Submitted URL: https://gisel888.pro/
Effective URL: https://gisel88d.xyz/
Submission: On August 13 via api from US — Scanned from DE

Summary

This website contacted 11 IPs in 4 countries across 10 domains to perform 15 HTTP transactions. The main IP is 2606:4700:20::681a:b74, located in United States and belongs to CLOUDFLARENET, US. The main domain is gisel88d.xyz.
TLS certificate: Issued by WE1 on August 7th 2024. Valid for: 3 months.
This is the only time gisel88d.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 172.67.147.110 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 188.114.97.3 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 192.0.77.2 2635 (AUTOMATTIC)
1 172.67.72.210 13335 (CLOUDFLAR...)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 216.22.21.83 30633 (LEASEWEB-...)
1 104.21.235.70 13335 (CLOUDFLAR...)
2 172.217.18.1 15169 (GOOGLE)
15 11
Apex Domain
Subdomains
Transfer
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 382
88 KB
2 tenor.com
media.tenor.com — Cisco Umbrella Rank: 8660
456 KB
2 gisel88d.xyz
gisel88d.xyz
9 KB
1 iili.io
iili.io — Cisco Umbrella Rank: 28319
163 KB
1 gifs.cc
www.gifs.cc
29 KB
1 flaticon.com
cdn-icons-png.flaticon.com — Cisco Umbrella Rank: 58646
12 KB
1 icon-icons.com
cdn.icon-icons.com — Cisco Umbrella Rank: 197981
3 KB
1 wp.com
i0.wp.com — Cisco Umbrella Rank: 5176
161 KB
1 iss99.com
iss99.com
864 KB
1 gisel888.pro
gisel888.pro
477 B
15 10
Domain Requested by
5 cdn.ampproject.org gisel88d.xyz
cdn.ampproject.org
2 media.tenor.com gisel88d.xyz
2 gisel88d.xyz
1 iili.io gisel88d.xyz
1 www.gifs.cc gisel88d.xyz
1 cdn-icons-png.flaticon.com gisel88d.xyz
1 cdn.icon-icons.com gisel88d.xyz
1 i0.wp.com gisel88d.xyz
1 iss99.com gisel88d.xyz
1 gisel888.pro 1 redirects
15 10

This site contains links to these domains. Also see Links.

Domain
heylink.me
t.ly
Subject Issuer Validity Valid
gisel88d.xyz
WE1
2024-08-07 -
2024-11-05
3 months crt.sh
misc-sni.google.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
iss99.com
WE1
2024-06-20 -
2024-09-18
3 months crt.sh
c.tenor.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA
2023-11-28 -
2024-12-28
a year crt.sh
icon-icons.com
WE1
2024-06-18 -
2024-09-16
3 months crt.sh
*.flaticon.com
E5
2024-08-11 -
2024-11-09
3 months crt.sh
gifs.cc
Sectigo RSA Domain Validation Secure Server CA
2024-01-10 -
2025-02-09
a year crt.sh
iili.io
WE1
2024-07-30 -
2024-10-28
3 months crt.sh

This page contains 1 frames:

Primary Page: https://gisel88d.xyz/
Frame ID: 1EED01CC8BE9AEE0B4AD6C08910FA8E2
Requests: 19 HTTP requests in this frame

Screenshot

Page Title

GISEL88 | Situs Penyedia Pragmatic Play PG Soft Terpercayaa

Page URL History Show full URLs

  1. https://gisel888.pro/ HTTP 301
    https://gisel88d.xyz/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"

Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Page Statistics

15
Requests

100 %
HTTPS

36 %
IPv6

10
Domains

10
Subdomains

11
IPs

4
Countries

1785 kB
Transfer

2049 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://gisel888.pro/ HTTP 301
    https://gisel88d.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
gisel88d.xyz/
Redirect Chain
  • https://gisel888.pro/
  • https://gisel88d.xyz/
41 KB
8 KB
Document
General
Full URL
https://gisel88d.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbbc4f132f00dcd6e2bf5745c1e4dac6ba300a7ee36786a63b412add82d431f0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8b284e0ea8573655-FRA
content-encoding
br
content-type
text/html
date
Tue, 13 Aug 2024 11:18:31 GMT
last-modified
Fri, 09 Aug 2024 16:43:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DztTCynXtMvDUqbuog8KOZWKwcpHX9zmx2wJUWxQnEJrOkQDNlo5MyuP0KRhGsqqY5AUD650o8C5%2F46mj4SvKxaHzsHslU62PQbiojlEmBulxCYyVB6XVS%2F9%2B61Py2lWenCJC%2FuhHJXMyA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-ray
8b284e0cec1f3a64-FRA
content-length
167
content-type
text/html
date
Tue, 13 Aug 2024 11:18:31 GMT
expires
Tue, 13 Aug 2024 12:18:31 GMT
location
https://gisel88d.xyz
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FUIuZigU1AfsYzutVEbCwMRAidPKN1cdgn5h3oZWrdgc7uzvqCgHHOYihKTsQd50%2Bg45DLGHA6kFPHnJARcFie6flRgbgEWTVc6zpIIMxZj9HeLrX0NR9WfbRXGPsNg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
v0.js
cdn.ampproject.org/
278 KB
72 KB
Script
General
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: gisel88d.xyz
URL: https://gisel88d.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
416484b2217e26d94420e4f75f62d3fbdb07a81058e6468042ce2542d016340d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gisel88d.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 13 Aug 2024 11:18:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73122
x-xss-protection
0
server
sffe
etag
"2af4af216080b72b"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 13 Aug 2024 11:18:32 GMT
amp-anim-0.1.js
cdn.ampproject.org/v0/
6 KB
3 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-anim-0.1.js
Requested by
Host: gisel88d.xyz
URL: https://gisel88d.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ecc9a646c8fecfa4e12f32a06800977bd039ce2e91d1cc7c94b3c7b7b0999979
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gisel88d.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 13 Aug 2024 11:18:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2467
x-xss-protection
0
server
sffe
etag
"5afdd0604fa01f3c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 13 Aug 2024 11:18:32 GMT
amp-accordion-0.1.js
cdn.ampproject.org/v0/
17 KB
6 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-accordion-0.1.js
Requested by
Host: gisel88d.xyz
URL: https://gisel88d.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6cfee30ce3e55ce3054f711f54ad7627185998b731aea71f58fc61a2b51fe84c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gisel88d.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 13 Aug 2024 11:18:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5823
x-xss-protection
0
server
sffe
etag
"3d8f5360088962a9"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 13 Aug 2024 11:18:32 GMT
bintangkecil.gif
iss99.com/assets/img/iss/
863 KB
864 KB
Image
General
Full URL
https://iss99.com/assets/img/iss/bintangkecil.gif
Requested by
Host: gisel88d.xyz
URL: https://gisel88d.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd9c1bd17d76563005266ea4f5f2b355b879e62d2588acff7a68a8d356c0590a

Request headers

Referer
https://gisel88d.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 11:18:32 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 02 Jun 2024 04:27:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"665bf4bc-d7d08"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2se8G4c0Mud%2FA84XbGZL704iLbfYn%2FthuH%2BqATr8g%2B1ar7AzdvFB82cNihKq0XjNfwR%2BoGD1MQa8UOuiCOCB%2B6Vs7vqTRsfpqYkJiI4R7IihBowwNGeNjLj9FcE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8b284e1379b59b95-FRA
alt-svc
h3=":443"; ma=86400
content-length
883976
truncated
/
84 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
19b99560de03158412fa401973fd733cfa80aafd357ccabdb05a5dcdb6f3a63e

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
85 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8b8be744b610279e0c47e2d18b676979f5e3d2d3ff15a8fa417411dd10fd0bbb

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
82 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc4f8977a88c766f201137149a9cd77d9b588975de8b416c6cca798314c34457

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
82 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ca6c3c5c8e1daefb217c253fda11ab0bddd7621911d4636f07ffe364f80dddb1

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
slot-gacor.gif
media.tenor.com/4llyfetmS-wAAAAi/
30 KB
31 KB
Image
General
Full URL
https://media.tenor.com/4llyfetmS-wAAAAi/slot-gacor.gif
Requested by
Host: gisel88d.xyz
URL: https://gisel88d.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
baba8b3ea26129762e784079f925faff138c930f55bfdbdf68edb8874c684c40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gisel88d.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 19:30:35 GMT
x-content-type-options
nosniff
age
56877
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-tenor-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30916
x-xss-protection
0
last-modified
Fri, 21 Apr 2023 13:39:54 GMT
server
sffe
report-to
{"group":"media-tenor-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-tenor-team"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="media-tenor-team"
expires
Tue, 13 Aug 2024 19:30:35 GMT
cara-mudah-jp.jpg
i0.wp.com/128.199.74.222/wp-content/uploads/2024/02/
161 KB
161 KB
Image
General
Full URL
https://i0.wp.com/128.199.74.222/wp-content/uploads/2024/02/cara-mudah-jp.jpg
Requested by
Host: gisel88d.xyz
URL: https://gisel88d.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
e37e9b4e3b88d1fea2a5100d5aeb96fe93439d34a913f5e9c8a2531d56326255
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://gisel88d.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 11:18:32 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
164522
x-nc
HIT ams 6
last-modified
Wed, 07 Aug 2024 19:43:33 GMT
server
nginx
etag
"6209e973e1197775"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://128.199.74.222/wp-content/uploads/2024/02/cara-mudah-jp.jpg>; rel="canonical"
expires
Sat, 08 Aug 2026 07:43:33 GMT
gift_icon_128853.png
cdn.icon-icons.com/icons2/2098/PNG/512/
3 KB
3 KB
Image
General
Full URL
https://cdn.icon-icons.com/icons2/2098/PNG/512/gift_icon_128853.png
Requested by
Host: gisel88d.xyz
URL: https://gisel88d.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.210 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
d152b9f42d60595c9f2b422140cc4eb426a827bbd2545f30f92a9847ed6821b4

