urlscan.io logo urlscan.io
SecurityTrails logo

www.fredplayspoker.com Open in urlscan Pro
2606:4700:3031::ac43:a556  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://fredplayspoker.com/
Effective URL: https://www.fredplayspoker.com/
Submission: On May 07 via manual from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 8 domains to perform 24 HTTP transactions. The main IP is 2606:4700:3031::ac43:a556, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.fredplayspoker.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 26th 2023. Valid for: a year.
This is the only time www.fredplayspoker.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2600:1f13:393:63f:e2fe:15a2:b5f1:fde0 (Boardman, United States)

ASN16509 (AMAZON-02, US)
fredplayspoker.com
10    2606:4700:3031::ac43:a556 (United States)

ASN13335 (CLOUDFLARENET, US)
www.fredplayspoker.com
3    2606:4700:3033::ac43:903e (United States)

ASN13335 (CLOUDFLARENET, US)
privacy.gatekeeperconsent.com
the.gatekeeperconsent.com
gvl.gatekeeperconsent.com
2    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2606:4700:e2::ac40:8817 (United States)

ASN13335 (CLOUDFLARENET, US)
ezodn.com
g.ezodn.com
1    192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org
s.w.org
2    2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
11 fredplayspoker.com
fredplayspoker.com
www.fredplayspoker.com
96 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
region1.google-analytics.com — Cisco Umbrella Rank: 2587
21 KB
3 gatekeeperconsent.com
privacy.gatekeeperconsent.com — Cisco Umbrella Rank: 56366
the.gatekeeperconsent.com — Cisco Umbrella Rank: 60704
gvl.gatekeeperconsent.com — Cisco Umbrella Rank: 62713
141 KB
2 ezodn.com
ezodn.com — Cisco Umbrella Rank: 8059
g.ezodn.com — Cisco Umbrella Rank: 10344
3 KB
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 94
166 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 48
129 KB
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
5 KB
1 w.org
s.w.org — Cisco Umbrella Rank: 1834
1 KB
24 8
Domain Requested by
10 www.fredplayspoker.com www.fredplayspoker.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 pagead2.googlesyndication.com www.fredplayspoker.com
pagead2.googlesyndication.com
2 www.googletagmanager.com www.fredplayspoker.com
www.googletagmanager.com
1 region1.google-analytics.com www.googletagmanager.com
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 gvl.gatekeeperconsent.com the.gatekeeperconsent.com
1 s.w.org www.fredplayspoker.com
1 g.ezodn.com www.fredplayspoker.com
1 the.gatekeeperconsent.com www.fredplayspoker.com
1 ezodn.com www.fredplayspoker.com
1 privacy.gatekeeperconsent.com www.fredplayspoker.com
1 fredplayspoker.com 1 redirects
24 13

This site contains links to these domains. Also see Links.

Domain
www.videopoker.com
www.paypal.com
www.monke.clothing
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-26 -
2024-04-24		 a year crt.sh
gatekeeperconsent.com
GTS CA 1P5		 2023-05-06 -
2023-08-04		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh
ezodn.com
E1		 2023-05-04 -
2023-08-02		 3 months crt.sh
*.w.org
Sectigo ECC Domain Validation Secure Server CA		 2022-12-06 -
2024-01-06		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.fredplayspoker.com/
Frame ID: B1B9AA936097308148F33FFE8CF14B82
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20190131/zrt_lookup.html
Frame ID: 83CFA23F8E918AD49171805271FF25C9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Fred Plays Poker – poker!Fred Plays Poker Plush

Page URL History Show full URLs

  1. http://fredplayspoker.com/ HTTP 301
    https://www.fredplayspoker.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

24
Requests

100 %
HTTPS

90 %
IPv6

8
Domains

13
Subdomains

9
IPs

2
Countries

562 kB
Transfer

1916 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://fredplayspoker.com/ HTTP 301
    https://www.fredplayspoker.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.fredplayspoker.com/
Redirect Chain
  • http://fredplayspoker.com/
  • https://www.fredplayspoker.com/
82 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.fredplayspoker.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89a4c8c0f4098fc9bffb6aea415d5d8f0a44c5654ab39b58b22a0f2ef70616aa

