URL: http://p8gib10pblogfc2com.free.bg/slots-gratis/page-280-2024-02-14.html
Submission: On July 29 via api from US — Scanned from DE

Summary

This website contacted 15 IPs in 4 countries across 15 domains to perform 24 HTTP transactions. The main IP is 94.130.71.117, located in Hoppegarten, Germany and belongs to HETZNER-AS, DE. The main domain is p8gib10pblogfc2com.free.bg.
This is the only time p8gib10pblogfc2com.free.bg was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 94.130.71.117 24940 (HETZNER-AS)
2 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
1 104.21.35.86 13335 (CLOUDFLAR...)
1 94.23.165.213 16276 (OVH)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 172.67.184.147 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 91.197.230.16 204436 (KUALO-AS)
1 178.63.16.199 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2.19.224.115 16625 (AKAMAI-AS)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
24 15
Apex Domain
Subdomains
Transfer
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 73
350 KB
3 winudf.com
image.winudf.com — Cisco Umbrella Rank: 58205
388 KB
3 free.bg
p8gib10pblogfc2com.free.bg
131 KB
2 addthis.com
s7.addthis.com — Cisco Umbrella Rank: 2760
628 B
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 130
173 KB
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
5 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 415
33 KB
1 slotopaint.com
slotopaint.com
183 KB
1 newonlineslots.com
www.newonlineslots.com
119 KB
1 casinoroam.com
casinoroam.com
71 KB
1 slotu.com
slotu.com
154 KB
1 pinimg.com
i.pinimg.com — Cisco Umbrella Rank: 2305
41 KB
1 gsdeluxe.com
www.gsdeluxe.com
347 KB
1 moneyreels.com
www.moneyreels.com
73 KB
0 Failed
function sub() { [native code] }. Failed
24 15
Domain Requested by
5 www.googletagmanager.com p8gib10pblogfc2com.free.bg
3 image.winudf.com p8gib10pblogfc2com.free.bg
3 p8gib10pblogfc2com.free.bg p8gib10pblogfc2com.free.bg
2 s7.addthis.com 1 redirects p8gib10pblogfc2com.free.bg
2 pagead2.googlesyndication.com p8gib10pblogfc2com.free.bg
pagead2.googlesyndication.com
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 ajax.googleapis.com p8gib10pblogfc2com.free.bg
1 slotopaint.com p8gib10pblogfc2com.free.bg
1 www.newonlineslots.com p8gib10pblogfc2com.free.bg
1 casinoroam.com p8gib10pblogfc2com.free.bg
1 slotu.com p8gib10pblogfc2com.free.bg
1 i.pinimg.com p8gib10pblogfc2com.free.bg
1 www.gsdeluxe.com p8gib10pblogfc2com.free.bg
1 www.moneyreels.com p8gib10pblogfc2com.free.bg
0 91.215.152.128 Failed p8gib10pblogfc2com.free.bg
24 15

This site contains no links.

Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1C3
2023-07-10 -
2023-10-02
3 months crt.sh
winudf.com
GTS CA 1P5
2023-06-14 -
2023-09-12
3 months crt.sh
moneyreels.com
E1
2023-07-11 -
2023-10-09
3 months crt.sh
www.gsdeluxe.com
R3
2023-07-18 -
2023-10-16
3 months crt.sh
i2.pinimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-05-03 -
2024-05-15
a year crt.sh
slotu.com
GTS CA 1P5
2023-07-03 -
2023-10-01
3 months crt.sh
casinoroam.com
GTS CA 1P5
2023-06-09 -
2023-09-07
3 months crt.sh
newonlineslots.com
cPanel, Inc. Certification Authority
2023-07-09 -
2023-10-07
3 months crt.sh
slotopaint.com
R3
2023-06-23 -
2023-09-21
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-07-10 -
2023-10-02
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-07-10 -
2023-10-02
3 months crt.sh

This page contains 2 frames:

Primary Page: http://p8gib10pblogfc2com.free.bg/slots-gratis/page-280-2024-02-14.html
Frame ID: 40E76229569EF426E30671E66D82296B
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20190131/zrt_lookup.html
Frame ID: E1E9A2394C711CA36B3471EB01B9F991
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • addthis\.com/js/