Request headers

Referer
https://gisel88d.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 11:18:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
130752
cf-polished
origFmt=png, origSize=6125
x-powered-by
PleskLin
content-disposition
inline; filename="gift_icon_128853.webp"
alt-svc
h3=":443"; ma=86400
content-length
2958
cf-bgj
imgq:100,h2pri
last-modified
Wed, 18 Dec 2019 17:34:06 GMT
server
cloudflare
etag
"5dfa630e-17ed"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TAKISyBVTB18Q9pnOM9Uft%2FFGA2D6fNt0YS5ni7TfmG6EaULFGyip%2BZgdMdWqTBtI8xzrIecCMtvlE3rTiG%2Ba7LmJ0T%2BrnbGQMBoBQP0JL4dSvPb6uyq33qQDJVDetG5SnT7GA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8b284e154c8e905b-FRA
expires
Tue, 10 Sep 2024 22:59:20 GMT
5509636.png
cdn-icons-png.flaticon.com/512/5509/
11 KB
12 KB
Image
General
Full URL
https://cdn-icons-png.flaticon.com/512/5509/5509636.png
Requested by
Host: gisel88d.xyz
URL: https://gisel88d.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:11::215:14c6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6e9b817bdecb985eb66d8933e60c40e33742378ba5b754e73e49fa22813e5ff1

Request headers

Referer
https://gisel88d.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 11:18:32 GMT
x-amz-meta-goog-reserved-file-mtime
1630302594
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
11574
pragma
public
last-modified
Tue, 19 Sep 2023 05:11:49 GMT
etag
"36158f0f433d348f9200b4c3cce59e1e"
vary
Accept-Encoding
x-goog-generation
1695100309517675
content-type
image/png
access-control-allow-origin
*
x-default-rule
YES
cache-control
public, max-age=31536000
x-goog-stored-content-length
11574
x-amz-checksum-crc32c
8KaPXQ==
accept-ranges
bytes
x-amz-meta-x-goog-reserved-source-generation
1635612249202437
expires
Tue, 13 Aug 2024 11:18:32 GMT
yellow-chrome-blink-home.gif
www.gifs.cc/home/
29 KB
29 KB
Image
General
Full URL
https://www.gifs.cc/home/yellow-chrome-blink-home.gif
Requested by
Host: gisel88d.xyz
URL: https://gisel88d.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.22.21.83 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
s60.prohostdirect.com
Software
LiteSpeed /
Resource Hash
92f910df6548bcb38bbbaf6791e33b2d488a61598d71922b1704119797e31b6d

Request headers

Referer
https://gisel88d.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 11:18:33 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/gif
cache-control
public, max-age=2592000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
29906
expires
Thu, 12 Sep 2024 11:18:33 GMT
bonanza178-slot-gacor-slot-online---discover-%26-share-gifs.gif
media.tenor.com/IgWDHoSmY20AAAAj/
425 KB
426 KB
Image
General
Full URL
https://media.tenor.com/IgWDHoSmY20AAAAj/bonanza178-slot-gacor-slot-online---discover-%26-share-gifs.gif
Requested by
Host: gisel88d.xyz
URL: https://gisel88d.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4792de9c8480c6ba6969aa49ae8d8ec7290ed2998939ce5c884d862d32b9a38b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gisel88d.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 19:30:35 GMT
x-content-type-options
nosniff
age
56877
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-tenor-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
435639
x-xss-protection
0
last-modified
Sun, 19 Nov 2023 04:40:22 GMT
server
sffe
report-to
{"group":"media-tenor-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-tenor-team"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="media-tenor-team"
expires
Tue, 13 Aug 2024 19:30:35 GMT
JaP5Tyg.gif
iili.io/
162 KB
163 KB
Image
General
Full URL
https://iili.io/JaP5Tyg.gif
Requested by
Host: gisel88d.xyz
URL: https://gisel88d.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.235.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
889142d2506b43c099d2a59afe6322756f11126e63b53fcffafbe2068df08369

