www.pwnthis.net Open in urlscan Pro
2a00:1450:4001:819::2013 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.pwnthis.net/search/label/Slotomania
Submission: On April 07 via manual (April 7th 2019, 9:40:00 am UTC) from IL

Summary HTTP 84 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 34 IPs in 5 countries across 27 domains to perform 84 HTTP transactions. The main IP is 2a00:1450:4001:819::2013, located in Ireland and belongs to GOOGLE - Google LLC, US. The main domain is www.pwnthis.net.

This is the only time www.pwnthis.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2a00:1450:400... 2a00:1450:4001:819::2013	15169 (GOOGLE) (GOOGLE - Google LLC)
6	2a00:1450:400... 2a00:1450:4001:825::2009	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	209.99.16.15 209.99.16.15	394695 (PUBLIC-DO...) (PUBLIC-DOMAIN-REGISTRY - PDR)
1 6	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
6	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a00:1450:400... 2a00:1450:4001:816::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	188.42.162.229 188.42.162.229	35415 (WEBZILLA) (WEBZILLA)
1	188.42.162.135 188.42.162.135	35415 (WEBZILLA) (WEBZILLA)
4	67.192.42.10 67.192.42.10	33070 (RMH-14) (RMH-14 - Rackspace Hosting)
2	74.214.194.132 74.214.194.132	59940 (PULSEPOIN...) (PULSEPOINT-EU)
2	74.214.194.131 74.214.194.131	59940 (PULSEPOIN...) (PULSEPOINT-EU)
3	2a00:1450:400... 2a00:1450:400c:c0a::52	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	2a00:1450:400... 2a00:1450:4001:821::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:819::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:401... 2a00:1450:4016:80b::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
2 2	172.217.21.226 172.217.21.226	15169 (GOOGLE) (GOOGLE - Google LLC)
2	151.101.0.166 151.101.0.166	54113 (FASTLY) (FASTLY - Fastly)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
3	45.77.54.226 45.77.54.226	20473 (AS-CHOOPA) (AS-CHOOPA - Choopa)
1	52.200.63.47 52.200.63.47	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1 2	34.247.143.160 34.247.143.160	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	2a00:1450:400... 2a00:1450:4001:814::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
5	45.76.91.25 45.76.91.25	20473 (AS-CHOOPA) (AS-CHOOPA - Choopa)
1	52.0.206.42 52.0.206.42	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1 2	52.214.222.48 52.214.222.48	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:81f::200d	15169 (GOOGLE) (GOOGLE - Google LLC)
1	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER - Twitter Inc.)
6	52.8.223.239 52.8.223.239	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
84	34

2 2a00:1450:4001:819::2013 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.pwnthis.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:825::2009 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.99.16.15 (Austin, United States)

ASN394695 (PUBLIC-DOMAIN-REGISTRY - PDR, US)
PTR: cp-41.webhostbox.net

www.kliptu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81c::200e (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

2.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:816::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.42.162.229 (Luxembourg) 1 redirects

ASN35415 (WEBZILLA, NL)

go.padstm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.42.162.135 (Luxembourg)

ASN35415 (WEBZILLA, NL)

go.padsdel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 67.192.42.10 (San Antonio, United States)

ASN33070 (RMH-14 - Rackspace Hosting, US)

go.adversal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.214.194.132 (Amsterdam, Netherlands)

ASN59940 (PULSEPOINT-EU, NL)

tag.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams-ads.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.214.194.131 (Amsterdam, Netherlands)

ASN59940 (PULSEPOINT-EU, NL)

tag.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams-ads.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0a::52 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

bplugins.googlecode.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4016:80b::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.21.226 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s13-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.0.166 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tag-st.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.77.54.226 (Matawan, United States)

ASN20473 (AS-CHOOPA - Choopa, LLC, US)
PTR: 45.77.54.226.vultr.com

pp-m.ns1p.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.ns1p.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.200.63.47 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-200-63-47.compute-1.amazonaws.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.247.143.160 (United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-247-143-160.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Ireland) 1 redirects

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

plus.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 45.76.91.25 (Frankfurt Am Main, Germany)

ASN20473 (AS-CHOOPA - Choopa, LLC, US)
PTR: 45.76.91.25.vultr.com

pp-m.ns1p.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.ns1p.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.ns1p.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.0.206.42 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-0-206-42.compute-1.amazonaws.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.214.222.48 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-214-222-48.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::200d (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.136 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.8.223.239 (San Jose, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-8-223-239.us-west-1.compute.amazonaws.com

pstatic03_sfo03.nsone.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	google.com 1 redirects apis.google.com adservice.google.com plus.google.com accounts.google.com	126 KB
8	ns1p.net pp-m.ns1p.net c.ns1p.net s.ns1p.net b.ns1p.net	7 KB
8	blogspot.com 2.bp.blogspot.com 1.bp.blogspot.com 3.bp.blogspot.com 4.bp.blogspot.com	48 KB
6	nsone.co pstatic03_sfo03.nsone.co	2 KB
6	contextweb.com tag.contextweb.com bh.contextweb.com tag-st.contextweb.com ams-ads.contextweb.com	19 KB
5	doubleclick.net 2 redirects googleads.g.doubleclick.net cm.g.doubleclick.net	881 B
5	googlesyndication.com pagead2.googlesyndication.com	184 KB
5	twitter.com platform.twitter.com syndication.twitter.com	31 KB
5	blogger.com www.blogger.com	61 KB
4	demdex.net 2 redirects dpm.demdex.net	3 KB
4	facebook.com 1 redirects staticxx.facebook.com www.facebook.com	924 B
4	adversal.com go.adversal.com	80 KB
3	googlecode.com bplugins.googlecode.com
2	rlcdn.com idsync.rlcdn.com	123 B
2	facebook.net connect.facebook.net	57 KB
2	google-analytics.com www.google-analytics.com	17 KB
2	pwnthis.net www.pwnthis.net	22 KB
1	googletagservices.com www.googletagservices.com	29 KB
1	google.de adservice.google.de	172 B
1	blogblog.com resources.blogblog.com	614 B
1	padsdel.com go.padsdel.com	262 B
1	padstm.com 1 redirects go.padstm.com	295 B
1	kliptu.com www.kliptu.com
1	googleapis.com ajax.googleapis.com	33 KB
0	fidelity-media.com Failed ads.fidelity-media.com Failed
0	youtube.com Failed www.youtube.com Failed
0	qadservice.com Failed ads.qadservice.com Failed
84	27

	Domain	Requested by
6	pstatic03_sfo03.nsone.co	www.pwnthis.net
6	apis.google.com	1 redirects www.pwnthis.net apis.google.com
5	pagead2.googlesyndication.com	www.pwnthis.net pagead2.googlesyndication.com
5	www.blogger.com	www.pwnthis.net apis.google.com
4	dpm.demdex.net	2 redirects www.pwnthis.net
4	go.adversal.com	www.pwnthis.net go.adversal.com
4	platform.twitter.com	www.pwnthis.net platform.twitter.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
3	bplugins.googlecode.com	www.pwnthis.net
3	3.bp.blogspot.com	www.pwnthis.net
2	b.ns1p.net	c.ns1p.net
2	s.ns1p.net	c.ns1p.net
2	c.ns1p.net	www.pwnthis.net
2	www.facebook.com	1 redirects connect.facebook.net
2	idsync.rlcdn.com	ams-ads.contextweb.com
2	pp-m.ns1p.net	ams-ads.contextweb.com
2	ams-ads.contextweb.com	tag-st.contextweb.com
2	staticxx.facebook.com	connect.facebook.net
2	cm.g.doubleclick.net	2 redirects
2	4.bp.blogspot.com	www.pwnthis.net
2	connect.facebook.net	www.pwnthis.net connect.facebook.net
2	www.google-analytics.com	www.pwnthis.net
2	tag.contextweb.com	www.pwnthis.net
2	1.bp.blogspot.com	www.pwnthis.net
2	www.pwnthis.net	www.pwnthis.net
1	syndication.twitter.com	www.pwnthis.net
1	accounts.google.com	apis.google.com
1	plus.google.com	apis.google.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	tag-st.contextweb.com	tag.contextweb.com
1	bh.contextweb.com	www.pwnthis.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	resources.blogblog.com	www.pwnthis.net
1	go.padsdel.com	www.pwnthis.net
1	go.padstm.com	1 redirects
1	2.bp.blogspot.com	www.pwnthis.net
1	www.kliptu.com	www.pwnthis.net
1	ajax.googleapis.com	www.pwnthis.net
0	ads.fidelity-media.com Failed	ams-ads.contextweb.com
0	www.youtube.com Failed	www.pwnthis.net
0	ads.qadservice.com Failed	www.pwnthis.net
84	42

This site contains links to these domains. Also see Links.