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
7c3540ddcd1648cd-LHR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 07 May 2023 00:12:48 GMT
display
orig_site_sol
expires
Sat, 06 May 2023 00:12:48 GMT
link
<https://www.fredplayspoker.com/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pagespeed
off
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N9sayeACGx%2B7qsC1HpVLEN2XM5VoO4G2%2Fnqljpo94FzNgkO6jCpwH4VnKxzJ879jfxSxiGzIC98U9gS95QVO4YzCqueIlMS82uUcA4yQH7ZSi3JMn%2FF%2BFaCjHTP9rplkhhGgS86aLJiVXJuArbjzxh3601Zl"}],"group":"cf-nel","max_age":604800}
response
200
server
cloudflare
vary
Accept-Encoding,User-Agent
x-ezoic-cdn
Miss
x-middleton-display
orig_site_sol
x-middleton-response
200
x-origin-cache-control
max-age=600
x-sol
orig

Redirect headers

Cache-Control
public, max-age=2592000
Content-Length
239
Content-Type
text/html; charset=iso-8859-1
Date
Sun, 07 May 2023 00:12:47 UTC
Display
staticcontent_sol, orig_site_sol
Location
https://www.fredplayspoker.com/
Pagespeed
off
Response
301
Server
Apache
Vary
Accept-Encoding,User-Agent,Origin
X-Ezoic-Cdn
Hit ds;ds;92da4440d6833dd0486c8621de0ad876;2-459903-0;4845b1e1-3378-4f4f-55fd-f645c2c32dac
X-Middleton-Display
staticcontent_sol, orig_site_sol
X-Middleton-Response
301
X-Origin-Cache-Control
X-Sol
orig
tcf2_stub.js
privacy.gatekeeperconsent.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://privacy.gatekeeperconsent.com/tcf2_stub.js
Requested by
Host: www.fredplayspoker.com
URL: https://www.fredplayspoker.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:903e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86e721bb96c71af08a282151a6246606d325447fc603947cffb628265d7509be

