hmoetaikenblogfc2com.free.bg Open in urlscan Pro
94.130.71.117 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://hmoetaikenblogfc2com.free.bg/jogos-gratis/page-298-2024-01-19.html
Submission: On November 28 via api (November 28th 2023, 10:59:17 am UTC) from US — Scanned from DE

Summary HTTP 24 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 2 countries across 15 domains to perform 24 HTTP transactions. The main IP is 94.130.71.117, located in Heide, Germany and belongs to HETZNER-AS, DE. The main domain is hmoetaikenblogfc2com.free.bg.

This is the only time hmoetaikenblogfc2com.free.bg was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	94.130.71.117 94.130.71.117	24940 (HETZNER-AS) (HETZNER-AS)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3034::ac43:93b7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:827::2016	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:8d::84 2a04:4e42:8d::84	54113 (FASTLY) (FASTLY)
1	2400:52e0:1e0... 2400:52e0:1e00::1080:1	200325 (BUNNYCDN) (BUNNYCDN)
1	2606:4700:20:... 2606:4700:20::ac43:4705	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:310... 2606:4700:3108::ac42:28e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	141.193.213.11 141.193.213.11	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1 2	23.45.238.53 23.45.238.53	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
24	15

3 94.130.71.117 (Heide, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: free.bg

hmoetaikenblogfc2com.free.bg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

tragamonedasx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:93b7 (United States)

ASN13335 (CLOUDFLARENET, US)

media.metropolitant.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:8d::84 (United States)

ASN54113 (FASTLY, US)

i.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1e00::1080:1 (Germany)

ASN200325 (BUNNYCDN, SI)

www-knowyourslots-com.exactdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4705 (United States)

ASN13335 (CLOUDFLARENET, US)

slotcatalog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3108::ac42:28e5 (United States)

ASN13335 (CLOUDFLARENET, US)

www.slotsup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.193.213.11 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

nodepositbonuscasino.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.45.238.53 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-238-53.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	369 KB
3	free.bg hmoetaikenblogfc2com.free.bg	132 KB
2	addthis.com 1 redirects s7.addthis.com — Cisco Umbrella Rank: 3240	628 B
2	pinimg.com i.pinimg.com — Cisco Umbrella Rank: 1904	337 KB
2	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 87	254 KB
2	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97	186 KB
1	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	4 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 364	33 KB
1	nodepositbonuscasino.com nodepositbonuscasino.com	86 KB
1	slotsup.com www.slotsup.com	248 KB
1	slotcatalog.com slotcatalog.com	400 KB
1	exactdn.com www-knowyourslots-com.exactdn.com	39 KB
1	metropolitant.com media.metropolitant.com	2 MB
1	tragamonedasx.com tragamonedasx.com	127 KB
0	Failed function sub() { [native code] }. Failed
24	15

	Domain	Requested by
5	www.googletagmanager.com	hmoetaikenblogfc2com.free.bg
3	hmoetaikenblogfc2com.free.bg	hmoetaikenblogfc2com.free.bg
2	s7.addthis.com	1 redirects hmoetaikenblogfc2com.free.bg
2	i.pinimg.com	hmoetaikenblogfc2com.free.bg
2	i.ytimg.com	hmoetaikenblogfc2com.free.bg
2	pagead2.googlesyndication.com	hmoetaikenblogfc2com.free.bg pagead2.googlesyndication.com
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	ajax.googleapis.com	hmoetaikenblogfc2com.free.bg
1	nodepositbonuscasino.com	hmoetaikenblogfc2com.free.bg
1	www.slotsup.com	hmoetaikenblogfc2com.free.bg
1	slotcatalog.com	hmoetaikenblogfc2com.free.bg
1	www-knowyourslots-com.exactdn.com	hmoetaikenblogfc2com.free.bg
1	media.metropolitant.com	hmoetaikenblogfc2com.free.bg
1	tragamonedasx.com	hmoetaikenblogfc2com.free.bg
0	91.215.152.128 Failed	hmoetaikenblogfc2com.free.bg
24	15

This site contains no links.