Domain
www.blogger.com
twitter.com
www.facebook.com
feeds.feedburner.com
feedburner.google.com
www.google.com

Subject Issuer	Validity	Valid
*.blogger.com Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
*.apis.google.com Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2018-07-07` - `2020-06-03`	2 years	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-03-08` - `2019-06-06`	3 months	crt.sh
*.google.com Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
*.ns1p.net DigiCert SHA2 Secure Server CA	`2018-05-07` - `2020-07-29`	2 years	crt.sh
*.rlcdn.com Go Daddy Secure Certificate Authority - G2	`2017-05-08` - `2019-06-21`	2 years	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2018-11-19` - `2019-11-27`	a year	crt.sh
accounts.google.com Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
syndication.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-01-24` - `2020-01-24`	a year	crt.sh

This page contains 16 frames:

Primary Page: http://www.pwnthis.net/search/label/Slotomania
Frame ID: BDFBA2CB6EBBD73D34382ABF38D5697A
Requests: 49 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20190403/r20190131/show_ads_impl.js
Frame ID: 01A296463AB9C4B1540980959BD20F3C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20190403/r20190131/zrt_lookup.html
Frame ID: 87B667C11A6EAB1A402E85DC9C2F865C
Requests: 1 HTTP requests in this frame

Frame: https://www.blogger.com/navbar.g?targetBlogID=3867102894804831668&blogName=PWNTHIS&publishMode=PUBLISH_MODE_HOSTED&navbarType=BLACK&layoutType=LAYOUTS&searchRoot=http://www.pwnthis.net/search&blogLocale=en&v=2&homepageUrl=http://www.pwnthis.net/&vt=-8158558199473928814&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.8RodOolT8JU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCOIo0_JuSGflMsDv4KwJaDwWj-arA%2Fm%3D__features__
Frame ID: 50E70F6361B1C6FAFCF1C4B6BBAAA461
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/xo2zeK1NQXo
Frame ID: 80E7201416F91D71C615DF3473F6FBD0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3090693951005014&output=html&h=250&slotname=6001321194&adk=140015663&adf=83885205&w=300&lmt=1528958665&npa=1&guci=1.2.0.0.2.1.0.0&format=300x250&url=http%3A%2F%2Fwww.pwnthis.net%2Fsearch%2Flabel%2FSlotomania&flash=0&avail_w=0&wgl=1&adsid=NT&dt=1554629983783&bpp=15&bdt=732&fdt=113&idt=112&shv=r20190403&cbv=r20190131&saldr=aa&abxe=1&correlator=1668140226282&frm=20&pv=2&ga_vid=2141740646.1554629984&ga_sid=1554629984&ga_hid=1456074866&ga_fc=1&iag=0&icsg=137439644160&dssz=33&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=324&ady=206&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&ifi=1&uci=1.o78ulra91ha9&fsb=1&xpc=yYi9uaXTy4&p=http%3A//www.pwnthis.net&dtd=129
Frame ID: 5DD85F472E5B07F775190EBA32690F9F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3090693951005014&output=html&h=250&slotname=6001321194&adk=140015663&adf=1207257747&w=300&lmt=1528958665&npa=1&guci=1.2.0.0.2.1.0.0&format=300x250&url=http%3A%2F%2Fwww.pwnthis.net%2Fsearch%2Flabel%2FSlotomania&flash=0&avail_w=0&wgl=1&adsid=NT&dt=1554629983798&bpp=10&bdt=747&fdt=131&idt=97&shv=r20190403&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250&correlator=1668140226282&frm=20&pv=1&ga_vid=2141740646.1554629984&ga_sid=1554629984&ga_hid=1456074866&ga_fc=1&iag=0&icsg=8933532666368&dssz=34&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=626&ady=206&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&ifi=2&uci=2.2qi8pmjn57ag&fsb=1&xpc=Ehfr67YoSJ&p=http%3A//www.pwnthis.net&dtd=136
Frame ID: 2F4858023DE201C0C961530DD10E3D9D
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
Frame ID: 40C3285D98228E1C22B01E3FA296DEE7
Requests: 1 HTTP requests in this frame

Frame: https://ams-ads.contextweb.com/TagPublish/GetAd.aspx?tagver=1&ca=VIEWAD&cp=547496&ct=128071&cwod=&epid=&esid=&ccid=&wp=0&cf=300X250&asv=30&eid=&rq=1&dw=1600&cwu=http%3A%2F%2Fwww.pwnthis.net%2Fsearch%2Flabel%2FSlotomania&cwr=&mrnd=60555304&if=0&tl=1&pxy=959,305&cxy=1600,1200&dxy=1600,177&tz=0&ln=en-US&acid=pp_ad_container_0
Frame ID: 7C132B3C6492CFFE9B508050FCC05D34
Requests: 11 HTTP requests in this frame

Frame: http://ams-ads.contextweb.com/TagPublish/GetAd.aspx?tagver=1&ca=VIEWAD&cp=547496&ct=128609&cwod=&epid=&esid=&ccid=&wp=0&cf=160X600&asv=30&eid=&rq=1&dw=1600&cwu=http%3A%2F%2Fwww.pwnthis.net%2Fsearch%2Flabel%2FSlotomania&cwr=&mrnd=18005353&if=0&tl=2&pxy=1117,562&cxy=1600,1200&dxy=1600,177&tz=0&ln=en-US&acid=pp_ad_container_1
Frame ID: 98C93529A2F9D820901A5933CE185159
Requests: 11 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2e9f365dae390394eb8d923cba8c5b11.html?origin=http%3A%2F%2Fwww.pwnthis.net&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Frame ID: 7B6E1AF18BCFCA9D6B9DB0F7090FFD55
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
Frame ID: F69D135BD7B7BDD352C62239F707C39B
Requests: 1 HTTP requests in this frame

Frame: https://plus.google.com/se/0/_/+1/fastbutton?usegapi=1&size=tall&hl=en-US&origin=http://www.pwnthis.net&url=http://www.pwnthis.net/&gsrc=3p&ic=1&jsh=m;/_/scs/apps-static/_/js/k%3Doz.gapi.en_US.8RodOolT8JU.O/am%3DwQ/rt%3Dj/d%3D1/rs%3DAGLTcCOIo0_JuSGflMsDv4KwJaDwWj-arA/m%3D__features__
Frame ID: B5C3782372E9096C8AA14C2BFD240B5E
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=207630375915744&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Dfd69d5aeaa1278%26domain%3Dwww.pwnthis.net%26origin%3Dhttp%253A%252F%252Fwww.pwnthis.net%252Ff2b22a2f3a47%26relation%3Dparent.parent&container_width=0&font=verdana&href=http%3A%2F%2Fwww.pwnthis.net%2Fsearch%2Flabel%2FSlotomania&layout=box_count&locale=en_US&sdk=joey&send=false&show_faces=false
Frame ID: A8C040428F8D09D3F3B73000EE7F2382
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fwww.pwnthis.net&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.8RodOolT8JU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCOIo0_JuSGflMsDv4KwJaDwWj-arA%2Fm%3D__features__
Frame ID: 1FCF41EB7F8C58F1D2FE4608696BF4F0
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2e9f365dae390394eb8d923cba8c5b11.en.html
Frame ID: 492E057F21DBC3F17D83397A4BEF4534
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Blogger (Blogs) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Blogger$/i

Java (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /GSE/i

OpenGSE (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /GSE/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i
env /^google_ad_/i
env /^__google_ad_/i
env /^Goog_AdSense_/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /apis\.google\.com\/js\/[a-z]*\.js/i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js/i
env /^jQuery$/i

Page Statistics

84
Requests

45 %
HTTPS

54 %
IPv6

27
Domains

42
Subdomains

34
IPs

5
Countries

718 kB
Transfer

1795 kB
Size

8
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: http://www.blogger.com/home
Title: Blogger

Search URL Search Domain Scan URL

URL: http://www.blogger.com/rearrange?blogID=3867102894804831668&widgetType=HTML&widgetId=HTML2&action=editWidget&sectionId=main
Title:

Search URL Search Domain Scan URL

URL: http://www.blogger.com/rearrange?blogID=3867102894804831668&widgetType=HTML&widgetId=HTML9&action=editWidget&sectionId=main
Title:

Search URL Search Domain Scan URL

URL: http://twitter.com/impwnthis
Title: Twitter

Search URL Search Domain Scan URL

URL: http://www.facebook.com/pwnthis
Title: Facebook

Search URL Search Domain Scan URL

URL: http://feeds.feedburner.com/infinitehax
Title: RSS

Search URL Search Domain Scan URL

URL: http://feedburner.google.com/fb/a/mailverify?uri=infinitehax&loc=en_US
Title: Email

Search URL Search Domain Scan URL

URL: http://www.blogger.com/rearrange?blogID=3867102894804831668&widgetType=HTML&widgetId=HTML6&action=editWidget&sectionId=sidebartop
Title:

Search URL Search Domain Scan URL

URL: http://www.blogger.com/rearrange?blogID=3867102894804831668&widgetType=Label&widgetId=Label1&action=editWidget&sectionId=sidebartop
Title:

Search URL Search Domain Scan URL

URL: http://www.blogger.com/rearrange?blogID=3867102894804831668&widgetType=HTML&widgetId=HTML1&action=editWidget&sectionId=sidebartop
Title:

Search URL Search Domain Scan URL

URL: http://www.google.com/chrome
Title: Google Chrome

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

http://apis.google.com/js/plusone.js HTTP 307
https://apis.google.com/js/plusone.js

Request Chain 9

http://go.padstm.com/?id=483196 HTTP 302
http://go.padsdel.com/?id=483196

Request Chain 21

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 25

http://connect.facebook.net/en_US/all.js HTTP 307
https://connect.facebook.net/en_US/all.js

Request Chain 32

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2142322085&utmhn=www.pwnthis.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=PWNTHIS%3A%20Slotomania%20%7C%20Cheats%2C%20Hacks%20and%20Tips%20for%20Facebook%20Games&utmhid=1456074866&utmr=-&utmp=%2Fsearch%2Flabel%2FSlotomania&utmht=1554629983830&utmac=UA-22390598-1&utmcc=__utma%3D250174215.2141740646.1554629984.1554629984.1554629984.1%3B%2B__utmz%3D250174215.1554629984.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=2054646716&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2142322085&utmhn=www.pwnthis.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=PWNTHIS%3A%20Slotomania%20%7C%20Cheats%2C%20Hacks%20and%20Tips%20for%20Facebook%20Games&utmhid=1456074866&utmr=-&utmp=%2Fsearch%2Flabel%2FSlotomania&utmht=1554629983830&utmac=UA-22390598-1&utmcc=__utma%3D250174215.2141740646.1554629984.1554629984.1554629984.1%3B%2B__utmz%3D250174215.1554629984.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=2054646716&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Request Chain 35

http://www.youtube.com/embed/xo2zeK1NQXo HTTP 307
https://www.youtube.com/embed/xo2zeK1NQXo