Request headers

Referer
https://gisel88d.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 11:18:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
130752
alt-svc
h3=":443"; ma=86400
content-length
166309
last-modified
Tue, 23 Jan 2024 12:04:02 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pm5t7GBr9KtAygVabvo2Xydo5yUAcKOA7%2BW0qjimdDTDLGFGgKI9BFXZOj%2FyNcCILVaTyW%2BgXCgSJFSdTZnJ6VItVeu9PL2lu4DEyawT%2FlUHdA%2Bwgmm0Q%2F9i"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
8b284e15486fbbf5-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012406131415000/v0/
8 KB
3 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012406131415000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f1.1e100.net
Software
sffe /
Resource Hash
08c034b981c8dbe7aace6c041f2b7dec193b2aff8d219ae8c3fc80f1aceda1de
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gisel88d.xyz/
Origin
https://gisel88d.xyz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 06 Aug 2024 15:06:09 GMT
age
591143
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2974
x-xss-protection
0
server
sffe
etag
"3bb766b5672b9f2f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 06 Aug 2025 15:06:09 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012406131415000/v0/
12 KB
4 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012406131415000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f1.1e100.net
Software
sffe /
Resource Hash
e4a0b30928c7d7d1d18cd4c7f43d23f2615cbcc92a0457a4e5bf04b9e3e73353
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gisel88d.xyz/
Origin
https://gisel88d.xyz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 07 Aug 2024 12:01:58 GMT
age
515794
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3935
x-xss-protection
0
server
sffe
etag
"db107aa2d6068f23"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 07 Aug 2025 12:01:58 GMT
favicon.ico
gisel88d.xyz/
1 KB
996 B
Other
General
Full URL
https://gisel88d.xyz/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896

Request headers

Referer
https://gisel88d.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 11:18:34 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q%2BFdZz1%2BTVDZfc9WCoZpUeePIVyN4sexadL3M7IdBZP8yniCAWsWkyJQxFGyQbkDt1hJ2YBKk6uWVLb3AmR5cXyIhvWfNwhv9EbbDCt0hJAhGkN0I3fJ2DQoYcfyTg9JCLmCZKzxatMR7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by
LiteSpeed
cf-ray
8b284e1d2a453655-FRA

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP__EXPERIMENT_TOGGLES object| __AMP_URL_CACHE boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://gisel88d.xyz/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn-icons-png.flaticon.com
cdn.ampproject.org
cdn.icon-icons.com
gisel888.pro
gisel88d.xyz
i0.wp.com
iili.io
iss99.com
media.tenor.com
www.gifs.cc
104.21.235.70
172.217.18.1
172.67.147.110
172.67.72.210
188.114.97.3
192.0.77.2
216.22.21.83
2606:4700:20::681a:b74
2a00:1450:4001:80b::2001
2a00:1450:4001:828::200a
2a02:26f0:3500:11::215:14c6
08c034b981c8dbe7aace6c041f2b7dec193b2aff8d219ae8c3fc80f1aceda1de
19b99560de03158412fa401973fd733cfa80aafd357ccabdb05a5dcdb6f3a63e
416484b2217e26d94420e4f75f62d3fbdb07a81058e6468042ce2542d016340d
4792de9c8480c6ba6969aa49ae8d8ec7290ed2998939ce5c884d862d32b9a38b
4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896
6cfee30ce3e55ce3054f711f54ad7627185998b731aea71f58fc61a2b51fe84c
6e9b817bdecb985eb66d8933e60c40e33742378ba5b754e73e49fa22813e5ff1
889142d2506b43c099d2a59afe6322756f11126e63b53fcffafbe2068df08369
8b8be744b610279e0c47e2d18b676979f5e3d2d3ff15a8fa417411dd10fd0bbb
92f910df6548bcb38bbbaf6791e33b2d488a61598d71922b1704119797e31b6d
baba8b3ea26129762e784079f925faff138c930f55bfdbdf68edb8874c684c40
ca6c3c5c8e1daefb217c253fda11ab0bddd7621911d4636f07ffe364f80dddb1
d152b9f42d60595c9f2b422140cc4eb426a827bbd2545f30f92a9847ed6821b4
e37e9b4e3b88d1fea2a5100d5aeb96fe93439d34a913f5e9c8a2531d56326255
e4a0b30928c7d7d1d18cd4c7f43d23f2615cbcc92a0457a4e5bf04b9e3e73353
ecc9a646c8fecfa4e12f32a06800977bd039ce2e91d1cc7c94b3c7b7b0999979
fbbc4f132f00dcd6e2bf5745c1e4dac6ba300a7ee36786a63b412add82d431f0
fc4f8977a88c766f201137149a9cd77d9b588975de8b416c6cca798314c34457
fd9c1bd17d76563005266ea4f5f2b355b879e62d2588acff7a68a8d356c0590a