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tragamonedasx.com E1	`2023-11-07` - `2024-02-05`	3 months	crt.sh
metropolitant.com GTS CA 1P5	`2023-10-28` - `2024-01-26`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-31` - `2024-08-07`	a year	crt.sh
*.exactdn.com R3	`2023-11-10` - `2024-02-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-17` - `2024-05-16`	a year	crt.sh
slotsup.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
nodepositbonuscasino.com E1	`2023-10-09` - `2024-01-07`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 2 frames:

Primary Page: http://hmoetaikenblogfc2com.free.bg/jogos-gratis/page-298-2024-01-19.html
Frame ID: 216563A1FF58CB3AC6547D40D7C67FF1
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: 7BDF0233347153BF1170068E92F1A430
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AddThis (Widgets) Expand

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

24
Requests

79 %
HTTPS

79 %
IPv6

15
Domains

15
Subdomains

15
IPs

2
Countries

3934 kB
Transfer

5061 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

http://s7.addthis.com/js/300/addthis_widget.js HTTP 308
https://s7.addthis.com/js/300/addthis_widget.js

24 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request page-298-2024-01-19.html Show response
hmoetaikenblogfc2com.free.bg/jogos-gratis/ 32 KB
10 KB 67ms
27ms Document
text/html 94.130.71.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://hmoetaikenblogfc2com.free.bg/jogos-gratis/page-298-2024-01-19.html

Protocol

HTTP/1.1

Server

94.130.71.117 Heide, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

free.bg

Software

nginx /

Resource Hash

92c3db6b0a03127df68585891ea06341fc423244b5e932eb3bf7544688c7a88c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Tue, 28 Nov 2023 10:58:37 GMT
ETag: W/"64af02a5-7e59"
Expires: Tue, 28 Nov 2023 10:58:36 GMT
Last-Modified: Wed, 12 Jul 2023 19:44:37 GMT
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK bootstrap.min.css
hmoetaikenblogfc2com.free.bg/css/ 119 KB
120 KB 26ms
25ms Stylesheet
text/css 94.130.71.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://hmoetaikenblogfc2com.free.bg/css/bootstrap.min.css

Requested by

Host: hmoetaikenblogfc2com.free.bg
URL: http://hmoetaikenblogfc2com.free.bg/jogos-gratis/page-298-2024-01-19.html

Protocol

HTTP/1.1

Server

94.130.71.117 Heide, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

free.bg

Software

nginx /

Resource Hash

77d6cef356868f46018abf1911b049186a3e4ca73b0f0cadf48033694324948c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hmoetaikenblogfc2com.free.bg/jogos-gratis/page-298-2024-01-19.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Tue, 28 Nov 2023 10:58:37 GMT
Last-Modified: Wed, 12 Jul 2023 19:44:21 GMT
Server: nginx
ETag: "64af0295-1dd48"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 122184
Expires: Tue, 28 Nov 2023 10:58:36 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 151 KB
52 KB 123ms
72ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6890287250975679

Requested by

Host: hmoetaikenblogfc2com.free.bg
URL: http://hmoetaikenblogfc2com.free.bg/jogos-gratis/page-298-2024-01-19.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d91ab47453f27972e7c3073579d2f958ccf63c116240f1db45a1cd5e516d563b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://hmoetaikenblogfc2com.free.bg/
Origin: http://hmoetaikenblogfc2com.free.bg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 10:58:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52744
x-xss-protection: 0
server: cafe
etag: 17721840991085638369
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 28 Nov 2023 10:58:37 GMT

GET
H/1.1 200
OK qwertymin.js Show response
hmoetaikenblogfc2com.free.bg/css/ 1 KB
2 KB 53ms
26ms Script
application/javascript 94.130.71.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://hmoetaikenblogfc2com.free.bg/css/qwertymin.js

Requested by

Host: hmoetaikenblogfc2com.free.bg
URL: http://hmoetaikenblogfc2com.free.bg/jogos-gratis/page-298-2024-01-19.html