Request Chain 43

https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm=&google_sc=&google_tc= HTTP 302
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEJudXvCBguRk5OvLQakeO6M&google_cver=1

Request Chain 56

https://dpm.demdex.net/ibs:dpid=96678&dpuuid=KWuaG62g1ouj HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=96678&dpuuid=KWuaG62g1ouj

Request Chain 59

https://www.facebook.com/connect/ping?client_id=207630375915744&domain=www.pwnthis.net&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Df210ec8c5ac48d4%26domain%3Dwww.pwnthis.net%26origin%3Dhttp%253A%252F%252Fwww.pwnthis.net%252Ff2b22a2f3a47%26relation%3Dparent&response_type=token%2Csigned_request&sdk=joey HTTP 302
https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44

Request Chain 61

https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=tall&hl=en-US&origin=http%3A%2F%2Fwww.pwnthis.net&url=http%3A%2F%2Fwww.pwnthis.net%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.8RodOolT8JU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCOIo0_JuSGflMsDv4KwJaDwWj-arA%2Fm%3D__features__ HTTP 302
https://plus.google.com/se/0/_/+1/fastbutton?usegapi=1&size=tall&hl=en-US&origin=http://www.pwnthis.net&url=http://www.pwnthis.net/&gsrc=3p&ic=1&jsh=m;/_/scs/apps-static/_/js/k%3Doz.gapi.en_US.8RodOolT8JU.O/am%3DwQ/rt%3Dj/d%3D1/rs%3DAGLTcCOIo0_JuSGflMsDv4KwJaDwWj-arA/m%3D__features__

Request Chain 65

http://dpm.demdex.net/ibs:dpid=96678&dpuuid=VBtB493PCSLv HTTP 302
http://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=96678&dpuuid=VBtB493PCSLv

84 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Slotomania Show response
www.pwnthis.net/search/label/ 96 KB
20 KB 342ms
336ms Document
text/html 2a00:1450:4001:819::2013
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://www.pwnthis.net/search/label/Slotomania

Protocol

HTTP/1.1

Server

2a00:1450:4001:819::2013 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

4c3bd13053703f0d96a542f033a16166f4f640303bc334c7c6ac9ff75b333721

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: www.pwnthis.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: text/html; charset=UTF-8
Expires: Sun, 07 Apr 2019 09:39:42 GMT
Date: Sun, 07 Apr 2019 09:39:42 GMT
Cache-Control: private, max-age=0
Last-Modified: Thu, 14 Jun 2018 06:44:25 GMT
ETag: W/"18117eaa889e68459898b08eaf13f5ddc183e1494e928d4fc25d0c09c540a2f3"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 19952
Server: GSE

GET
H2 200 2549344219-widget_css_bundle.css
www.blogger.com/static/v1/widgets/ 31 KB
7 KB 52ms
5ms Stylesheet
text/css 2a00:1450:4001:825::2009
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/2549344219-widget_css_bundle.css

Requested by

Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2009 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

d539a910089008f073b426d44a496f1952ba01b9ff018425c18d21bea42aa128

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 03 Apr 2019 23:33:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Apr 2019 19:43:05 GMT
server: sffe
age: 295555
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 6822
x-xss-protection: 0
expires: Thu, 02 Apr 2020 23:33:48 GMT

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 91 KB
33 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:808::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

Requested by

Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Mar 2019 22:26:49 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
Server: sffe
Age: 2545974
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 32954
X-XSS-Protection: 1; mode=block
Expires: Sat, 07 Mar 2020 22:26:49 GMT

GET
H/1.1 404
Not Found kliptu-ad.js
www.kliptu.com/demo/buysellads/assets/js/ 0
0 652ms
210ms Script
text/html 209.99.16.15
PDR

General

Check archive.org

Show headers Download Go to

Full URL: http://www.kliptu.com/demo/buysellads/assets/js/kliptu-ad.js
Requested by: Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania
Protocol: HTTP/1.1
Server: 209.99.16.15 Austin, United States, ASN394695 (PUBLIC-DOMAIN-REGISTRY - PDR, US),
Reverse DNS: cp-41.webhostbox.net
Software: /
Resource Hash

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H2

200

plusone.js Show response
apis.google.com/js/
Redirect Chain

http://apis.google.com/js/plusone.js
https://apis.google.com/js/plusone.js

44 KB
17 KB

33ms
32ms

Script
application/javascript

2a00:1450:4001:81c::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

e5725dfd2a86729d12fc0265d9ad7df743fe9b0aa75f7e80dc9d995de052c8ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 07 Apr 2019 09:39:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: script-src 'report-sample' 'nonce-jYJSk2LnRGKOwENnaPZSQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
strict-transport-security: max-age=31536000
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "6080555e6e1514f828c1bec329e2b78d"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin: *
expires: Sun, 07 Apr 2019 09:39:43 GMT

Redirect headers

Location: https://apis.google.com/js/plusone.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 93 KB
28 KB 42ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: http://platform.twitter.com/widgets.js
Requested by: Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania
Protocol: HTTP/1.1
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40D7) /
Resource Hash: 460c112ca18e517ef1a6c6abb2ba5ae55187138503a10177bf1908d9261c3a19

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 07 Apr 2019 09:39:43 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Mar 2019 17:40:21 GMT
Server: ECS (fcn/40D7)
Etag: "4cf9f34505e9344b9a7e4d00e67b6c88+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Cache-Control: public, max-age=1800
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 28028

GET
H2 200 plusone.js Show response
apis.google.com/js/ 44 KB
17 KB 32ms
31ms Script
application/javascript 2a00:1450:4001:81c::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

e5725dfd2a86729d12fc0265d9ad7df743fe9b0aa75f7e80dc9d995de052c8ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 07 Apr 2019 09:39:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: script-src 'report-sample' 'nonce-G/ryQhER1EWm60VgClgnBQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
strict-transport-security: max-age=31536000
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "6080555e6e1514f828c1bec329e2b78d"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin: *
expires: Sun, 07 Apr 2019 09:39:43 GMT

GET
H/1.1 200
OK pwnthis.png
2.bp.blogspot.com/-iz0gWS48FzA/UCYPDAy1wQI/AAAAAAAABHY/9Ony-tdyouE/s1600/ 16 KB
16 KB 28ms
6ms Image
image/png 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://2.bp.blogspot.com/-iz0gWS48FzA/UCYPDAy1wQI/AAAAAAAABHY/9Ony-tdyouE/s1600/pwnthis.png

Requested by

Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

9c8604e0fb6db5384ded555402216456ff70e17e242c8b54035c157c44eba3f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 07 Apr 2019 09:38:03 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 100
ETag: "v476"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="pwnthis.png"
Timing-Allow-Origin: *
Content-Length: 16015
X-XSS-Protection: 0
Expires: Wed, 03 Apr 2019 12:35:16 GMT

GET
H/1.1 200
OK search_button.png
1.bp.blogspot.com/_b8IA1ajBJG8/TOnmnDGC7II/AAAAAAAABx4/WwjtVUUD78M/s1600/ 1 KB
2 KB 28ms
6ms Image
image/png 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://1.bp.blogspot.com/_b8IA1ajBJG8/TOnmnDGC7II/AAAAAAAABx4/WwjtVUUD78M/s1600/search_button.png

Requested by

Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

d7f0e2bfc2c0cd54c6bfeec7780e7aa3d2a8eb1324228e719c947dff4751cde1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 07 Apr 2019 05:52:55 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 13608
ETag: "v71e"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="search_button.png"
Timing-Allow-Origin: *
Content-Length: 1277
X-XSS-Protection: 0
Expires: Wed, 27 Mar 2019 14:34:32 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 83 KB
32 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:816::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania

Protocol

HTTP/1.1

Server

2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

b6c4fb1904cf23fbc3f27c1ecf600f81fc95847e0a5667abd00f29d004e540e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 07 Apr 2019 09:39:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
ETag: 14171635074562667452
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 31914
X-XSS-Protection: 0
Expires: Sun, 07 Apr 2019 09:39:43 GMT

GET
H/1.1

204
No Content

/ Show response
go.padsdel.com/
Redirect Chain

http://go.padstm.com/?id=483196
http://go.padsdel.com/?id=483196

0
262 B

54ms
21ms

Script
text/html

188.42.162.135
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: http://go.padsdel.com/?id=483196
Requested by: Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania
Protocol: HTTP/1.1
Server: 188.42.162.135 , Luxembourg, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Redirect headers

Date: Sun, 07 Apr 2019 09:39:43 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: text/html
Location: http://go.padsdel.com/?id=483196
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 154

GET
H/1.1 200
OK ttj Show response
go.adversal.com/ 2 KB
2 KB 261ms
119ms Script
text/plain 67.192.42.10
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL: http://go.adversal.com/ttj?id=1248820&size=300x250&promo_sizes=250x250,200x200,180x150&promo_alignment=center
Requested by: Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania
Protocol: HTTP/1.1
Server: 67.192.42.10 San Antonio, United States, ASN33070 (RMH-14 - Rackspace Hosting, US),
Reverse DNS
Software: Apache /
Resource Hash: 2090fbcdebbb13c1f0bc60e0749ddd513b8d69e88770b718f7d9da2439b20c5b