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.fredplayspoker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 00:12:48 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O8MHo9uWuZQfY6TH3P4vz%2FfwLN8%2F1Eufz%2FAyq1jVx5AVm5JLps4P%2FaU5Cphe0tbUKth46EQ3UJ%2Bd5llUAqoTiH2RlxHfTHmgmakohPpLObxPpNY0O5RMRY0fMu6iyp5Jw13DVnZ1yyrQZNDat5YRhSeddZPjsLM4SJD0Jg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=15780000, public
cf-ray
7c3540e23ea348bb-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
uaf.css
www.fredplayspoker.com/wp-content/uploads/useanyfont/ 		0
461 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.fredplayspoker.com/wp-content/uploads/useanyfont/uaf.css?ver=1681799629
Requested by
Host: www.fredplayspoker.com
URL: https://www.fredplayspoker.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.fredplayspoker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 00:12:48 GMT
cf-cache-status
HIT
x-sol
orig
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol, orig_site_sol
age
7246
x-ezoic-cdn
Miss
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
response
200
last-modified
Wed, 03 May 2023 17:04:23 GMT
server
cloudflare
etag
"0-5f9967d7b7c9a"
x-origin-cache-control
max-age=2592000
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZS9EOCNNzhv3ccKMXiDj6AH1qZLnODK7YPtJWpc3X4BJMdGncgZMAoeDwSh08B3HXgdcnEOjKMRvdMqLsuVHHUlZhvLVOP8itNuGiI0S62XI2yoSqs4%2BGJXB0x2FmBfP7B%2FSSOqOvME93NzXneZ55IzvMy1g"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7c3540e1b84f48cd-LHR
expires
Mon, 05 Jun 2023 22:12:01 GMT
js
www.googletagmanager.com/gtag/ 		115 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-264170839-1
Requested by
Host: www.fredplayspoker.com
URL: https://www.fredplayspoker.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
85945b05be0edfbd9b44359af626d7b6642f3e9aee73343be5de35c7c1eeafbf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.fredplayspoker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 00:12:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
45832
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 07 May 2023 00:12:48 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		136 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2739470360534818&host=ca-host-pub-2644536267352236
Requested by
Host: www.fredplayspoker.com
URL: https://www.fredplayspoker.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9570196bef8ced2e68cf49614a9478ae72e6b2df11419adbe337fd00a9a68f15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fredplayspoker.com/
Origin
https://www.fredplayspoker.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 00:12:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47234
x-xss-protection
0
server
cafe
etag
3343148033411100487
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 07 May 2023 00:12:48 GMT
consentsettings.js
ezodn.com/detroitchicago/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ezodn.com/detroitchicago/consentsettings.js?cb=2
Requested by
Host: www.fredplayspoker.com
URL: https://www.fredplayspoker.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8817 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
383472db86bc19b822592340828e1a9d680ece8e6a5114eb4744351081fdea3c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.fredplayspoker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 00:12:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 31 Jan 2023 21:15:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5816578
etag
W/"5be-5f395d3676a80;5f395d3676a80-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vKyStk%2F6a00t4%2B0NWUS3GA88MkpFPIDzbbrcLiA6xgAKAf9i5ZA1zICYOApJSu8YjRi0YHSmpu6DQ%2BUkQhLmtQoa%2Fru4XqxHqk70gOOJ8yR%2FKdizbv2Ox%2BfO3LgVcaY5Kt0hNQVbIgg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
7c3540e239667521-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cmp.js
the.gatekeeperconsent.com/v2/ 		343 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://the.gatekeeperconsent.com/v2/cmp.js?v=109
Requested by
Host: www.fredplayspoker.com
URL: https://www.fredplayspoker.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:903e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
857dfea7dc8ff53e13c6e16b22587cc09a70b10ba3ba87a25c683a9fcdf815bd