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

24
Requests

79 %
HTTPS

50 %
IPv6

15
Domains

15
Subdomains

15
IPs

4
Countries

2069 kB
Transfer

3127 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • http://s7.addthis.com/js/300/addthis_widget.js HTTP 308
  • https://s7.addthis.com/js/300/addthis_widget.js

24 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request page-280-2024-02-14.html
p8gib10pblogfc2com.free.bg/slots-gratis/
31 KB
10 KB
Document
General
Full URL
http://p8gib10pblogfc2com.free.bg/slots-gratis/page-280-2024-02-14.html
Protocol
HTTP/1.1
Server
94.130.71.117 Hoppegarten, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
free.bg
Software
nginx /
Resource Hash
e2574287eedc091a28e5496cee612544a755ec91b56732b09f4f39d92a1e486a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sat, 29 Jul 2023 21:02:06 GMT
ETag
W/"64aef508-7daf"
Expires
Sat, 29 Jul 2023 21:02:05 GMT
Last-Modified
Wed, 12 Jul 2023 18:46:32 GMT
Server
nginx
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
bootstrap.min.css
p8gib10pblogfc2com.free.bg/css/
119 KB
120 KB
Stylesheet
General
Full URL
http://p8gib10pblogfc2com.free.bg/css/bootstrap.min.css
Requested by
Host: p8gib10pblogfc2com.free.bg
URL: http://p8gib10pblogfc2com.free.bg/slots-gratis/page-280-2024-02-14.html
Protocol
HTTP/1.1
Server
94.130.71.117 Hoppegarten, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
free.bg
Software
nginx /
Resource Hash
77d6cef356868f46018abf1911b049186a3e4ca73b0f0cadf48033694324948c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://p8gib10pblogfc2com.free.bg/slots-gratis/page-280-2024-02-14.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Sat, 29 Jul 2023 21:02:06 GMT
Last-Modified
Wed, 12 Jul 2023 18:44:39 GMT
Server
nginx
ETag
"64aef497-1dd48"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
122184
Expires
Sat, 29 Jul 2023 21:02:05 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
144 KB
50 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6890287250975679
Requested by
Host: p8gib10pblogfc2com.free.bg
URL: http://p8gib10pblogfc2com.free.bg/slots-gratis/page-280-2024-02-14.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1132d7dec9f62d9c6eab53aa62fa2cbb9673d7a14c3e6a19da280c3b20e883e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://p8gib10pblogfc2com.free.bg/
Origin
http://p8gib10pblogfc2com.free.bg
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 21:02:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50511
x-xss-protection
0
server
cafe
etag
16099108214045863085
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 29 Jul 2023 21:02:06 GMT
qwertymin.js
p8gib10pblogfc2com.free.bg/css/
1 KB
2 KB
Script
General
Full URL
http://p8gib10pblogfc2com.free.bg/css/qwertymin.js
Requested by
Host: p8gib10pblogfc2com.free.bg
URL: http://p8gib10pblogfc2com.free.bg/slots-gratis/page-280-2024-02-14.html
Protocol
HTTP/1.1
Server
94.130.71.117 Hoppegarten, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
free.bg
Software
nginx /
Resource Hash
0ae5586d9890485b7d9cddaad714e8df68cb7abfd679402458149db9f38fdc42
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://p8gib10pblogfc2com.free.bg/slots-gratis/page-280-2024-02-14.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Sat, 29 Jul 2023 21:02:06 GMT
Last-Modified
Wed, 12 Jul 2023 18:44:37 GMT
Server
nginx
ETag
"64aef495-555"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1365
Expires
Sat, 29 Jul 2023 21:02:05 GMT
screen-3.jpg
image.winudf.com/v2/image/Y29tLmRvb21zbG90cy5hbGljZXdvbmRlcmxhbmRfc2NyZWVuc2hvdHNfM19iNzNkZjFhMA/
87 KB
88 KB
Image
General
Full URL
https://image.winudf.com/v2/image/Y29tLmRvb21zbG90cy5hbGljZXdvbmRlcmxhbmRfc2NyZWVuc2hvdHNfM19iNzNkZjFhMA/screen-3.jpg?fakeurl=1&type=.jpg
Requested by
Host: p8gib10pblogfc2com.free.bg
URL: http://p8gib10pblogfc2com.free.bg/slots-gratis/page-280-2024-02-14.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9dd324f890fb25e9f326e8ba66ba2a2417b133458b0ba92857bcea199324e72
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://p8gib10pblogfc2com.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 21:02:08 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
content-length
89555
server
cloudflare
etag
e8163a3c
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pxecP11MP31WNESvaUjuI8lU33L2kEstcA5CuWviEU%2Fq2lzW6dKaK2z4DUydN8jnLqtfAQBFkJXINsxlNeU3nqHUpVNYdaLq5GVZ8JB8net%2BjYMPZGfxJD%2FM%2BG%2BVuJbCNcGDjZqspk1A2GmdimI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7ee84d0a5872047a-FRA
ALICEADVENTUREslot1.png
www.moneyreels.com/images/local/misc/
72 KB
73 KB
Image
General
Full URL
https://www.moneyreels.com/images/local/misc/ALICEADVENTUREslot1.png
Requested by
Host: p8gib10pblogfc2com.free.bg
URL: http://p8gib10pblogfc2com.free.bg/slots-gratis/page-280-2024-02-14.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.35.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf1d95fcffdeee4df5cce82220bb11a9a450e39a9a3749bace023a71d86ec449

