQ8IBgE5emidmw1%2BDeepgMJRH%2BzJrgkUvzS58ZM3cmsqiujxvXPZ0drab89nv63T18XSiKdRtxgr543%2Bu0f1JCOMi%2BaZeiSo5355p2t%2BLO2pYZvrwrzszMxR%2FXfkJy4rDJpIAWwYm3gZLrfiUsN2EOSBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
cf-ray: 81bca804ee7e4988-MIA
alt-svc: h3=":443"; ma=86400
expires: Wed, 01 Nov 2023 18:52:23 GMT

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ww11.saldobonus.info/	1970-01-21 01:20:19	Name: sc_is_visitor_unique Value: rx12577135.1698259943.F569A7FB3E4B4F987D597155632FF864.1.1.1.1.1.1.1.1.1
.statcounter.com/	1970-01-21 01:20:19	Name: is_unique Value: sc12577135.1698259942.0
.statcounter.com/	1970-01-21 01:20:19	Name: is_visitor_unique Value: 1698259942359267375
.saldobonus.info/	1970-01-21 01:20:19	Name: _ga_DZF1C9VEBN Value: GS1.1.1698259943.1.0.1698259943.0.0.0
.saldobonus.info/	1970-01-21 01:20:19	Name: _ga Value: GA1.2.1498232176.1698259943
.saldobonus.info/	1970-01-20 15:45:46	Name: _gid Value: GA1.2.1729410162.1698259943
.saldobonus.info/	1970-01-20 15:44:20	Name: _gat_gtag_UA_158527556_1 Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blogger.googleusercontent.com
c.statcounter.com
connect.facebook.net
fonts.bunny.net
s.w.org
ww11.saldobonus.info
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.statcounter.com
104.20.219.77
185.93.1.251
192.0.77.48
2606:4700:3034::ac43:d3cd
2606:4700:3035::6815:3b18
2607:f8b0:4004:c06::66
2607:f8b0:4004:c17::84
2607:f8b0:4004:c1b::61
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f103:83:face:b00c:0:25de
03630897efef3e01ed63e648d67e1e6f8eca1600f975dd35d05165d3e963a713
04f521899c88110230e2d3d7e3c267eb0f98ff9ff36e6384128ddca06b622ede
0ec8bc3ef1eb0c6ff43a2f94234c9487df3bf5e5f6b511693ca32cbb89bb665d
1348bc40346c8c4c8d8657802f6d06e6fc73bad823a557dd34b06958342576ee
16b266773098f66019b109a45babe0fcf419f198b238ba50d2460894f82fb5a4
1e7bdc8396004931f9be64c3804be181e558a9b2f79ec63df2e6f17ed72f6979
27cf469f87ad6e1ac37c9457cbbc03c85b6fb1f1344fcaacfd6b6de06c68b2f2
28142709f6433eb46fea341fc6918ba757ddda174c1e08ae1928cc17f8857c16
34ea06a702ca0c8dca1cbded9ca33d3c60727ca5facc8339ba24f8c7a96a47c9
38da47503f5b568fecd1b37eaeac28c8b123f4fd7a5dd20f94f904a4429db324
3e5c83dcb2e295b8de312ef857e845f5c1b3849ffe6be62d3a5cc2041994e97e
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
459526fbdb95ecddfd698844a8ab041aa4771648e8a4a78096a3c5ff67f5cbe7
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4fa646a4dbc10513ddeb70561789483638faf456e15186f4eb7291c5c455cbb6
525627c24500b011c1906d775dacd98078bf5f041d663f3ba2720a3f222878cb
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5528bf9d478d88306a5a018b256aa708478a1e35774717e844f6757a3c83902d
55f4f528f4c62e2c2b3f9e5b353deacf94182c35b3d36d4c6cea50dcfa95195f
57a4c6e36b955484a471c26d67d6b2e7e29ccd970481c79f8b57f9230943937c
5ae953134e452372275b8e76d2f46adf4a6bd708bfdb98d895b5b8f211f6b228