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.fredplayspoker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 00:12:48 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 04 May 2023 13:42:37 GMT
server
cloudflare
age
200900
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K948g7Q21xAK2WjbonhfMzuJTAxG6rPmJHBg1I6MNVuZzlNhfi8JoQuReBZqebPzoMKBGpMFe7vGtep5uOPwJN%2BqIythuBoDjdfWo%2F01fQM98PlPaAliHgVM2aNKzK7U0LRLiCYQWREf6fiq79KPnngeZVs%2FgzRq"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=15780000
cf-ray
7c3540e2df3748bb-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Screenshot-2023-04-18-at-00-20-07-www.fredplayspoker.com_-1.png
www.fredplayspoker.com/wp-content/uploads/2023/04/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fredplayspoker.com/wp-content/uploads/2023/04/Screenshot-2023-04-18-at-00-20-07-www.fredplayspoker.com_-1.png
Requested by
Host: www.fredplayspoker.com
URL: https://www.fredplayspoker.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:a556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d507e033fcdbe4b810729b8c4ab05cfcf50ad043d4ed7106ac79ae5b416694a1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.fredplayspoker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 00:12:48 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
8218
x-ezoic-cdn
Hit ds;mm;21ad16aa2f0a7de86b048dd50abb4be0;2-459903-0;d6056a1f-2c2c-45e4-632e-19006cfd496c
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ezoic-excludewebp
false
response
200
last-modified
Wed, 03 May 2023 17:04:23 GMT
server
cloudflare
etag
W/"7299-5f99724617648-gzip"
x-origin-cache-control
max-age=2592000
vary
Accept-Encoding,User-Agent,X-Ezoic-Excludewebp,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=51x4hb%2BvES1odhESm13n45POkLwwBdbhNfZRG0v7QwZ9NqW64j0FWV0RcwP5EyCsCMNDDbmuI2PomL55PK1CJoRzSpLo%2BL6HpB0%2BH8QF3w5K6ni%2Bbk3QSWN1EUliilO3e%2FIf%2FvmnXZsbDFA8yfxOAwcLzZla"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=15552000
cf-ray
7c3540e2bb8976d2-LHR
Screenshot-2023-04-19-at-01-49-00-Call-to-Action-Button-Generator-Design-buttons-download-as-CSS-PNG-1.png
www.fredplayspoker.com/wp-content/uploads/2023/04/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fredplayspoker.com/wp-content/uploads/2023/04/Screenshot-2023-04-19-at-01-49-00-Call-to-Action-Button-Generator-Design-buttons-download-as-CSS-PNG-1.png
Requested by
Host: www.fredplayspoker.com
URL: https://www.fredplayspoker.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:a556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79728fa38f07cc3d1b765b53c8fe06d41b490c5ce207c37bfd1095cd9ba0eb6a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.fredplayspoker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 00:12:48 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
8218
x-ezoic-cdn
Hit ds;mm;513881f3974025f1ceaaba52682de1ac;2-459903-0;5276cabe-277a-4124-7ca1-967adc384afd
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ezoic-excludewebp
false
response
200
last-modified
Wed, 03 May 2023 17:04:23 GMT
server
cloudflare
etag
W/"bb7d-5f9ac8c17a914-gzip"
x-origin-cache-control
max-age=2592000
vary
Accept-Encoding,User-Agent,X-Ezoic-Excludewebp,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B8OIZfMJd8kIHWkaSTMpE8X%2FBwfw6Ny1n6C%2FKgAwFbcc5jkrf47j%2B2sVf68xHVmR6X%2Fcn6QqwiHWAaTWDxObGM6DntkKJhaNRQv1wGZh%2F7Di8FWZa1UWduitIHsAYiVAc%2FCz5d%2BtsyP8isY4Dh2Nj4J7P2tk"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=15552000
cf-ray
7c3540e2bb8a76d2-LHR
Screenshot-2023-04-18-001311-1-1024x491.jpg
www.fredplayspoker.com/wp-content/uploads/2023/04/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fredplayspoker.com/wp-content/uploads/2023/04/Screenshot-2023-04-18-001311-1-1024x491.jpg
Requested by
Host: www.fredplayspoker.com
URL: https://www.fredplayspoker.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:a556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dceceb71aa8c9cd05835687dc3aa4d60dfee0835e29d7200b65a689f80ad426