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://p8gib10pblogfc2com.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 21:02:08 GMT
x-amz-version-id
AM1FOYFyd.mP7pOO.SzsYYLDtR6ZDIBB
via
1.1 0fd12a25ab67f5f967cfdd1e5752efd4.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9T7EFD0MH25Q83F8
x-amz-cf-pop
LHR62-C4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
74226
x-amz-id-2
vXivBqdHkS4n2Asz8tg7fRznmsM9UGA8yjRiITMSA5HQdI7k8uQoIsBo0bxAbMwm1YYvYZKTODw=
last-modified
Fri, 11 Jun 2021 12:22:52 GMT
server
cloudflare
etag
"472e69acc316b9d95de5bbbebd31d589"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DhDTZmv2qMgfmA3BrsR4HpjLSVnqOcBw5ZfPtFtT96d86X%2FmDL2quVuyIqiX2sISRZ0%2F0jXsTTdp%2BGGN47JTkNnEmxXW%2Fjpx3seYufFfbsKbPVIvz6wEt%2BFQkjcwQ3Fjti3HLe8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7ee84d151f39bbad-FRA
x-amz-cf-id
spDvmZYRfHhCwHMCDRHhHfW5XNhrdbvJk_NlmzHRmnx4Ew1BVUxysg==
5_game_slide_5.png
www.gsdeluxe.com/var/globalslots/storage/images/games/slots/alice-in-wonderland/slides/5/4003-1-eng-US/
346 KB
347 KB
Image
General
Full URL
https://www.gsdeluxe.com/var/globalslots/storage/images/games/slots/alice-in-wonderland/slides/5/4003-1-eng-US/5_game_slide_5.png
Requested by
Host: p8gib10pblogfc2com.free.bg
URL: http://p8gib10pblogfc2com.free.bg/slots-gratis/page-280-2024-02-14.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.23.165.213 , Germany, ASN16276 (OVH, FR),
Reverse DNS
gsdeluxe.com
Software
nginx/1.6.2 /
Resource Hash
e9acb6a162f8254de1c32ee93793fb771cf30f0ad58d4cb532c495de7745d2a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://p8gib10pblogfc2com.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Sat, 29 Jul 2023 21:02:08 GMT
Last-Modified
Sat, 31 Dec 2016 04:33:55 GMT
Server
nginx/1.6.2
ETag
"58673533-569b0"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
354736
06810658e9fd0abdee9c83ee7eff6930--alice-in-wonderland-slot.jpg
i.pinimg.com/474x/06/81/06/
40 KB
41 KB
Image
General
Full URL
https://i.pinimg.com/474x/06/81/06/06810658e9fd0abdee9c83ee7eff6930--alice-in-wonderland-slot.jpg
Requested by
Host: p8gib10pblogfc2com.free.bg
URL: http://p8gib10pblogfc2com.free.bg/slots-gratis/page-280-2024-02-14.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:d::210:f147 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
7957fd51113fb9bc7a993a778e83b0876b97af08ac44da7ad79892d55b503c48