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 07 Apr 2019 09:39:43 GMT
Last-Modified: Thu, 30 Aug 2018 14:27:31 GMT
Server: Apache
ETag: "7e0016-77d-574a7e01a8acc"
Content-Type: text/plain; charset=UTF-8
Cache-Control: no-cache, max-age=0, s-maxage=0, must-revalidate, proxy-revalidate
Connection: close
Accept-Ranges: bytes
Content-Length: 1917
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 icon18_wrench_allbkg.png
resources.blogblog.com/img/ 475 B
614 B 21ms
6ms Image
image/png 2a00:1450:4001:825::2009
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/icon18_wrench_allbkg.png

Requested by

Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2009 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 06 Apr 2019 03:53:50 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Apr 2019 02:29:48 GMT
server: sffe
age: 107153
content-type: image/png
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 475
x-xss-protection: 0
expires: Sat, 13 Apr 2019 03:53:50 GMT

GET
H/1.1 200
OK Untitled-3.jpg
3.bp.blogspot.com/-250i8ZiARno/T7z_qfnr39I/AAAAAAAAA3U/gTxroZk5Yes/s1600/ 19 KB
20 KB 698ms
676ms Image
image/jpeg 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://3.bp.blogspot.com/-250i8ZiARno/T7z_qfnr39I/AAAAAAAAA3U/gTxroZk5Yes/s1600/Untitled-3.jpg

Requested by

Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

00814de5553816cf84b97a0badd5e9550a33455b3d5b75f0b73b28c9f15bcec5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 07 Apr 2019 09:39:44 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "v375"
Vary: Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Untitled-3.jpg"
Timing-Allow-Origin: *
Content-Length: 19770
X-XSS-Protection: 0
Expires: Mon, 08 Apr 2019 09:39:44 GMT

GET
H2 200 getjs.aspx Show response
tag.contextweb.com/TagPublish/ 1 KB
1 KB 83ms
17ms Script
application/x-javascript 74.214.194.132
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.contextweb.com/TagPublish/getjs.aspx?action=VIEWAD&cwrun=200&cwadformat=300X250&cwpid=547496&cwwidth=300&cwheight=250&cwpnet=1&cwtagid=128071
Requested by: Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 74.214.194.132 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software: envoy /
Resource Hash: b58b9fc86a2d745c752b33f27b67a8c4341d33c9928d85d08fd275c3e5bf2b0a

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 07 Apr 2019 09:39:43 GMT
content-encoding: gzip
server: envoy
p3p: policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
status: 200
cache-control: no-cache, no-store
x-envoy-upstream-service-time: 2
content-type: application/x-javascript
content-length: 727

GET t
ads.qadservice.com/ 0
0

GET
H/1.1 200
OK getjs.aspx Show response
tag.contextweb.com/TagPublish/ 1 KB
1 KB 64ms
19ms Script
application/x-javascript 74.214.194.131
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to

Full URL: http://tag.contextweb.com/TagPublish/getjs.aspx?action=VIEWAD&cwrun=200&cwadformat=160X600&cwpid=547496&cwwidth=160&cwheight=600&cwpnet=1&cwtagid=128609
Requested by: Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania
Protocol: HTTP/1.1
Server: 74.214.194.131 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software: envoy /
Resource Hash: fc2506463ee7767edd50f6966ef07a193b0bc89cc115f77dc095e867f3e28d39

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 07 Apr 2019 09:39:43 GMT
content-encoding: gzip
server: envoy
p3p: policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: no-cache, no-store
x-envoy-upstream-service-time: 2
content-type: application/x-javascript
content-length: 727

GET
H/1.1 200
OK ttj Show response
go.adversal.com/ 2 KB
2 KB 262ms
117ms Script
text/plain 67.192.42.10
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL: http://go.adversal.com/ttj?id=1248820&size=160x600&promo_sizes=120x600&promo_alignment=center
Requested by: Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania
Protocol: HTTP/1.1
Server: 67.192.42.10 San Antonio, United States, ASN33070 (RMH-14 - Rackspace Hosting, US),
Reverse DNS
Software: Apache /
Resource Hash: 2090fbcdebbb13c1f0bc60e0749ddd513b8d69e88770b718f7d9da2439b20c5b

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 07 Apr 2019 09:39:43 GMT
Last-Modified: Thu, 30 Aug 2018 14:27:31 GMT
Server: Apache
ETag: "7e0016-77d-574a7e01a8acc"
Content-Type: text/plain; charset=UTF-8
Cache-Control: no-cache, max-age=0, s-maxage=0, must-revalidate, proxy-revalidate
Connection: close
Accept-Ranges: bytes
Content-Length: 1917
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 404
Not Found pagenumbers.js
bplugins.googlecode.com/files/ 0
0 37ms
14ms Script
text/html 2a00:1450:400c:c0a::52
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://bplugins.googlecode.com/files/pagenumbers.js
Requested by: Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania
Protocol: HTTP/1.1
Server: 2a00:1450:400c:c0a::52 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H/1.1 200
OK cookienotice.js Show response
www.pwnthis.net/js/ 6 KB
2 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:819::2013
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://www.pwnthis.net/js/cookienotice.js

Requested by

Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania

Protocol

HTTP/1.1

Server

2a00:1450:4001:819::2013 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.pwnthis.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://www.pwnthis.net/search/label/Slotomania
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 07 Apr 2019 09:38:04 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sun, 07 Apr 2019 01:19:37 GMT
Server: sffe
Age: 99
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
Content-Length: 2026
X-XSS-Protection: 0
Expires: Sun, 14 Apr 2019 09:38:04 GMT

GET
H2 200 513541589-widgets.js Show response
www.blogger.com/static/v1/widgets/ 148 KB
53 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:825::2009
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/513541589-widgets.js

Requested by

Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2009 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

ab504ebf8f2ffbb9dd8170dd861b19dcc51dc94f7467b5aee2a456d075771627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 03 Apr 2019 23:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Apr 2019 19:43:05 GMT
server: sffe
age: 295772
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 54449
x-xss-protection: 0
expires: Thu, 02 Apr 2020 23:30:11 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.8RodOolT8JU.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCOIo0_JuSGflMsDv4KwJaDwWj-arA/ 133 KB
47 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81c::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.8RodOolT8JU.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCOIo0_JuSGflMsDv4KwJaDwWj-arA/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

25c35bbb31c62c0d33d0c96e3ae0c6963654810254d3d72f94248fb958748d4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 05 Apr 2019 20:53:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Apr 2019 21:37:00 GMT
server: sffe
age: 132369
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 48297
x-xss-protection: 0
expires: Sat, 04 Apr 2020 20:53:34 GMT

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

7ms
6ms

Script
text/javascript

2a00:1450:4001:806::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:806::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 16 Jan 2019 20:01:45 GMT
server: Golfe2
age: 3862
date: Sun, 07 Apr 2019 08:35:21 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 17168
expires: Sun, 07 Apr 2019 10:35:21 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
670 B 115ms
113ms Stylesheet
text/css 2a00:1450:4001:825::2009
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=3867102894804831668&zx=38287843-fbc0-42f9-8322-92c28cc94b0a

Requested by

Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2009 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 21
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sun, 07 Apr 2019 09:39:43 GMT
server: GSE
date: Sun, 07 Apr 2019 09:39:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.8RodOolT8JU.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCOIo0_JuSGflMsDv4KwJaDwWj-arA/ 52 KB
17 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:81c::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.8RodOolT8JU.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCOIo0_JuSGflMsDv4KwJaDwWj-arA/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

78273316c41942e4b37ad995598c16c907ce75701dbb3e48e5f32553ce643070

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 05 Apr 2019 20:57:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Apr 2019 21:37:00 GMT
server: sffe
age: 132147
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 17289
x-xss-protection: 0
expires: Sat, 04 Apr 2020 20:57:16 GMT

GET
H/1.1 200
OK google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
627 B 7ms
5ms Script
text/javascript 2a00:1450:4001:816::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/google_top_exp.js

Requested by

Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania

Protocol

HTTP/1.1

Server

2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 06 Apr 2019 00:43:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
Age: 118560
ETag: 13036835877489095579
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: public, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 67
X-XSS-Protection: 1; mode=block
Expires: Sat, 20 Apr 2019 00:43:43 GMT

GET
H2

200

all.js Show response
connect.facebook.net/en_US/
Redirect Chain

http://connect.facebook.net/en_US/all.js
https://connect.facebook.net/en_US/all.js

3 KB
2 KB

6ms
6ms

Script
application/x-javascript

2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

3a429770b773aaf7d49e70d01f6281b124317d59ddb5a08f88009088e8bf926d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: wzMrh/joO9t6u8BaKlwmKQ==
status: 200
date: Sun, 07 Apr 2019 09:39:43 GMT
vary: Accept-Encoding
content-length: 1781
x-fb-debug: yFV1uH34g09GqpMlEdXgJ9GJ3hk+VmDb5JFw+gREbwEYfNoljEsDZTIlphiXDlv8j2bmSPetyivgbLlP3bolfw==
x-fb-content-md5: 85531036f9d5ab52097632b794a479c0
etag: "0815309904aaba0cc1aa8c610ea047f8"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 07 Apr 2019 09:56:54 GMT

Redirect headers

Location: https://connect.facebook.net/en_US/all.js#xfbml=1&appId=207630375915744
Non-Authoritative-Reason: HSTS

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
172 B 15ms
15ms Script
application/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.pwnthis.net

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 07 Apr 2019 09:39:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
172 B 17ms
16ms Script
application/javascript 2a00:1450:4001:819::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.pwnthis.net

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 07 Apr 2019 09:39:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 104
x-xss-protection: 0

GET
H/1.1 200
OK show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190403/r20190131/ 202 KB
76 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:816::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20190403/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