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.fredplayspoker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 00:12:48 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
8218
x-ezoic-cdn
Hit ds;mm;1eb7727a5e9fc885a307e1460ca3f152;2-459903-0;97f297f6-9704-4126-5297-f4c5a6d98f78
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ezoic-excludewebp
false
response
200
last-modified
Wed, 03 May 2023 17:04:23 GMT
server
cloudflare
etag
W/"824e-5f9970baad808-gzip"
x-origin-cache-control
max-age=2592000
vary
Accept-Encoding,User-Agent,X-Ezoic-Excludewebp,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o06%2FM0rafWGNptWJVEycOcuvJ0LzE1qBwIdTokol21i2e3PDpiq%2FcOoHdd410R%2BqjF3r7bBBy34mOrQymsiSm6GD7ALXFeklle6ZDN%2FJmkjFDKdYnvt7jnsC2gXcvsCcQ6Io1%2B8neZ9DTJDBAArDTvRhqY83"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=15552000
cf-ray
7c3540e2bb8b76d2-LHR
buy-now-button-hi.png
www.fredplayspoker.com/wp-content/uploads/2023/04/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fredplayspoker.com/wp-content/uploads/2023/04/buy-now-button-hi.png
Requested by
Host: www.fredplayspoker.com
URL: https://www.fredplayspoker.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:a556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
504c9a271795c5898cad7b5d50e8906b8824239cebb58190e95a0c7f40100fc8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.fredplayspoker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 00:12:48 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
8218
x-ezoic-cdn
Hit ds;mm;e12d50da038c0c95b7035915af6a25b9;2-459903-0;5d75e6b6-d972-42c4-7131-57d9900e692f
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ezoic-excludewebp
false
response
200
last-modified
Wed, 03 May 2023 17:04:23 GMT
server
cloudflare
etag
W/"49a3-5f996fcfa6e77-gzip"
x-origin-cache-control
max-age=2592000
vary
Accept-Encoding,User-Agent,X-Ezoic-Excludewebp,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vsVYtjcRPOs%2FCiGHYtncIvfiW7tgJ9pC9t5ybMZvTbRfDAl0onMBP3xs%2FoauKTZF38bNn9WB7tkznAHVfnbXXWZ%2BaQbc90MgMOTi%2B%2F0LFQL4PVhZTkl0Px1A6fI4edE8tOvkSANQQS8a232q9b24lKhrqdOw"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=15552000
cf-ray
7c3540e2bb8c76d2-LHR
v.js
g.ezodn.com/cmp/v2/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.ezodn.com/cmp/v2/v.js?v=4
Requested by
Host: www.fredplayspoker.com
URL: https://www.fredplayspoker.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8817 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b104db680a9d1df48409a24d2f18c31e2867e67e921c44b00c72b22d9762bb8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.fredplayspoker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 00:12:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 22 Feb 2023 19:45:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6321185
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GqVSddRQpPeXQNCA2XJ6BNJBqPEh2IMivha2cRY0UqmmhDf9LF96C4b4PwK3BK6hmro5M4dRGu16vagQLIcn01bQGOtQtjFQC8INj7jwdx7IfWwmVvdSihfB6jKQDXJKez2%2B3brpcLFsEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=15780000
cf-ray
7c3540e2c9bf7521-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wp-emoji-release.min.js
www.fredplayspoker.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fredplayspoker.com/wp-includes/js/wp-emoji-release.min.js?ver=6.2
Requested by
Host: www.fredplayspoker.com
URL: https://www.fredplayspoker.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:a556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.fredplayspoker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 00:12:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
8217
x-ezoic-cdn
Miss
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
response
200
last-modified
Wed, 03 May 2023 17:04:23 GMT
server
cloudflare
etag
W/"4904-5f3acfe01ab40-gzip-gzip"
x-origin-cache-control
max-age=2592000
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zQUjD%2B0JeuZSe%2FHGBcQl93ASbL3bktvt6lYzGkth0x%2FIy4o12EU%2FY5Yngl01q9PqLoVLrfz%2BLkImK4WKGQy6RCMCeCvaqx1pIALtZC5Ie3a2inoQZgJoyjOzKhtsN04JZ7BMtEeklHhjnXAqyTvmWXz173Hs"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7c3540e2bb8d76d2-LHR
expires
Mon, 05 Jun 2023 21:55:50 GMT
cmbv2.js
www.fredplayspoker.com/detroitchicago/ 		62 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fredplayspoker.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y25-3y33-4&cmbcb=138&sj=x04x02x06x07x1dx0bx0dx17x1bx20x25x33
Requested by
Host: www.fredplayspoker.com
URL: https://www.fredplayspoker.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:a556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3db334d1f0f6e23fa92d2e2902fd3fe42cfe7dcb494b6ac92cbe1f8a7bdebf52