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://p8gib10pblogfc2com.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-cdn
akamai
akamai-grn
0.07f01002.1690664528.1d003310
etag
"d3825d2dadfcdf9d7d8802b2faebefeb"
vary
Origin
content-type
image/jpeg
cache-control
immutable, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=600
content-length
41363
screen-20.jpg
image.winudf.com/v2/image/Y29tLmRvb21zbG90cy5hbGljZXdvbmRlcmxhbmRfc2NyZWVuc2hvdHNfMjJfNmI1YmY2ZWY/
144 KB
145 KB
Image
General
Full URL
https://image.winudf.com/v2/image/Y29tLmRvb21zbG90cy5hbGljZXdvbmRlcmxhbmRfc2NyZWVuc2hvdHNfMjJfNmI1YmY2ZWY/screen-20.jpg?h=710&fakeurl=1&type=.jpg
Requested by
Host: p8gib10pblogfc2com.free.bg
URL: http://p8gib10pblogfc2com.free.bg/slots-gratis/page-280-2024-02-14.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e59ae02152601a36112ad20b7d3ee68676af56cc31177058f52e98c43bb90b7b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://p8gib10pblogfc2com.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 21:02:08 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
130701
cf-polished
origSize=152154
x-cache
MISS
content-length
147576
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
44cf17fc
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aKzqKXbo%2BvQncjDLZheMjYUJN5nxwU5ieqg8UvV4GTpWmD4WFyXk7VawDG1QcwlN2j5rKJni4gmLd3UburasWb9LC5cm%2BQaIVcYh8L9ZfRbkICQpKpL4rvYtfZt7GPMn9mZGtJKs9xY%2F2kYS%2BBU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7ee84d18fc73047a-FRA
alice-in-wonderland_1.jpg
slotu.com/wp-content/uploads/2018/02/
154 KB
154 KB
Image
General
Full URL
https://slotu.com/wp-content/uploads/2018/02/alice-in-wonderland_1.jpg
Requested by
Host: p8gib10pblogfc2com.free.bg
URL: http://p8gib10pblogfc2com.free.bg/slots-gratis/page-280-2024-02-14.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.184.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
861289cef0eceb0d1dabc67357218faf4237ae917e37971ffbbcd81e1d2e4f47