Protocol

HTTP/1.1

Server

94.130.71.117 Heide, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

free.bg

Software

nginx /

Resource Hash

0ae5586d9890485b7d9cddaad714e8df68cb7abfd679402458149db9f38fdc42

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hmoetaikenblogfc2com.free.bg/jogos-gratis/page-298-2024-01-19.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Tue, 28 Nov 2023 10:58:37 GMT
Last-Modified: Wed, 12 Jul 2023 19:44:20 GMT
Server: nginx
ETag: "64af0294-555"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1365
Expires: Tue, 28 Nov 2023 10:58:36 GMT

GET
H2 200 sizzling-hot-deluxe-tragamonedas.jpg
tragamonedasx.com/wp-content/uploads/sites/10040/2015/01/ 126 KB
127 KB 120ms
62ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tragamonedasx.com/wp-content/uploads/sites/10040/2015/01/sizzling-hot-deluxe-tragamonedas.jpg
Requested by: Host: hmoetaikenblogfc2com.free.bg
URL: http://hmoetaikenblogfc2com.free.bg/jogos-gratis/page-298-2024-01-19.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbe084bc8ce71c8302c01ed9fbcd6873c531449fe23882562edeaa6c17022869

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hmoetaikenblogfc2com.free.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 10:58:37 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 128873
last-modified: Wed, 13 Sep 2023 09:31:34 GMT
server: cloudflare
etag: "65018176-1f769"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uzdFIlLj2%2FK7Q8%2FnLKTZVoAXTa8goLXpbq45ddqzJWUfgPrL6cJGrR1MZ4COT50erHu%2B4YEurE5tioEY7qn0qKVY8Qrdv7VrTyOhpFVrxsT0mA2tTFMNtJSBpiO%2FAIth803IeizM4oNUYPJFg1PTnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 82d218ca0c5a3a4f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Screenshot-2019-01-08-at-5.20.22-AM.png
media.metropolitant.com/uploads/2019/01/ 2 MB
2 MB 821ms
758ms Image
image/png 2606:4700:3034::ac43:93b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.metropolitant.com/uploads/2019/01/Screenshot-2019-01-08-at-5.20.22-AM.png
Requested by: Host: hmoetaikenblogfc2com.free.bg
URL: http://hmoetaikenblogfc2com.free.bg/jogos-gratis/page-298-2024-01-19.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:93b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1310aa3b810a5dcc75e721abb3f5dd13de13bc1fc46d96744a522308e94c1f40

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hmoetaikenblogfc2com.free.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 10:58:38 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 3G0RH227NJ932A80
x-amz-storage-class: STANDARD_IA
alt-svc: h3=":443"; ma=86400
content-length: 1756999
x-amz-id-2: jSnQfCUFCU9CfWmU7ZeUnvnQYwKD2QxGBRln5L1d9c9vODdIT60tvkx79hqYNR51OMqDuE+1DZY=
last-modified: Mon, 07 Jan 2019 21:20:51 GMT
server: cloudflare
etag: "276bbd22e1a46c5a503d9ff63e6f59e0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=phgUmFK0AvHe6q0kXNk3O1s3C2j2xHK7Hi%2Br3f1eFeAiKA41X4kf3ae8%2Bra53MHvQGf%2BRpwLnmI5QnhUcNx9uiAD%2FI2hPPS6m98gpQGKsrI96bDP%2FpAVdHTTVRmQwSYahHW%2BwaWIdIjJGTKcB%2FO%2FkoHLZqXJgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82d218ca08f31907-FRA
expires: Tue, 07 Jan 2020 21:10:21 GMT

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/tBLtGSBgWuQ/ 90 KB
90 KB 128ms
77ms Image
image/jpeg 2a00:1450:4001:827::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/tBLtGSBgWuQ/maxresdefault.jpg

Requested by

Host: hmoetaikenblogfc2com.free.bg
URL: http://hmoetaikenblogfc2com.free.bg/jogos-gratis/page-298-2024-01-19.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfa7022ea63efeb02a9f43c35d0b87306ff9810a3a6be10cb4fa8224121ccf90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hmoetaikenblogfc2com.free.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 10:58:37 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91868
x-xss-protection: 0
server: sffe
etag: "1553102052"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 28 Nov 2023 12:58:37 GMT