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.fredplayspoker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 00:12:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 06 May 2023 22:26:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6387
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qEjEKwFymgOfy%2FsEmGvOCPnNeLobrqW2If1qL6rFsll5DXwZ5kJAaDZVJFl%2BzBXDu%2BEYWo52TF8Z4HZz%2FGSNlgM2sGbDdgYl2uTdbF66kxFUbjVaezRnA6DOk53j9Oj5Oq7gZwKORX4CkFhBVaYOEbEx1yMT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
7c3540e2bb8e76d2-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
1f36a.svg
s.w.org/images/core/emoji/14.0.0/svg/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.w.org/images/core/emoji/14.0.0/svg/1f36a.svg
Requested by
Host: www.fredplayspoker.com
URL: https://www.fredplayspoker.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
s.w.org
Software
nginx /
Resource Hash
88724da3173eaf855fc8b8094480d1d923f69c420107501da8d40b503163bcf2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.fredplayspoker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-nc
HIT lhr 1
date
Sun, 07 May 2023 00:12:48 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Tue, 12 Apr 2022 03:47:50 GMT
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
GVL.json
gvl.gatekeeperconsent.com/gvlcache/ 		411 KB
56 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gvl.gatekeeperconsent.com/gvlcache/GVL.json?gvlSpecificationVersion=2&language=en&cmpv=2
Requested by
Host: the.gatekeeperconsent.com
URL: https://the.gatekeeperconsent.com/v2/cmp.js?v=109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:903e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18589ed16bc31151e69ab6d24465551e6d348610ddb28190c295122f077e83bc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.fredplayspoker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 00:12:48 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
gvlcache-hit
true
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HHQG6jCEh6HYVstWUMYBPQOSJiVVPxgJmUGe84fsQVyd9JxKMdfL0EiUk6W3uTZcIr7oximkUC1fCgORyRCKLZ8JT2wqI4Xf4AEM3FWNl0W0p3W7orpncoN8BpGMBHjizo8w9UI%2BZaJ2IQCMARX5Ax3gArNuKlcN"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=604800, public
cf-ray
7c3540e3ec6323c5-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
imp.gif
www.fredplayspoker.com/detroitchicago/ 		43 B
664 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.fredplayspoker.com/detroitchicago/imp.gif?e=%7B%22ab_test_id%22%3A%22mod1-c%22%2C%22ad_cache_level%22%3A0%2C%22ad_lazyload_version%22%3A0%2C%22ad_load_version%22%3A0%2C%22city%22%3A%22Manchester%22%2C%22country%22%3A%22GB%22%2C%22days_since_last_visit%22%3A-1%2C%22domain_id%22%3A459903%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A1%2C%22ezcache_skip_code%22%3A0%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A0%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22metro_code%22%3A0%2C%22page_ad_positions%22%3A%22%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%22135560fb-613b-4fac-66cd-d70f0c459c21%22%2C%22position_selection_id%22%3A0%2C%22postal_code%22%3A%22M32%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A37384%2C%22response_time_orig%22%3A421%2C%22serverid%22%3A%22i-0530bc2f1b969e4b5%22%2C%22state%22%3A%22MAN%22%2C%22t_epoch%22%3A1683418367%2C%22template_id%22%3A120%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Fwww.fredplayspoker.com%2F%22%2C%22user_id%22%3A0%2C%22word_count%22%3A18%2C%22worst_bad_word_level%22%3A0%7D&ez_orig=1
Requested by
Host: www.fredplayspoker.com
URL: https://www.fredplayspoker.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y25-3y33-4&cmbcb=138&sj=x04x02x06x07x1dx0bx0dx17x1bx20x25x33
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:a556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.fredplayspoker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 00:12:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-middleton-display
imp_sol
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
server
cloudflare
access-control-max-age
1728000
access-control-allow-methods
HEAD, PUT, POST, GET, OPTIONS
content-type
image/gif
access-control-allow-origin
https://www.fredplayspoker.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dJyVjFAM2Fy0tMbYRdbAQqJL0uIidQcp%2F5RuQDtzdymvjSQP6E8wthQoRf%2BBlGVK%2B%2BlRvISBZGY5c%2FXUhntMrD7XUpm2hFEzMlkO6%2Fvd1ExE1phO9wL3O3xa1v%2FKjr5m9L5wybSuNQ1tA5fGJm7YoBQ6e0nT"}],"group":"cf-nel","max_age":604800}
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
cf-ray
7c3540e37c4676d2-LHR
access-control-allow-headers
Content-Type
expires
Sat, 06 May 2023 00:12:48 GMT
cmbdv2.js
www.fredplayspoker.com/detroitchicago/ 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fredplayspoker.com/detroitchicago/cmbdv2.js?gcb=195-0&cb=03-8y0c-6y1c-5&cmbcb=138&sj=x03x0cx1c
Requested by
Host: www.fredplayspoker.com
URL: https://www.fredplayspoker.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:a556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74503a7ee151c99c870c15128721552f6008f96bd2eaaa6eabdf55117bbc226b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.fredplayspoker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 00:12:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 06 May 2023 22:26:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6387
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qYbczIHT8N959z4fTdIgDyjS6fCSRZHCd3JvxBD5AfcG9GVMgGzdTLNKl6%2BPtO%2BWLDmTJF8oQP3jqXUZrKFY7cIqhMJG0l9YIWzw2nWyk%2B4mSs5Ut%2FWHRd4J7ztxDaMdpSbVSsm64pFbGYcbkBXm2hB%2BGUbG"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
7c3540e37c4876d2-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-264170839-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.fredplayspoker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 07 May 2023 00:12:15 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
33
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Sun, 07 May 2023 02:12:15 GMT
js
www.googletagmanager.com/gtag/ 		248 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KRVCGH7EDX&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-264170839-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ebce960188eaa619e3cdafa149c65703d2c5e0b2521a78c0a479b973fb3f99be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.fredplayspoker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 00:12:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85881
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 07 May 2023 00:12:48 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305020101/ 		355 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2739470360534818&plah=www.fredplayspoker.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2739470360534818&host=ca-host-pub-2644536267352236
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f27f07254721ba8134a31d692652e834b7e4eee0e1aae6543b1c1ecbde05239b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.fredplayspoker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 00:12:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122166
x-xss-protection
0
server
cafe
etag
6965267986003286001
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 07 May 2023 00:12:48 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230502/r20190131/ Frame 83CF 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230502/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2739470360534818&host=ca-host-pub-2644536267352236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fredplayspoker.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
26295
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4540
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 06 May 2023 16:54:33 GMT
etag
15057649708203361565
expires
Sat, 20 May 2023 16:54:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
259 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-KRVCGH7EDX&gtm=45je3530&_p=1637706667&gdid=dZTNiMT&cid=117005307.1683418369&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1683418368&sct=1&seg=0&dl=https%3A%2F%2Fwww.fredplayspoker.com%2F&dt=Fred%20Plays%20Poker%20%E2%80%93%20poker!&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KRVCGH7EDX&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.fredplayspoker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 00:12:48 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.fredplayspoker.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&aip=1&a=1637706667&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fredplayspoker.com%2F&ul=en-us&de=UTF-8&dt=Fred%20Plays%20Poker%20%E2%80%93%20poker!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=2045650466&gjid=641848749&cid=117005307.1683418369&tid=UA-264170839-1&_gid=228270196.1683418369&_r=1&gtm=457e3530&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&z=1539640056
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.fredplayspoker.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 07 May 2023 00:12:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.fredplayspoker.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