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://p8gib10pblogfc2com.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 21:02:08 GMT
cf-cache-status
MISS
last-modified
Wed, 20 Mar 2019 12:43:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zEY9g%2BvE7P2Nu9ONLuplzn9sI%2FGsOrKTk5vdGlLo546yAHFQBWzCwzHIBcdbclWZSyin8aWir%2FlHI12CJxoluQsRDhbeALqsZ%2FT8EhoyH6OvbUOHYJsjkkW7ct4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=10368000
accept-ranges
bytes
cf-ray
7ee84d196f769962-FRA
alt-svc
h3=":443"; ma=86400
content-length
157346
expires
Sun, 26 Nov 2023 21:02:08 GMT
screen-9=x800.jpg
image.winudf.com/v1/image/Y29tLmRvb21zbG90cy5hbGljZXdvbmRlcmxhbmRfc2NyZWVuc2hvdHNfMTBfMjY5NGUyYmY/
154 KB
155 KB
Image
General
Full URL
https://image.winudf.com/v1/image/Y29tLmRvb21zbG90cy5hbGljZXdvbmRlcmxhbmRfc2NyZWVuc2hvdHNfMTBfMjY5NGUyYmY/screen-9=x800.jpg
Requested by
Host: p8gib10pblogfc2com.free.bg
URL: http://p8gib10pblogfc2com.free.bg/slots-gratis/page-280-2024-02-14.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
901f17c61c877133e63f5aab85a5467f03a68a79a1a78058e2ede2e9119544ae
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://p8gib10pblogfc2com.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 21:02:08 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
130701
cf-polished
origSize=162512
x-cache
MISS
content-length
158171
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
79fe9067
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DlBbjCxpc67P2ElDNeHFRiUtl3MW0WMkYwQzC5FyXjLrEQ5Bbwzv7QWwIIZSdItyX7xwXCBzuwxMIkAiHjNH1bA7CRotoYQWmyeo4CXT500uoYTUyZPKnMZiRIPQeOOfbHS1AicOc7%2BdNrZrUfQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7ee84d1a1e08047a-FRA
AliceInWonderland.jpg
casinoroam.com/wp-content/uploads/2020/05/
70 KB
71 KB
Image
General
Full URL
https://casinoroam.com/wp-content/uploads/2020/05/AliceInWonderland.jpg
Requested by
Host: p8gib10pblogfc2com.free.bg
URL: http://p8gib10pblogfc2com.free.bg/slots-gratis/page-280-2024-02-14.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:cab7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b03d3281d6074fdac36695fdf1a21374597741b796f93af6546de63285355b86
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://p8gib10pblogfc2com.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 21:02:09 GMT
content-security-policy
frame-ancestors 'self';
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
alt-svc
h3=":443"; ma=86400
content-length
72136
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 06 May 2020 22:24:39 GMT
server
cloudflare
vary
User-Agent,User-Agent,Accept-Encoding,Accept
x-frame-options
SAMEORIGIN
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ACUriZVydosqJa7exvqeV5JgIcuXoI6wli%2FrwDgRoelznrq9XZduuMmSTh7rBDHBbakJSTHYCqyt%2BoHcH4NoMxwrrrT0nhXGdQihMM2l7GYaceTjDzTPyS1YVIKJmJFYrYE1JEbj04jU90ImVA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=10368000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7ee84d1a89341957-FRA
expires
Sun, 26 Nov 2023 21:02:09 GMT
alices-wonderland-ag-8_1.jpg
www.newonlineslots.com/images/slots/
119 KB
119 KB
Image
General
Full URL
https://www.newonlineslots.com/images/slots/alices-wonderland-ag-8_1.jpg
Requested by
Host: p8gib10pblogfc2com.free.bg
URL: http://p8gib10pblogfc2com.free.bg/slots-gratis/page-280-2024-02-14.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.197.230.16 , United Kingdom, ASN204436 (KUALO-AS, GB),
Reverse DNS
vps1.kimbon.com
Software
/ PHP/5.5.38
Resource Hash
9544aedf5bf0bb87a361d8301682594ab1c72546b9368a90e07201617d1acd87

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://p8gib10pblogfc2com.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

expires
Sat, 05 Aug 2023 21:02:09 GMT
date
Sat, 29 Jul 2023 21:02:09 GMT
cache-control
public, max-age=604800
last-modified
Sat, 22 Jul 2023 21:02:09 GMT
x-powered-by
PHP/5.5.38
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-type
image/jpeg
slide_Wonderland_2.jpg
slotopaint.com/wp-content/uploads/2016/05/
183 KB
183 KB
Image
General
Full URL
https://slotopaint.com/wp-content/uploads/2016/05/slide_Wonderland_2.jpg
Requested by
Host: p8gib10pblogfc2com.free.bg
URL: http://p8gib10pblogfc2com.free.bg/slots-gratis/page-280-2024-02-14.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.63.16.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
devv.com.ua
Software
nginx /
Resource Hash
d3969f56ad6182c3ca2af89dd099cfcc63d7c5b3435a776d8bd5f8a51940d080