385504a8ba06ed033a4b5e4013105a40bb470395441f08c4f79b8d2e9b980eec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 07 Apr 2019 09:39:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
ETag: 12690070697657176582
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 76865
X-XSS-Protection: 0
Expires: Sun, 07 Apr 2019 09:39:43 GMT

GET
H/1.1 200
OK show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190403/r20190131/ Frame 01A2 202 KB
76 KB 31ms
25ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20190403/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

385504a8ba06ed033a4b5e4013105a40bb470395441f08c4f79b8d2e9b980eec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 07 Apr 2019 09:39:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
ETag: 12690070697657176582
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 76865
X-XSS-Protection: 0
Expires: Sun, 07 Apr 2019 09:39:43 GMT

GET
H2 200 ca-pub-3090693951005014.js Show response
pagead2.googlesyndication.com/pub-config/r20160913/ 133 B
291 B 7ms
6ms Script
text/javascript 2a00:1450:4001:816::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-3090693951005014.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 07 Apr 2019 09:38:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Apr 2019 20:43:33 GMT
server: sffe
age: 99
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=43200
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 125
x-xss-protection: 0
expires: Sun, 07 Apr 2019 21:38:04 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20190403/r20190131/ Frame 87B6 0
0 11ms
10ms Document
text/html 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20190403/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:806::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20190403/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.pwnthis.net/search/label/Slotomania
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://www.pwnthis.net/search/label/Slotomania

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Wed, 03 Apr 2019 21:23:49 GMT
expires: Wed, 17 Apr 2019 21:23:49 GMT
content-type: text/html; charset=UTF-8
etag: 3275482936266559025
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 6909
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 303354
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"

GET
H2

200

__utm.gif
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2142322085&utmhn=www.pwnthis.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=PWNTH...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2142322085&utmhn=www.pwnthis.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=PWNT...

35 B
112 B

14ms
13ms

Image
image/gif

2a00:1450:4001:806::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2142322085&utmhn=www.pwnthis.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=PWNTHIS%3A%20Slotomania%20%7C%20Cheats%2C%20Hacks%20and%20Tips%20for%20Facebook%20Games&utmhid=1456074866&utmr=-&utmp=%2Fsearch%2Flabel%2FSlotomania&utmht=1554629983830&utmac=UA-22390598-1&utmcc=__utma%3D250174215.2141740646.1554629984.1554629984.1554629984.1%3B%2B__utmz%3D250174215.1554629984.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=2054646716&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:806::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Apr 2019 09:39:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2142322085&utmhn=www.pwnthis.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=PWNTHIS%3A%20Slotomania%20%7C%20Cheats%2C%20Hacks%20and%20Tips%20for%20Facebook%20Games&utmhid=1456074866&utmr=-&utmp=%2Fsearch%2Flabel%2FSlotomania&utmht=1554629983830&utmac=UA-22390598-1&utmcc=__utma%3D250174215.2141740646.1554629984.1554629984.1554629984.1%3B%2B__utmz%3D250174215.1554629984.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=2054646716&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason: HSTS

GET
H2 200 navbar.g
www.blogger.com/ Frame 50E7 0
0 585ms
585ms Document
text/html 2a00:1450:4001:825::2009
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/navbar.g?targetBlogID=3867102894804831668&blogName=PWNTHIS&publishMode=PUBLISH_MODE_HOSTED&navbarType=BLACK&layoutType=LAYOUTS&searchRoot=http://www.pwnthis.net/search&blogLocale=en&v=2&homepageUrl=http://www.pwnthis.net/&vt=-8158558199473928814&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.8RodOolT8JU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCOIo0_JuSGflMsDv4KwJaDwWj-arA%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.8RodOolT8JU.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCOIo0_JuSGflMsDv4KwJaDwWj-arA/cb=gapi.loaded_0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2009 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.blogger.com
:scheme: https
:path: /navbar.g?targetBlogID=3867102894804831668&blogName=PWNTHIS&publishMode=PUBLISH_MODE_HOSTED&navbarType=BLACK&layoutType=LAYOUTS&searchRoot=http://www.pwnthis.net/search&blogLocale=en&v=2&homepageUrl=http://www.pwnthis.net/&vt=-8158558199473928814&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.8RodOolT8JU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCOIo0_JuSGflMsDv4KwJaDwWj-arA%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.pwnthis.net/search/label/Slotomania
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://www.pwnthis.net/search/label/Slotomania

Response headers

status: 200
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 07 Apr 2019 09:39:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 2570
server: GSE
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"

GET
H/1.1 200
OK as Show response
go.adversal.com/ 75 KB
75 KB 294ms
135ms Script
text/plain 67.192.42.10
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL: http://go.adversal.com/as?id=1248820&size=300x250&promo_sizes=250x250,200x200,180x150&promo_alignment=center&v=2
Requested by: Host: go.adversal.com
URL: http://go.adversal.com/ttj?id=1248820&size=300x250&promo_sizes=250x250,200x200,180x150&promo_alignment=center
Protocol: HTTP/1.1
Server: 67.192.42.10 San Antonio, United States, ASN33070 (RMH-14 - Rackspace Hosting, US),
Reverse DNS
Software: Apache /
Resource Hash: bd62cd903cf790d91dfc49b617dcd24c960e1bec7ded22ebbe8e28fccd0ef2ea

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 07 Apr 2019 09:39:44 GMT
Last-Modified: Mon, 28 Jan 2019 15:05:42 GMT
Server: Apache
ETag: "7e004d-12bbd-5808602b07a93"
Content-Type: text/plain; charset=UTF-8
Cache-Control: no-cache, max-age=0, s-maxage=0, must-revalidate, proxy-revalidate
Connection: close
Accept-Ranges: bytes
Content-Length: 76733
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET

xo2zeK1NQXo
www.youtube.com/embed/ Frame 80E7
Redirect Chain

http://www.youtube.com/embed/xo2zeK1NQXo
https://www.youtube.com/embed/xo2zeK1NQXo

0
0

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 186 KB
55 KB 25ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=8bc59e2829217da092a466b43822e2b4&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

28105673ac21117e75ffd7075ae3ffd8c92b3159a199e38b811b142d147fef35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://www.pwnthis.net/search/label/Slotomania
Origin: http://www.pwnthis.net

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: plky7EyHiGqntT1cjlaQ0w==
status: 200
date: Sun, 07 Apr 2019 09:39:43 GMT
vary: Accept-Encoding
content-length: 56136
x-fb-debug: YQKpM/mEDCE/T+OOrUiDYun5p564rA5mXWCetLYTUwAveTd9BzMtxe9+Or2EWz9vfOC/xIzyudHRYyqB8bsKIQ==
x-fb-content-md5: 712228d36f11067e908dbff36208033a
etag: "0cebe323c1a06d760607fb9d0bfdd8f5"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Mon, 06 Apr 2020 08:39:41 GMT

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
116 B 645ms
643ms Stylesheet
text/css 2a00:1450:4001:825::2009
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=3867102894804831668&zx=38287843-fbc0-42f9-8322-92c28cc94b0a

Requested by

Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2009 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 21
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sun, 07 Apr 2019 09:39:44 GMT
server: GSE
date: Sun, 07 Apr 2019 09:39:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK icontime.gif
3.bp.blogspot.com/_ubwIhqPcR6M/TIZYc9FH9JI/AAAAAAAAA9U/maYyFzJjeOY/s1600/ 631 B
1 KB 13ms
6ms Image
image/png 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://3.bp.blogspot.com/_ubwIhqPcR6M/TIZYc9FH9JI/AAAAAAAAA9U/maYyFzJjeOY/s1600/icontime.gif

Requested by

Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

bb72ea15d1c2a397bff55af91b566de7f15c62e97cead113597592b9893d3df1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 07 Apr 2019 09:38:04 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 99
ETag: "v3d5"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="icontime.png"
Timing-Allow-Origin: *
Content-Length: 631
X-XSS-Protection: 0
Expires: Wed, 03 Apr 2019 03:16:38 GMT

GET
H/1.1 200
OK twitter1.png
1.bp.blogspot.com/_ubwIhqPcR6M/TIZZDKoUuUI/AAAAAAAAA9k/5tMMs9lM198/s1600/ 2 KB
2 KB 8ms
6ms Image
image/png 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://1.bp.blogspot.com/_ubwIhqPcR6M/TIZZDKoUuUI/AAAAAAAAA9k/5tMMs9lM198/s1600/twitter1.png

Requested by

Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

664f5a1471a1147e2f6c3faa8818d723610048bf169da33b49aa0cdbb0f1c135

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 07 Apr 2019 05:52:55 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 13608
ETag: "v3d9"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="twitter1.png"
Timing-Allow-Origin: *
Content-Length: 2013
X-XSS-Protection: 0
Expires: Thu, 04 Apr 2019 11:52:30 GMT

GET
H/1.1 200
OK facebook1.png
4.bp.blogspot.com/_ubwIhqPcR6M/TIZZXPQXpOI/AAAAAAAAA9s/eUtxrhfsQnw/s1600/ 2 KB
2 KB 41ms
13ms Image
image/png 2a00:1450:4016:80b::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://4.bp.blogspot.com/_ubwIhqPcR6M/TIZZXPQXpOI/AAAAAAAAA9s/eUtxrhfsQnw/s1600/facebook1.png

Requested by

Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania

Protocol

HTTP/1.1

Server

2a00:1450:4016:80b::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

7eaa6c54946e1b8598d1b3fa968b99821e963bc1ac4c1c16405dbee514751309

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 07 Apr 2019 06:32:19 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 11244
ETag: "v3db"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="facebook1.png"
Timing-Allow-Origin: *
Content-Length: 1648
X-XSS-Protection: 0
Expires: Wed, 03 Apr 2019 16:05:28 GMT