GET
H2 200 146976e6082bb41c3960a436a4e9c662.png
i.pinimg.com/originals/14/69/76/ 204 KB
204 KB 68ms
23ms Image
image/png 2a04:4e42:8d::84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/14/69/76/146976e6082bb41c3960a436a4e9c662.png
Requested by: Host: hmoetaikenblogfc2com.free.bg
URL: http://hmoetaikenblogfc2com.free.bg/jogos-gratis/page-298-2024-01-19.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:8d::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9a694bc78f0417524dff986d1daffd2abb679e472d2aced6caf7a9586d2494f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hmoetaikenblogfc2com.free.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 10:58:38 GMT
x-cdn: fastly
etag: "c996d50ca5f4d217e5ca4f8fde5f3d47"
vary: Origin
content-type: image/png
cache-control: max-age=31536000, immutable
accept-ranges: bytes
alt-svc: h3=":443";ma=600
content-length: 208612

GET
H2 200 its-magic-amber-bet-panel.jpg
www-knowyourslots-com.exactdn.com/wp-content/uploads/2019/11/ 39 KB
39 KB 163ms
41ms Image
image/webp 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-knowyourslots-com.exactdn.com/wp-content/uploads/2019/11/its-magic-amber-bet-panel.jpg?strip=all&lossy=1&resize=810%2C510&ssl=1

Requested by

Host: hmoetaikenblogfc2com.free.bg
URL: http://hmoetaikenblogfc2com.free.bg/jogos-gratis/page-298-2024-01-19.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

9dbb1d21bb124f474df00149a48b7bda3471e51c4f7ede19384c26cd19f1915f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hmoetaikenblogfc2com.free.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: Thu, 21 Nov 2024 02:35:18 GMT
date: Tue, 28 Nov 2023 10:58:38 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 11/22/2023 02:35:18
cdn-pullzone: 101995
content-length: 39512
last-modified: Wed, 22 Nov 2023 02:35:17 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
content-type: image/webp
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: d81532a4e787d67b75898151b193ba20
link: <https://www.knowyourslots.com/wp-content/uploads/2019/11/its-magic-amber-bet-panel.jpg>; rel="canonical"
cdn-requestcountrycode: DE
cdn-status: 200
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullsuccess: True

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/Ic930hXhOFM/ 163 KB
163 KB 74ms
74ms Image
image/jpeg 2a00:1450:4001:827::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/Ic930hXhOFM/maxresdefault.jpg

Requested by

Host: hmoetaikenblogfc2com.free.bg
URL: http://hmoetaikenblogfc2com.free.bg/jogos-gratis/page-298-2024-01-19.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1543b524292d9757463c979c698cda5a8f2df2aa18258c09acf62e08893c8fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hmoetaikenblogfc2com.free.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 10:58:39 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167076
x-xss-protection: 0
server: sffe
etag: "1564675756"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 28 Nov 2023 12:58:39 GMT

GET
H2 200 Amber-sky-3.jpg
slotcatalog.com/userfiles/image/games/IGT/10235/ 399 KB
400 KB 326ms
270ms Image
image/jpeg 2606:4700:20::ac43:4705
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://slotcatalog.com/userfiles/image/games/IGT/10235/Amber-sky-3.jpg

Requested by

Host: hmoetaikenblogfc2com.free.bg
URL: http://hmoetaikenblogfc2com.free.bg/jogos-gratis/page-298-2024-01-19.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4705 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78ba05065612d2efec1aa8ae7c2bc03f6e3efc394e86ffa8f3296c1eda433be2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hmoetaikenblogfc2com.free.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 10:58:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx00000a0cf3fe8099ee333-006565c7df-bc9d9e0d-fra1b
x-envoy-upstream-healthchecked-cluster
x-amz-storage-class: STANDARD
alt-svc: h3=":443"; ma=86400
content-length: 408829
last-modified: Thu, 28 Jan 2021 04:37:45 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: md5:b7cc4cd447b699c843e5881b100c01c4
etag: "b7cc4cd447b699c843e5881b100c01c4"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mK0EwGFUMmpcFk0dOtRGKk8uiEMXzhdpKwKR%2FmnY6MEl2JobW7q8a%2FxRJTp57TSghCZy%2BlEO2JqiaIlrU8C0Tzb4hSEc1hMne1LoWlByZ9nWvm0kB3S7A%2FBgo%2FwVUvMyyJBEGoOm%2F8gy97oQ2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-rgw-object-type: Normal
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 82d218d3eb3b9c12-FRA