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://p8gib10pblogfc2com.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 21:02:09 GMT
last-modified
Mon, 10 Oct 2016 16:06:19 GMT
server
nginx
etag
"2db37-53e84f0c4a3b2"
vary
Host
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
187191
expires
Sat, 26 Aug 2023 21:02:09 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.0/
94 KB
33 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Requested by
Host: p8gib10pblogfc2com.free.bg
URL: http://p8gib10pblogfc2com.free.bg/slots-gratis/page-280-2024-02-14.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://p8gib10pblogfc2com.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 04:17:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60279
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33576
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Jul 2024 04:17:27 GMT
addthis_widget.js
s7.addthis.com/js/300/
Redirect Chain
  • http://s7.addthis.com/js/300/addthis_widget.js
  • https://s7.addthis.com/js/300/addthis_widget.js
56 B
361 B
Script
General
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: p8gib10pblogfc2com.free.bg
URL: http://p8gib10pblogfc2com.free.bg/slots-gratis/page-280-2024-02-14.html
Protocol
H2
Server
2.19.224.115 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-224-115.deploy.static.akamaitechnologies.com
Software
Oracle API Gateway /
Resource Hash
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://p8gib10pblogfc2com.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 29 Jul 2023 21:02:06 GMT
server
Oracle API Gateway
opc-request-id
/E6B315BDE7810F2C21E6AB886AB10E40/FF0BD0F9AE12C51ED46E54A68E0B85E4
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
text/javascript
x-distribution
99
x-host
s7.addthis.com
content-length
76
x-xss-protection
1; mode=block

Redirect headers

Date
Sat, 29 Jul 2023 21:02:06 GMT
Server
nginx/1.15.8
X-Distribution
99
Content-Type
text/html
Location
https://s7.addthis.com/js/300/addthis_widget.js
X-Host
s7.addthis.com
Connection
keep-alive
Content-Length
171
js
www.googletagmanager.com/gtag/
264 KB
88 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-WKKLPLJP3V
Requested by
Host: p8gib10pblogfc2com.free.bg
URL: http://p8gib10pblogfc2com.free.bg/slots-gratis/page-280-2024-02-14.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6a6fc7b0b42768ef444cdf8fdeb5bcdf7fbe3030012357c89d034e211e7ec313
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://p8gib10pblogfc2com.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 21:02:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89618
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 29 Jul 2023 21:02:09 GMT
js
www.googletagmanager.com/gtag/
244 KB
83 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-B29892VMGP
Requested by
Host: p8gib10pblogfc2com.free.bg
URL: http://p8gib10pblogfc2com.free.bg/slots-gratis/page-280-2024-02-14.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3a376a75e46f12501a50492dd3bd11cd15bf51942cca3e70292d41e5b8022d38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://p8gib10pblogfc2com.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 21:02:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
84987
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 29 Jul 2023 21:02:10 GMT
js
www.googletagmanager.com/gtag/
162 KB
60 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-96521599-1
Requested by
Host: p8gib10pblogfc2com.free.bg
URL: http://p8gib10pblogfc2com.free.bg/slots-gratis/page-280-2024-02-14.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
730bfccae726fc3d7e17f4dff7e243c37489efc4e84fb6f4bd62ba881f8c162f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://p8gib10pblogfc2com.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 21:02:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
61135
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 29 Jul 2023 21:02:10 GMT
js
www.googletagmanager.com/gtag/
162 KB
60 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-199856617-1
Requested by
Host: p8gib10pblogfc2com.free.bg
URL: http://p8gib10pblogfc2com.free.bg/slots-gratis/page-280-2024-02-14.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b6c61aa7d208584007043c2937a950a0f2a72ec4c34faa570081d15a04b42c11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://p8gib10pblogfc2com.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 21:02:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
61087
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 29 Jul 2023 21:02:10 GMT
js
www.googletagmanager.com/gtag/
162 KB
60 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-162690612-1
Requested by
Host: p8gib10pblogfc2com.free.bg
URL: http://p8gib10pblogfc2com.free.bg/slots-gratis/page-280-2024-02-14.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1ff9e6fca5e1cfb2b03f01397902b65834a732b64cb8d30af1720592434399cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://p8gib10pblogfc2com.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 21:02:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
61083
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 29 Jul 2023 21:02:10 GMT
bronline
91.215.152.128/
0
0