GET
H/1.1 200
OK rss1.png
4.bp.blogspot.com/_ubwIhqPcR6M/TIZZpMLXofI/AAAAAAAAA90/38UW2P6muCw/s1600/ 2 KB
3 KB 41ms
13ms Image
image/png 2a00:1450:4016:80b::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://4.bp.blogspot.com/_ubwIhqPcR6M/TIZZpMLXofI/AAAAAAAAA90/38UW2P6muCw/s1600/rss1.png

Requested by

Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania

Protocol

HTTP/1.1

Server

2a00:1450:4016:80b::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

9a26b7a04b54ee7d8dc27d564a5513e982f0cd2567583c8071190250c804ed2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 07 Apr 2019 06:32:19 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 11244
ETag: "v3dd"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="rss1.png"
Timing-Allow-Origin: *
Content-Length: 2165
X-XSS-Protection: 0
Expires: Wed, 03 Apr 2019 17:37:26 GMT

GET
H/1.1 200
OK email.png
3.bp.blogspot.com/_ubwIhqPcR6M/TIZZ2uMQeWI/AAAAAAAAA98/Rl3vTdU58gU/s1600/ 2 KB
3 KB 12ms
6ms Image
image/png 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://3.bp.blogspot.com/_ubwIhqPcR6M/TIZZ2uMQeWI/AAAAAAAAA98/Rl3vTdU58gU/s1600/email.png

Requested by

Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

ff04606727a3a5fdf09a1f57a2d35a154aa6ce5244fa10a5d1b3ac1eed4b6252

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 07 Apr 2019 05:52:56 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 13607
ETag: "v3df"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="email.png"
Timing-Allow-Origin: *
Content-Length: 2409
X-XSS-Protection: 0
Expires: Thu, 04 Apr 2019 11:52:30 GMT

GET
H/1.1

200
OK

rtset Show response
bh.contextweb.com/bh/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm=&google_sc=&google_tc=
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEJudXvCBguRk5OvLQakeO6M&google_cver=1

0
706 B

78ms
20ms

Script
application/x-javascript

151.101.0.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEJudXvCBguRk5OvLQakeO6M&google_cver=1
Requested by: Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.0.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Jetty(9.4.7.v20170914) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 07 Apr 2019 09:39:44 GMT
Via: 1.1 varnish
X-Cache: MISS
P3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Connection: keep-alive
Content-Length: 0
X-Served-By: cache-hhn1546-HHN
Server: Jetty(9.4.7.v20170914)
Vary: Accept-Encoding
Content-Language: en
Expires: -1
Cache-Control: private, max-age=0, no-cache, no-store
Accept-Ranges: bytes
Content-Type: application/x-javascript;charset=iso-8859-1
Cw-Server: bh-deployment-5b88dffbd-v4zr8
X-Cache-Hits: 0

Redirect headers

pragma: no-cache
date: Sun, 07 Apr 2019 09:39:43 GMT
server: HTTP server (unknown)
location: https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEJudXvCBguRk5OvLQakeO6M&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 306
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK getjs.static.js Show response
tag-st.contextweb.com/TagPublish/ 32 KB
12 KB 59ms
10ms Script
application/x-javascript 151.101.0.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://tag-st.contextweb.com/TagPublish/getjs.static.js?v=30
Requested by: Host: tag.contextweb.com
URL: https://tag.contextweb.com/TagPublish/getjs.aspx?action=VIEWAD&cwrun=200&cwadformat=300X250&cwpid=547496&cwwidth=300&cwheight=250&cwpnet=1&cwtagid=128071
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.0.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: envoy /
Resource Hash: bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Sun, 07 Apr 2019 09:39:43 GMT
content-encoding: gzip
Age: 795
X-Cache: HIT
p3p: policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
x-envoy-upstream-service-time: 10
Connection: keep-alive
Content-Length: 11296
X-Served-By: cache-hhn1545-HHN
server: envoy
X-Timer: S1554629984.941147,VS0,VE0
etag: d13c8ae45565efb782b52cb7f6a3b3828e3d77a7
content-type: application/x-javascript
Via: 1.1 varnish
cache-control: max-age=432000, public
Accept-Ranges: bytes
X-Cache-Hits: 169

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 5DD8 0
0 68ms
66ms Document
text/html 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3090693951005014&output=html&h=250&slotname=6001321194&adk=140015663&adf=83885205&w=300&lmt=1528958665&npa=1&guci=1.2.0.0.2.1.0.0&format=300x250&url=http%3A%2F%2Fwww.pwnthis.net%2Fsearch%2Flabel%2FSlotomania&flash=0&avail_w=0&wgl=1&adsid=NT&dt=1554629983783&bpp=15&bdt=732&fdt=113&idt=112&shv=r20190403&cbv=r20190131&saldr=aa&abxe=1&correlator=1668140226282&frm=20&pv=2&ga_vid=2141740646.1554629984&ga_sid=1554629984&ga_hid=1456074866&ga_fc=1&iag=0&icsg=137439644160&dssz=33&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=324&ady=206&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&ifi=1&uci=1.o78ulra91ha9&fsb=1&xpc=yYi9uaXTy4&p=http%3A//www.pwnthis.net&dtd=129

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20190403/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:806::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3090693951005014&output=html&h=250&slotname=6001321194&adk=140015663&adf=83885205&w=300&lmt=1528958665&npa=1&guci=1.2.0.0.2.1.0.0&format=300x250&url=http%3A%2F%2Fwww.pwnthis.net%2Fsearch%2Flabel%2FSlotomania&flash=0&avail_w=0&wgl=1&adsid=NT&dt=1554629983783&bpp=15&bdt=732&fdt=113&idt=112&shv=r20190403&cbv=r20190131&saldr=aa&abxe=1&correlator=1668140226282&frm=20&pv=2&ga_vid=2141740646.1554629984&ga_sid=1554629984&ga_hid=1456074866&ga_fc=1&iag=0&icsg=137439644160&dssz=33&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=324&ady=206&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&ifi=1&uci=1.o78ulra91ha9&fsb=1&xpc=yYi9uaXTy4&p=http%3A//www.pwnthis.net&dtd=129
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.pwnthis.net/search/label/Slotomania
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://www.pwnthis.net/search/label/Slotomania

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 07 Apr 2019 09:39:43 GMT
server: cafe
content-length: 380
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 07-Apr-2019 09:54:43 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
expires: Sun, 07 Apr 2019 09:39:43 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 77 KB
29 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:809::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20190403/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:809::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

107656bc3f573737e66b5865e8cdd07d4cf88011636d813b5513f58ba6e24088

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 07 Apr 2019 09:39:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1554462934298718"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 29096
x-xss-protection: 0
expires: Sun, 07 Apr 2019 09:39:43 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 2F48 0
0 75ms
74ms Document
text/html 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3090693951005014&output=html&h=250&slotname=6001321194&adk=140015663&adf=1207257747&w=300&lmt=1528958665&npa=1&guci=1.2.0.0.2.1.0.0&format=300x250&url=http%3A%2F%2Fwww.pwnthis.net%2Fsearch%2Flabel%2FSlotomania&flash=0&avail_w=0&wgl=1&adsid=NT&dt=1554629983798&bpp=10&bdt=747&fdt=131&idt=97&shv=r20190403&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250&correlator=1668140226282&frm=20&pv=1&ga_vid=2141740646.1554629984&ga_sid=1554629984&ga_hid=1456074866&ga_fc=1&iag=0&icsg=8933532666368&dssz=34&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=626&ady=206&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&ifi=2&uci=2.2qi8pmjn57ag&fsb=1&xpc=Ehfr67YoSJ&p=http%3A//www.pwnthis.net&dtd=136

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20190403/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:806::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3090693951005014&output=html&h=250&slotname=6001321194&adk=140015663&adf=1207257747&w=300&lmt=1528958665&npa=1&guci=1.2.0.0.2.1.0.0&format=300x250&url=http%3A%2F%2Fwww.pwnthis.net%2Fsearch%2Flabel%2FSlotomania&flash=0&avail_w=0&wgl=1&adsid=NT&dt=1554629983798&bpp=10&bdt=747&fdt=131&idt=97&shv=r20190403&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250&correlator=1668140226282&frm=20&pv=1&ga_vid=2141740646.1554629984&ga_sid=1554629984&ga_hid=1456074866&ga_fc=1&iag=0&icsg=8933532666368&dssz=34&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=626&ady=206&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&ifi=2&uci=2.2qi8pmjn57ag&fsb=1&xpc=Ehfr67YoSJ&p=http%3A//www.pwnthis.net&dtd=136
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.pwnthis.net/search/label/Slotomania
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://www.pwnthis.net/search/label/Slotomania

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 07 Apr 2019 09:39:44 GMT
server: cafe
content-length: 379
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 07-Apr-2019 09:54:43 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
expires: Sun, 07 Apr 2019 09:39:44 GMT
cache-control: private

GET
H2 200 d_vbiawPdxB.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame 40C3 0
0 21ms
6ms Document
text/html 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=8bc59e2829217da092a466b43822e2b4&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.pwnthis.net/search/label/Slotomania
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://www.pwnthis.net/search/label/Slotomania

Response headers

status: 200
content-type: text/html; charset=utf-8
expires: Fri, 03 Apr 2020 20:06:11 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: br
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: public,max-age=31536000,immutable
x-fb-debug: uhJ2EoNry03ib2wm9x4u8Gj1GYN7k34QE2fVUalH0vEnStDRkAAwygeWejkM1H5NqaJCWl1/m/qRRjj3lXTPxw==
content-length: 10997
date: Sun, 07 Apr 2019 09:39:43 GMT