GET
H2 200 108-heroes-microgaming-casino-slots.png
www.slotsup.com/wp-content/uploads/default/ 248 KB
248 KB 311ms
253ms Image
image/png 2606:4700:3108::ac42:28e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.slotsup.com/wp-content/uploads/default/108-heroes-microgaming-casino-slots.png

Requested by

Host: hmoetaikenblogfc2com.free.bg
URL: http://hmoetaikenblogfc2com.free.bg/jogos-gratis/page-298-2024-01-19.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c06e40c8f62ac3adcb5ce29ebc73da0444418b2e7f7d41601fa1c47d29a77700

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hmoetaikenblogfc2com.free.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 10:58:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Sun, 20 Aug 2017 12:17:08 GMT
server: cloudflare
etag: "59997dc4-3dfcf"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82d218d6592a9b6e-FRA
content-length: 253903
expires: Mon, 26 Feb 2024 10:58:39 GMT

GET
H2 200 a2d8b8abec678e274409a466c5ba8729.jpg
i.pinimg.com/originals/a2/d8/b8/ 133 KB
133 KB 230ms
230ms Image
image/jpeg 2a04:4e42:8d::84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/a2/d8/b8/a2d8b8abec678e274409a466c5ba8729.jpg
Requested by: Host: hmoetaikenblogfc2com.free.bg
URL: http://hmoetaikenblogfc2com.free.bg/jogos-gratis/page-298-2024-01-19.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:8d::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7fd04bab9d5f117b71e8e2b8c1887f3ff9694d56175de1361ded93ad915b3625

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hmoetaikenblogfc2com.free.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 10:58:40 GMT
x-cdn: fastly
etag: "10115d517545310843f7f4659ea63cb4"
vary: Origin
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
alt-svc: h3=":443";ma=600
content-length: 135833

GET
H2 200 onlineslotsukmobile.png
nodepositbonuscasino.com/wp-content/uploads/2020/07/ 85 KB
86 KB 604ms
545ms Image
image/png 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nodepositbonuscasino.com/wp-content/uploads/2020/07/onlineslotsukmobile.png

Requested by

Host: hmoetaikenblogfc2com.free.bg
URL: http://hmoetaikenblogfc2com.free.bg/jogos-gratis/page-298-2024-01-19.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

264dc1a521c121962a693e7af4473e187667e4c665b779de394fe6c2cb8cea66

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hmoetaikenblogfc2com.free.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 10:58:40 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: MISS
last-modified: Mon, 13 Sep 2021 16:34:56 GMT
server: cloudflare
etag: "613f7db0-1550f"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 82d218daded49bb9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 87311

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 94 KB
33 KB 68ms
21ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Requested by

Host: hmoetaikenblogfc2com.free.bg
URL: http://hmoetaikenblogfc2com.free.bg/jogos-gratis/page-298-2024-01-19.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hmoetaikenblogfc2com.free.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:17:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 441685
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33576
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Nov 2024 08:17:13 GMT

GET
H2

200

addthis_widget.js Show response
s7.addthis.com/js/300/
Redirect Chain

http://s7.addthis.com/js/300/addthis_widget.js
https://s7.addthis.com/js/300/addthis_widget.js

56 B
361 B

110ms
31ms

Script
text/javascript

23.45.238.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: hmoetaikenblogfc2com.free.bg
URL: http://hmoetaikenblogfc2com.free.bg/jogos-gratis/page-298-2024-01-19.html

Protocol

Server

23.45.238.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-45-238-53.deploy.static.akamaitechnologies.com

Software

Oracle API Gateway /

Resource Hash

f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hmoetaikenblogfc2com.free.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 28 Nov 2023 10:58:38 GMT
server: Oracle API Gateway
opc-request-id: /01549D88367FEDD7C5A4783D5E3D23C2/0D9F970A614A2A7E8262776BE8D30EA7
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/javascript
x-distribution: 99
x-host: s7.addthis.com
content-length: 76
x-xss-protection: 1; mode=block