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
638b098f42b0e2d52caa0bae97b45873cd079c2bcf16290e248311a84939813c
67a14a59133ef972898d5049626e0cab88ee40943b2053934833afb49284c183
69b370daac3d8e9072abd9ea561dc4edd943925fef66055b3ec231d5d697f860
69f370353fef12fbaceef8e636067f722fec5761595ad354e6bcea5e07393f01
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
710ab540ce68325400e85da88234c8baf99554f15f91edfb35ff29e5c99473c0
7120f45f33c8c3f89f3fd5da4e2f2f4ff34cf6d1c125d793b22613c3c060a4bd
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a
7c5fb004dbd53a61f51ad2a12c56e65a177d3bcd976eead6e00a94c6b4a718d0
7cc0872162dbb0bfe4cab7a86c52c7f44390087cd03f3f6bb2d92c7b5609af7d
7d805f0ad574ddc3a589025c043c156af29fc1023868da310774bde8388313a3
803fe2910be4aeedee6c95272808708078d356d52d61dd9cfb191ab60357c24e
850c1f9c148a5e6f4deb0f429cad86cdbff814e45c506207471ca002aff1e7ea
89864b29248f4755f3da345e7ccf8e23485ca568232e86f6c3f8bfd79e999f78
8d2eb8571d65cdacb301057c56eb5413752f7cf11f869d31eb6113702636781f
9b6a7ca7428363767b92f9cf0ebc6dc31c5228022e2d2cb5016c0d9493021d1c
9eb8d09282e625962caced51c19324f16a958430a5e486901f9b1ac9b5263e07
9ff8d07c178566c16c104558df34d63efb8f9de54384637bf9bf15f30ad9733e
a4807d3c9351eb03f03185d306318d3506dc81a9b5ffe0e662cc726a4521c0bb
a57443dd8e1b8182b7cb60b6100de1faa37a05ab92e6e7dcf22db546a96c4fad
afcb1f1bbb76b468244a07213dd6f73f30a961efc3ab764571d51de2fe26f5a6
b116f5518e9a58ecb4da0ae810a75f45d9ed51bcad85dcff4d77910a8cba599f
bc9c387b513b4d43675910f780fa03e92b9a4b58432b402a8f0a801a0d5ae855
c1420246f643143a478eaab869d3e5f8caa9771a77b32c122801b35f0d2d9dbd
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c9f0036e5805aec5f9f0319cd14969262a93d9187fb8bbd36c2e19bcc1aa9d10
cc4d97df4e88d32e432905c78e5a247be13d5c3a48c56a563265a116a111cdda
cdfd5b05b341377c175228a22d5429d2b92590e365dff936f6ae7aea54faff7b
d5cac8aa4a0d91b6008b4e2ef0a6c1351fabd0d427305d711e9a61ae6031e569
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4684e104b0d16abc2faeaae93b0cabac2a5dff8571fa94143e2698180b3b586
e6e069719e5f6524f6a5b0902b653f8e577ec004cfa872574c4fc4a07c94b932
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
f1b1269be44fb4bb67f4f80242aa7795a04963e8794dba92ffe3bc6ddb33f5d3

ww11.saldobonus.info Open in urlscan Pro 2606:4700:3035::6815:3b18 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

57 Requests

98 %HTTPS

70 %IPv6

9 Domains

10 Subdomains

10 IPs

2 Countries

5834 kBTransfer

6894 kBSize

7 Cookies

15 Outgoing links

Page URL History

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ww11.saldobonus.info Open in urlscan Pro
2606:4700:3035::6815:3b18 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

98 %
HTTPS

70 %
IPv6

9
Domains

10
Subdomains

10
IPs

2
Countries

5834 kB
Transfer

6894 kB
Size

7
Cookies

57 HTTP transactions
1 data transactions