102 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless function| __tcfapi object| __ez object| _wpemojiSettings function| gtag object| dataLayer string| ezouid string| ezoTemplate string| ezoFormfactor object| ezo_elements_to_check string| soc_app_id number| did string| ezdomain number| ezoicSearchable object| _ezaq string| _ezExtraQueries function| create_ezolpl function| attach_ezolpl function| ezCmpLoading number| ezUserChoice function| handleAcceptAllClick function| handleShowDetailsClick function| handleDeclineClick function| handleShowVendorsClick object| __ezCmpConfig object| adsbygoogle boolean| cmpIsOn object| ezConsentCategories object| __ezconsent function| ezConsentSettings string| ezPreRenderCMP string| ezPreRenderCss function| hideEzCmp function| setEzCmpCookie function| handleEzAdBlock function| checkEzAdBlck function| __ez_vig_close_wrapper boolean| ezCanEngagePage object| cmpCookies function| newEzVignette object| twemoji object| wp function| setImmediate function| clearImmediate object| nunjucksPrecompiled object| ezCMP function| ez_attachEvent function| ez_attachEventWithCapture function| ez_detachEvent function| ez_getQueryString object| ezux object| metricNameMap function| ezlogVital function| __ezDotData object| _ezfd object| riveted number| ez_tos_track_count number| ez_last_activity_count function| EzoIvent function| _findOverlappingQuietPeriods function| _findNetworkQuietPeriods function| ezoFetchConst function| ezorqs function| ezorqe function| ezocfol function| ezogetrqbykey object| webVitals object| ezmt object| ezua object| ezuxgoals object| ezdent object| ezDenty object| ct object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData number| indexKey function| google_sa_impl object| perf_vals