Redirect headers

Date: Tue, 28 Nov 2023 10:58:38 GMT
Server: nginx/1.15.8
X-Distribution: 99
Content-Type: text/html
Location: https://s7.addthis.com/js/300/addthis_widget.js
X-Host: s7.addthis.com
Connection: keep-alive
Content-Length: 171

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 277 KB
92 KB 93ms
37ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WKKLPLJP3V

Requested by

Host: hmoetaikenblogfc2com.free.bg
URL: http://hmoetaikenblogfc2com.free.bg/jogos-gratis/page-298-2024-01-19.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

10ab3c3c0927ab4a5e0ade9eab8f4cbb9d0cc39493e45cfe26991addfa646433

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hmoetaikenblogfc2com.free.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 10:58:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93581
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 28 Nov 2023 10:58:41 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 260 KB
88 KB 39ms
38ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-B29892VMGP

Requested by

Host: hmoetaikenblogfc2com.free.bg
URL: http://hmoetaikenblogfc2com.free.bg/jogos-gratis/page-298-2024-01-19.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9713b8ba65cb982c93cc8b2ec09d10f32086e9d709a1c382c8bf5f9d03745898

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hmoetaikenblogfc2com.free.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 10:58:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89707
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 28 Nov 2023 10:58:41 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 173 KB
63 KB 38ms
38ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-96521599-1

Requested by

Host: hmoetaikenblogfc2com.free.bg
URL: http://hmoetaikenblogfc2com.free.bg/jogos-gratis/page-298-2024-01-19.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5940e278364436f4abd593b40eb2de8aac18d14f02a4e25288405380a4da4754

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hmoetaikenblogfc2com.free.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 10:58:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64635
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 28 Nov 2023 10:58:41 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 173 KB
63 KB 38ms
38ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-199856617-1

Requested by

Host: hmoetaikenblogfc2com.free.bg
URL: http://hmoetaikenblogfc2com.free.bg/jogos-gratis/page-298-2024-01-19.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0de8dc544077faf540a1602b23ed1e0eb44a278ea69732fba46880be0baa305b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hmoetaikenblogfc2com.free.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 10:58:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64669
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 28 Nov 2023 10:58:41 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 173 KB
63 KB 36ms
36ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-162690612-1

Requested by

Host: hmoetaikenblogfc2com.free.bg
URL: http://hmoetaikenblogfc2com.free.bg/jogos-gratis/page-298-2024-01-19.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2d38e8094d89f3bf98aa382fd0a9621452ccf24dac4f619cc6ec223f8f2b1238

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hmoetaikenblogfc2com.free.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 10:58:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64666
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 28 Nov 2023 10:58:41 GMT

GET bronline
91.215.152.128/ 0
0

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/ 397 KB
134 KB 121ms
79ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6890287250975679&plah=hmoetaikenblogfc2com.free.bg&bust=31079756

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6890287250975679

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f89fcf0eed08dc7dbb9d15a71877de819ca30df8d424f270aff8498995de8168

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hmoetaikenblogfc2com.free.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 10:58:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137290
x-xss-protection: 0
server: cafe
etag: 16324767661406054607
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 28 Nov 2023 10:58:41 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame 7BDF 9 KB
4 KB 72ms
21ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6890287250975679

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://hmoetaikenblogfc2com.free.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 6942
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 09:02:55 GMT
etag: 16674218716276178799
expires: Tue, 12 Dec 2023 09:02:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 91.215.152.128
URL: http://91.215.152.128/bronline?default_keyword=Slots+de+bonus+gratuitos+Amber+Sky

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.nodepositbonuscasino.com/	1970-01-20 16:32:50	Name: __cf_bm Value: 3_mTvjQ6mtmq046gXfcqegqLRfCbiSz3hJPEF6JBzfU-1701169120-0-AeLNdhbZqBVYRLRDVP9Ir4wCINWh6qBAOl9lkCfFhRH1qTsVCJYiFir8/V4Le8xg3Medmc6nTeB6ezjBgBVXSCc=