GET
H/1.1 404
Not Found pagenumbers.js
bplugins.googlecode.com/files/ 0
0 16ms
15ms Script
text/html 2a00:1450:400c:c0a::52
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://bplugins.googlecode.com/files/pagenumbers.js
Requested by: Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania
Protocol: HTTP/1.1
Server: 2a00:1450:400c:c0a::52 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H2 200 GetAd.aspx Show response
ams-ads.contextweb.com/TagPublish/ Frame 7C13 3 KB
2 KB 45ms
18ms Script
application/x-javascript 74.214.194.132
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://ams-ads.contextweb.com/TagPublish/GetAd.aspx?tagver=1&ca=VIEWAD&cp=547496&ct=128071&cwod=&epid=&esid=&ccid=&wp=0&cf=300X250&asv=30&eid=&rq=1&dw=1600&cwu=http%3A%2F%2Fwww.pwnthis.net%2Fsearch%2Flabel%2FSlotomania&cwr=&mrnd=60555304&if=0&tl=1&pxy=959,305&cxy=1600,1200&dxy=1600,177&tz=0&ln=en-US&acid=pp_ad_container_0
Requested by: Host: tag-st.contextweb.com
URL: https://tag-st.contextweb.com/TagPublish/getjs.static.js?v=30
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 74.214.194.132 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software: envoy /
Resource Hash: ebf197d9412d19f40c6a004477d9bcb1eb5168eda990ae0dc4b5316187cce160

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Apr 2019 09:39:44 GMT
content-encoding: gzip
server: envoy
p3p: policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
status: 200
cache-control: private, max-age=0, no-cache, no-store
cwdl: 12/110
x-envoy-upstream-service-time: 3
content-type: application/x-javascript; charset=utf-8
cw-server: TAG-DEPLOYMENT-69F97CC5D4-259TN:8080 TAG-DEPLOYMENT-69F97CC5D4-259TN:8080
content-length: 1465
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK GetAd.aspx Show response
ams-ads.contextweb.com/TagPublish/ Frame 98C9 3 KB
2 KB 58ms
21ms Script
application/x-javascript 74.214.194.131
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to

Full URL: http://ams-ads.contextweb.com/TagPublish/GetAd.aspx?tagver=1&ca=VIEWAD&cp=547496&ct=128609&cwod=&epid=&esid=&ccid=&wp=0&cf=160X600&asv=30&eid=&rq=1&dw=1600&cwu=http%3A%2F%2Fwww.pwnthis.net%2Fsearch%2Flabel%2FSlotomania&cwr=&mrnd=18005353&if=0&tl=2&pxy=1117,562&cxy=1600,1200&dxy=1600,177&tz=0&ln=en-US&acid=pp_ad_container_1
Requested by: Host: tag-st.contextweb.com
URL: https://tag-st.contextweb.com/TagPublish/getjs.static.js?v=30
Protocol: HTTP/1.1
Server: 74.214.194.131 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software: envoy /
Resource Hash: eaa34f54a04977468dbae1ff33f7ca1e1c430c4ba3f044fbd2551375c4202085

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Apr 2019 09:39:43 GMT
content-encoding: gzip
server: envoy
p3p: policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cwdl: 12/110
x-envoy-upstream-service-time: 4
content-type: application/x-javascript; charset=utf-8
cw-server: TAG-DEPLOYMENT-69F97CC5D4-4XZC6:8080 TAG-DEPLOYMENT-69F97CC5D4-4XZC6:8080
content-length: 1442
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 404
Not Found pagenumbers.js
bplugins.googlecode.com/files/ 0
0 16ms
14ms Script
text/html 2a00:1450:400c:c0a::52
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://bplugins.googlecode.com/files/pagenumbers.js
Requested by: Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania
Protocol: HTTP/1.1
Server: 2a00:1450:400c:c0a::52 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET ttj
ads.fidelity-media.com/ Frame 7C13 0
0

GET
H/1.1 200
OK l.gif
pp-m.ns1p.net/a/ Frame 7C13 43 B
407 B 65ms
7ms Image
image/gif 45.77.54.226
Choopa

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pp-m.ns1p.net/a/l.gif?t=Q6VlJ

Requested by

Host: ams-ads.contextweb.com
URL: https://ams-ads.contextweb.com/TagPublish/GetAd.aspx?tagver=1&ca=VIEWAD&cp=547496&ct=128071&cwod=&epid=&esid=&ccid=&wp=0&cf=300X250&asv=30&eid=&rq=1&dw=1600&cwu=http%3A%2F%2Fwww.pwnthis.net%2Fsearch%2Flabel%2FSlotomania&cwr=&mrnd=60555304&if=0&tl=1&pxy=959,305&cxy=1600,1200&dxy=1600,177&tz=0&ln=en-US&acid=pp_ad_container_0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.77.54.226 Matawan, United States, ASN20473 (AS-CHOOPA - Choopa, LLC, US),

Reverse DNS

45.77.54.226.vultr.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 07 Apr 2019 09:39:44 GMT
X-Content-Type-Options: nosniff
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=0, no-cache, no-store, must-revalidate
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H2 204 400066.gif
idsync.rlcdn.com/ Frame 7C13 0
35 B 329ms
107ms Image
text/plain 52.200.63.47
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/400066.gif?partner_uid=KWuaG62g1ouj&gdpr=1&gdpr_consent=
Requested by: Host: ams-ads.contextweb.com
URL: https://ams-ads.contextweb.com/TagPublish/GetAd.aspx?tagver=1&ca=VIEWAD&cp=547496&ct=128071&cwod=&epid=&esid=&ccid=&wp=0&cf=300X250&asv=30&eid=&rq=1&dw=1600&cwu=http%3A%2F%2Fwww.pwnthis.net%2Fsearch%2Flabel%2FSlotomania&cwr=&mrnd=60555304&if=0&tl=1&pxy=959,305&cxy=1600,1200&dxy=1600,177&tz=0&ln=en-US&acid=pp_ad_container_0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.200.63.47 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-200-63-47.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 204
date: Sun, 07 Apr 2019 09:39:44 GMT

GET
H/1.1

200
OK

demconf.jpg Show response
dpm.demdex.net/ Frame 7C13
Redirect Chain

https://dpm.demdex.net/ibs:dpid=96678&dpuuid=KWuaG62g1ouj
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=96678&dpuuid=KWuaG62g1ouj

42 B
769 B

33ms
32ms

Script
image/gif

34.247.143.160
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=96678&dpuuid=KWuaG62g1ouj
Requested by: Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.143.160 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-247-143-160.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v026-010643adc.edge-irl1.demdex.com 5.51.2.20190403131314 4ms
Pragma: no-cache
X-TID: e8tsW7pUQoE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
X-TID: k0KZC/s+SQ8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=96678&dpuuid=KWuaG62g1ouj
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK widget_iframe.2e9f365dae390394eb8d923cba8c5b11.html
platform.twitter.com/widgets/ Frame 7B6E 0
0 31ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2e9f365dae390394eb8d923cba8c5b11.html?origin=http%3A%2F%2Fwww.pwnthis.net&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/419C) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://www.pwnthis.net/search/label/Slotomania
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://www.pwnthis.net/search/label/Slotomania

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 07 Apr 2019 09:39:44 GMT
Etag: "347ce5de96d97a02c18244967b8b6532+gzip"
Last-Modified: Thu, 07 Mar 2019 17:39:26 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/419C)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 5783

GET
H/1.1 200
OK button.dd024c345fc26f7c7a8d9938b67e5d3d.js Show response
platform.twitter.com/js/ 7 KB
3 KB 33ms
8ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.dd024c345fc26f7c7a8d9938b67e5d3d.js
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41A1) /
Resource Hash: bec117b5be8f22e9305be68965e3734a5135357a3ac88cda5814b7069a1c62dc

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 07 Apr 2019 09:39:42 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Mar 2019 17:39:15 GMT
Server: ECS (fcn/41A1)
Etag: "481d209bbcd2464884d57a77bc64e947+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 2293

GET
H2

200

d_vbiawPdxB.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame F69D
Redirect Chain

https://www.facebook.com/connect/ping?client_id=207630375915744&domain=www.pwnthis.net&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversio...
https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44

0
0

6ms
6ms

Document
text/html

2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=8bc59e2829217da092a466b43822e2b4&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.pwnthis.net/search/label/Slotomania
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://www.pwnthis.net/search/label/Slotomania

Response headers

status: 200
content-type: text/html; charset=utf-8
expires: Fri, 03 Apr 2020 20:06:11 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: br
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: public,max-age=31536000,immutable
x-fb-debug: uhJ2EoNry03ib2wm9x4u8Gj1GYN7k34QE2fVUalH0vEnStDRkAAwygeWejkM1H5NqaJCWl1/m/qRRjj3lXTPxw==
content-length: 10997
date: Sun, 07 Apr 2019 09:39:44 GMT

Redirect headers

status: 302
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
strict-transport-security: max-age=15552000; preload
location: https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44#cb=f210ec8c5ac48d4&domain=www.pwnthis.net&origin=http%3A%2F%2Fwww.pwnthis.net%2Ff2b22a2f3a47&relation=parent&error=unknown_user
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
x-content-type-options: nosniff
x-xss-protection: 0
expect-ct: max-age=86400, report-uri="https://reports.fb.com/expectct/"
content-type: text/html; charset="utf-8"
x-fb-debug: oGVpiZ3yrN7wDpb+a8wFXHu+yeLeJrnUrARfwT9y2MlvEEamjWmDWnQ6Q+4g70+KhZpuh5Tm4cGXnO0Bqcjb0A==
content-length: 0
date: Sun, 07 Apr 2019 09:39:44 GMT