13 Cookies

Domain/Path Name / Value
.fredplayspoker.com/ Name: ezCMPCCS
Value: false
.fredplayspoker.com/ Name: ezoadgid_459903
Value: -1
.fredplayspoker.com/ Name: ezoref_459903
Value:
.fredplayspoker.com/ Name: ezosuibasgeneris-1
Value: 6f4d27a7-0b6c-4e0a-6fd7-a4054105d27a
.fredplayspoker.com/ Name: ezoab_459903
Value: mod1-c
.fredplayspoker.com/ Name: lp_459903
Value: https://www.fredplayspoker.com/
.fredplayspoker.com/ Name: ezovuuidtime_459903
Value: 1683418368
.fredplayspoker.com/ Name: ezovuuid_459903
Value: c77a3dae-b3e6-4efc-5f5a-98892b9ff75a
.fredplayspoker.com/ Name: ezopvc_459903
Value: 1
.fredplayspoker.com/ Name: _ga_KRVCGH7EDX
Value: GS1.1.1683418368.1.0.1683418368.0.0.0
.fredplayspoker.com/ Name: _ga
Value: GA1.2.117005307.1683418369
.fredplayspoker.com/ Name: _gid
Value: GA1.2.228270196.1683418369
.fredplayspoker.com/ Name: _gat_gtag_UA_264170839_1
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ezodn.com
fredplayspoker.com
g.ezodn.com
googleads.g.doubleclick.net
gvl.gatekeeperconsent.com
pagead2.googlesyndication.com
privacy.gatekeeperconsent.com
region1.google-analytics.com
s.w.org
the.gatekeeperconsent.com
www.fredplayspoker.com
www.google-analytics.com
www.googletagmanager.com
192.0.77.48
2001:4860:4802:32::178
2001:4860:4802:34::36
2600:1f13:393:63f:e2fe:15a2:b5f1:fde0
2606:4700:3031::ac43:a556
2606:4700:3033::ac43:903e
2606:4700:e2::ac40:8817
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2008
18589ed16bc31151e69ab6d24465551e6d348610ddb28190c295122f077e83bc
2b104db680a9d1df48409a24d2f18c31e2867e67e921c44b00c72b22d9762bb8
383472db86bc19b822592340828e1a9d680ece8e6a5114eb4744351081fdea3c
3db334d1f0f6e23fa92d2e2902fd3fe42cfe7dcb494b6ac92cbe1f8a7bdebf52
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
504c9a271795c5898cad7b5d50e8906b8824239cebb58190e95a0c7f40100fc8
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dceceb71aa8c9cd05835687dc3aa4d60dfee0835e29d7200b65a689f80ad426
74503a7ee151c99c870c15128721552f6008f96bd2eaaa6eabdf55117bbc226b
79728fa38f07cc3d1b765b53c8fe06d41b490c5ce207c37bfd1095cd9ba0eb6a
857dfea7dc8ff53e13c6e16b22587cc09a70b10ba3ba87a25c683a9fcdf815bd
85945b05be0edfbd9b44359af626d7b6642f3e9aee73343be5de35c7c1eeafbf
86e721bb96c71af08a282151a6246606d325447fc603947cffb628265d7509be
88724da3173eaf855fc8b8094480d1d923f69c420107501da8d40b503163bcf2
89a4c8c0f4098fc9bffb6aea415d5d8f0a44c5654ab39b58b22a0f2ef70616aa
9570196bef8ced2e68cf49614a9478ae72e6b2df11419adbe337fd00a9a68f15
d507e033fcdbe4b810729b8c4ab05cfcf50ad043d4ed7106ac79ae5b416694a1
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ebce960188eaa619e3cdafa149c65703d2c5e0b2521a78c0a479b973fb3f99be
f27f07254721ba8134a31d692652e834b7e4eee0e1aae6543b1c1ecbde05239b