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://91.215.152.128/bronline?default_keyword=Slots+de+bonus+gratuitos+Amber+Sky, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://91.215.152.128/bronline?default_keyword=Slots+de+bonus+gratuitos+Amber+Sky, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

91.215.152.128
ajax.googleapis.com
googleads.g.doubleclick.net
hmoetaikenblogfc2com.free.bg
i.pinimg.com
i.ytimg.com
media.metropolitant.com
nodepositbonuscasino.com
pagead2.googlesyndication.com
s7.addthis.com
slotcatalog.com
tragamonedasx.com
www-knowyourslots-com.exactdn.com
www.googletagmanager.com
www.slotsup.com
91.215.152.128
141.193.213.11
23.45.238.53
2400:52e0:1e00::1080:1
2606:4700:20::ac43:4705
2606:4700:3034::ac43:93b7
2606:4700:3108::ac42:28e5
2a00:1450:4001:810::2008
2a00:1450:4001:813::2002
2a00:1450:4001:827::2016
2a00:1450:4001:828::2002
2a00:1450:4001:82b::200a
2a04:4e42:8d::84
2a06:98c1:3121::3
94.130.71.117
0ae5586d9890485b7d9cddaad714e8df68cb7abfd679402458149db9f38fdc42
0de8dc544077faf540a1602b23ed1e0eb44a278ea69732fba46880be0baa305b
10ab3c3c0927ab4a5e0ade9eab8f4cbb9d0cc39493e45cfe26991addfa646433
1310aa3b810a5dcc75e721abb3f5dd13de13bc1fc46d96744a522308e94c1f40
264dc1a521c121962a693e7af4473e187667e4c665b779de394fe6c2cb8cea66
2d38e8094d89f3bf98aa382fd0a9621452ccf24dac4f619cc6ec223f8f2b1238
5940e278364436f4abd593b40eb2de8aac18d14f02a4e25288405380a4da4754
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
77d6cef356868f46018abf1911b049186a3e4ca73b0f0cadf48033694324948c
78ba05065612d2efec1aa8ae7c2bc03f6e3efc394e86ffa8f3296c1eda433be2
7fd04bab9d5f117b71e8e2b8c1887f3ff9694d56175de1361ded93ad915b3625
92c3db6b0a03127df68585891ea06341fc423244b5e932eb3bf7544688c7a88c
9713b8ba65cb982c93cc8b2ec09d10f32086e9d709a1c382c8bf5f9d03745898
9a694bc78f0417524dff986d1daffd2abb679e472d2aced6caf7a9586d2494f5
9dbb1d21bb124f474df00149a48b7bda3471e51c4f7ede19384c26cd19f1915f
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
bfa7022ea63efeb02a9f43c35d0b87306ff9810a3a6be10cb4fa8224121ccf90
c06e40c8f62ac3adcb5ce29ebc73da0444418b2e7f7d41601fa1c47d29a77700
cbe084bc8ce71c8302c01ed9fbcd6873c531449fe23882562edeaa6c17022869
d91ab47453f27972e7c3073579d2f958ccf63c116240f1db45a1cd5e516d563b
f1543b524292d9757463c979c698cda5a8f2df2aa18258c09acf62e08893c8fe
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
f89fcf0eed08dc7dbb9d15a71877de819ca30df8d424f270aff8498995de8168

hmoetaikenblogfc2com.free.bg Open in urlscan Pro 94.130.71.117 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

24 Requests

79 %HTTPS

79 %IPv6

15 Domains

15 Subdomains

15 IPs

2 Countries

3934 kBTransfer

5061 kBSize

1 Cookies

0 Outgoing links

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

1 Cookies

2 Console Messages

Security Headers

Indicators

hmoetaikenblogfc2com.free.bg Open in urlscan Pro
94.130.71.117 Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

79 %
HTTPS

79 %
IPv6

15
Domains

15
Subdomains

15
IPs

2
Countries

3934 kB
Transfer

5061 kB
Size

1
Cookies

24 HTTP transactions
0 data transactions