show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307270101/
361 KB
123 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6890287250975679&plah=p8gib10pblogfc2com.free.bg&bust=31076544
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6890287250975679
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c33c66d7ef065dcd15f4ae7d87eebe537609d0454d34384fe8923cb6d094ab09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://p8gib10pblogfc2com.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 21:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126336
x-xss-protection
0
server
cafe
etag
10525478249903237232
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 29 Jul 2023 21:02:10 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230726/r20190131/ Frame E1E9
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230726/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6890287250975679
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://p8gib10pblogfc2com.free.bg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
39433
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4544
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 29 Jul 2023 10:04:53 GMT
etag
12368291122986407432
expires
Sat, 12 Aug 2023 10:04:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
91.215.152.128
URL
http://91.215.152.128/bronline?default_keyword=Slot+online+Alice+in+Wonderland

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 string| keyword object| _0xdfb0 object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots number| google_rum_task_id_counter function| google_sa_impl

0 Cookies

2 Console Messages

Source Level URL
Text
javascript warning
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://91.215.152.128/bronline?default_keyword=Slot+online+Alice+in+Wonderland, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://91.215.152.128/bronline?default_keyword=Slot+online+Alice+in+Wonderland, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

91.215.152.128
ajax.googleapis.com
casinoroam.com
googleads.g.doubleclick.net
i.pinimg.com
image.winudf.com
p8gib10pblogfc2com.free.bg
pagead2.googlesyndication.com
s7.addthis.com
slotopaint.com
slotu.com
www.googletagmanager.com
www.gsdeluxe.com
www.moneyreels.com
www.newonlineslots.com
91.215.152.128
104.21.35.86
172.67.184.147
178.63.16.199
2.19.224.115
2606:4700:20::681a:916
2606:4700:3035::ac43:cab7
2a00:1450:4001:80b::2002
2a00:1450:4001:810::2002
2a00:1450:4001:810::200a
2a00:1450:4001:813::2008
2a02:26f0:480:d::210:f147
91.197.230.16
94.130.71.117
94.23.165.213
0ae5586d9890485b7d9cddaad714e8df68cb7abfd679402458149db9f38fdc42
1132d7dec9f62d9c6eab53aa62fa2cbb9673d7a14c3e6a19da280c3b20e883e7
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1ff9e6fca5e1cfb2b03f01397902b65834a732b64cb8d30af1720592434399cc
3a376a75e46f12501a50492dd3bd11cd15bf51942cca3e70292d41e5b8022d38
6a6fc7b0b42768ef444cdf8fdeb5bcdf7fbe3030012357c89d034e211e7ec313
730bfccae726fc3d7e17f4dff7e243c37489efc4e84fb6f4bd62ba881f8c162f
77d6cef356868f46018abf1911b049186a3e4ca73b0f0cadf48033694324948c
7957fd51113fb9bc7a993a778e83b0876b97af08ac44da7ad79892d55b503c48
861289cef0eceb0d1dabc67357218faf4237ae917e37971ffbbcd81e1d2e4f47
901f17c61c877133e63f5aab85a5467f03a68a79a1a78058e2ede2e9119544ae
9544aedf5bf0bb87a361d8301682594ab1c72546b9368a90e07201617d1acd87
b03d3281d6074fdac36695fdf1a21374597741b796f93af6546de63285355b86
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b6c61aa7d208584007043c2937a950a0f2a72ec4c34faa570081d15a04b42c11
bf1d95fcffdeee4df5cce82220bb11a9a450e39a9a3749bace023a71d86ec449
c33c66d7ef065dcd15f4ae7d87eebe537609d0454d34384fe8923cb6d094ab09
c9dd324f890fb25e9f326e8ba66ba2a2417b133458b0ba92857bcea199324e72
d3969f56ad6182c3ca2af89dd099cfcc63d7c5b3435a776d8bd5f8a51940d080
e2574287eedc091a28e5496cee612544a755ec91b56732b09f4f39d92a1e486a
e59ae02152601a36112ad20b7d3ee68676af56cc31177058f52e98c43bb90b7b
e9acb6a162f8254de1c32ee93793fb771cf30f0ad58d4cb532c495de7745d2a6
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d