GET
H2 200 cb=gapi.loaded_2 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.8RodOolT8JU.O/m=auth/exm=gapi_iframes,gapi_iframes_style_bubble,plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCOIo0_JuSGflMsDv4KwJaDwWj-arA/ 75 KB
27 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:81c::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.8RodOolT8JU.O/m=auth/exm=gapi_iframes,gapi_iframes_style_bubble,plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCOIo0_JuSGflMsDv4KwJaDwWj-arA/cb=gapi.loaded_2

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

2fe2d9a82bb36a32e06fa899f38698795adc30c5d33d70239822314f3f1961c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 05 Apr 2019 22:05:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Apr 2019 21:37:00 GMT
server: sffe
age: 128055
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 27180
x-xss-protection: 0
expires: Sat, 04 Apr 2020 22:05:29 GMT

GET
H2

404

fastbutton
plus.google.com/se/0/_/+1/ Frame B5C3
Redirect Chain

https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=tall&hl=en-US&origin=http%3A%2F%2Fwww.pwnthis.net&url=http%3A%2F%2Fwww.pwnthis.net%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2...
https://plus.google.com/se/0/_/+1/fastbutton?usegapi=1&size=tall&hl=en-US&origin=http://www.pwnthis.net&url=http://www.pwnthis.net/&gsrc=3p&ic=1&jsh=m;/_/scs/apps-static/_/js/k%3Doz.gapi.en_US.8Rod...

0
0

75ms
44ms

Document
text/html

2a00:1450:4001:814::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://plus.google.com/se/0/_/+1/fastbutton?usegapi=1&size=tall&hl=en-US&origin=http://www.pwnthis.net&url=http://www.pwnthis.net/&gsrc=3p&ic=1&jsh=m;/_/scs/apps-static/_/js/k%3Doz.gapi.en_US.8RodOolT8JU.O/am%3DwQ/rt%3Dj/d%3D1/rs%3DAGLTcCOIo0_JuSGflMsDv4KwJaDwWj-arA/m%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:814::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: plus.google.com
:scheme: https
:path: /se/0/_/+1/fastbutton?usegapi=1&size=tall&hl=en-US&origin=http://www.pwnthis.net&url=http://www.pwnthis.net/&gsrc=3p&ic=1&jsh=m;/_/scs/apps-static/_/js/k%3Doz.gapi.en_US.8RodOolT8JU.O/am%3DwQ/rt%3Dj/d%3D1/rs%3DAGLTcCOIo0_JuSGflMsDv4KwJaDwWj-arA/m%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.pwnthis.net/search/label/Slotomania
accept-encoding: gzip, deflate, br
cookie: NID=180=Mfw_vxtjJvCh06zuU6aw0_52yvc-JDIeGUM9VrdvnWImcppaajdYw2g9zI6m2pz3ZpdzJM7mptomq5eiv9md69-VCewezfyeJTC7G3ruiTleVxyXKcwDbAajlTqpQ6qmRKODEfl0QTcs217s1EVyHnMDnLyN7TBR6gP7_uiKvmU
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://www.pwnthis.net/search/label/Slotomania

Response headers

status: 404
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 07 Apr 2019 09:39:44 GMT
content-security-policy-report-only: script-src 'report-sample' 'nonce-KS243/CrIM4yyMb6HYD1yg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"

Redirect headers

status: 302
content-type: application/binary
x-ua-compatible: IE=edge, chrome=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 07 Apr 2019 09:39:44 GMT
location: https://plus.google.com:443/se/0/_/+1/fastbutton?usegapi=1&size=tall&hl=en-US&origin=http://www.pwnthis.net&url=http://www.pwnthis.net/&gsrc=3p&ic=1&jsh=m;/_/scs/apps-static/_/js/k%3Doz.gapi.en_US.8RodOolT8JU.O/am%3DwQ/rt%3Dj/d%3D1/rs%3DAGLTcCOIo0_JuSGflMsDv4KwJaDwWj-arA/m%3D__features__
content-security-policy-report-only: script-src 'report-sample' 'nonce-2b23itDM2ZhKXo1cmI0EYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /se/0/_/cspreport
server: ESF
content-length: 0
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"

GET ttj
ads.fidelity-media.com/ Frame 98C9 0
0

GET
H/1.1 200
OK l.gif
pp-m.ns1p.net/a/ Frame 98C9 43 B
407 B 45ms
7ms Image
image/gif 45.76.91.25
Choopa

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pp-m.ns1p.net/a/l.gif?t=Zv7KT

Requested by

Host: ams-ads.contextweb.com
URL: http://ams-ads.contextweb.com/TagPublish/GetAd.aspx?tagver=1&ca=VIEWAD&cp=547496&ct=128609&cwod=&epid=&esid=&ccid=&wp=0&cf=160X600&asv=30&eid=&rq=1&dw=1600&cwu=http%3A%2F%2Fwww.pwnthis.net%2Fsearch%2Flabel%2FSlotomania&cwr=&mrnd=18005353&if=0&tl=2&pxy=1117,562&cxy=1600,1200&dxy=1600,177&tz=0&ln=en-US&acid=pp_ad_container_1

Protocol

HTTP/1.1

Server

45.76.91.25 Frankfurt Am Main, Germany, ASN20473 (AS-CHOOPA - Choopa, LLC, US),

Reverse DNS

45.76.91.25.vultr.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 07 Apr 2019 09:39:44 GMT
X-Content-Type-Options: nosniff
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=0, no-cache, no-store, must-revalidate
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H/1.1 204
No Content 400066.gif
idsync.rlcdn.com/ Frame 98C9 0
88 B 455ms
230ms Image
text/plain 52.0.206.42
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://idsync.rlcdn.com/400066.gif?partner_uid=VBtB493PCSLv&gdpr=1&gdpr_consent=
Requested by: Host: ams-ads.contextweb.com
URL: http://ams-ads.contextweb.com/TagPublish/GetAd.aspx?tagver=1&ca=VIEWAD&cp=547496&ct=128609&cwod=&epid=&esid=&ccid=&wp=0&cf=160X600&asv=30&eid=&rq=1&dw=1600&cwu=http%3A%2F%2Fwww.pwnthis.net%2Fsearch%2Flabel%2FSlotomania&cwr=&mrnd=18005353&if=0&tl=2&pxy=1117,562&cxy=1600,1200&dxy=1600,177&tz=0&ln=en-US&acid=pp_ad_container_1
Protocol: HTTP/1.1
Server: 52.0.206.42 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-0-206-42.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Connection: keep-alive
Date: Sun, 07 Apr 2019 09:39:44 GMT

GET
H/1.1

200
OK

demconf.jpg Show response
dpm.demdex.net/ Frame 98C9
Redirect Chain

http://dpm.demdex.net/ibs:dpid=96678&dpuuid=VBtB493PCSLv
http://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=96678&dpuuid=VBtB493PCSLv

42 B
769 B

35ms
35ms

Script
image/gif

52.214.222.48
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=96678&dpuuid=VBtB493PCSLv
Requested by: Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania
Protocol: HTTP/1.1
Server: 52.214.222.48 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-214-222-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v026-01f69c86e.edge-irl1.demdex.com 5.51.2.20190403131314 4ms
Pragma: no-cache
X-TID: uMtUQWD7Qns=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
X-TID: dbdHzqHPQS8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: http://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=96678&dpuuid=VBtB493PCSLv
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 like.php
www.facebook.com/plugins/ Frame A8C0 0
0 336ms
334ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?app_id=207630375915744&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Dfd69d5aeaa1278%26domain%3Dwww.pwnthis.net%26origin%3Dhttp%253A%252F%252Fwww.pwnthis.net%252Ff2b22a2f3a47%26relation%3Dparent.parent&container_width=0&font=verdana&href=http%3A%2F%2Fwww.pwnthis.net%2Fsearch%2Flabel%2FSlotomania&layout=box_count&locale=en_US&sdk=joey&send=false&show_faces=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=8bc59e2829217da092a466b43822e2b4&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?app_id=207630375915744&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Dfd69d5aeaa1278%26domain%3Dwww.pwnthis.net%26origin%3Dhttp%253A%252F%252Fwww.pwnthis.net%252Ff2b22a2f3a47%26relation%3Dparent.parent&container_width=0&font=verdana&href=http%3A%2F%2Fwww.pwnthis.net%2Fsearch%2Flabel%2FSlotomania&layout=box_count&locale=en_US&sdk=joey&send=false&show_faces=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.pwnthis.net/search/label/Slotomania
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://www.pwnthis.net/search/label/Slotomania

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
expect-ct: max-age=86400, report-uri="https://reports.fb.com/expectct/"
content-type: text/html; charset="utf-8"
x-fb-debug: 9o19fI0P8vUhOh4P4iAmoX+NtOqK9tVfChun93zIFFPOzKp9txMYYgl5olU/vQaV4AHosaNPWzS+CLqwtl3Igg==
date: Sun, 07 Apr 2019 09:39:44 GMT

GET
H2 200 postmessageRelay
accounts.google.com/o/oauth2/ Frame 1FCF 0
0 57ms
41ms Document
text/html 2a00:1450:4001:81f::200d
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fwww.pwnthis.net&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.8RodOolT8JU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCOIo0_JuSGflMsDv4KwJaDwWj-arA%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.8RodOolT8JU.O/m=auth/exm=gapi_iframes,gapi_iframes_style_bubble,plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCOIo0_JuSGflMsDv4KwJaDwWj-arA/cb=gapi.loaded_2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81f::200d , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pUpOR1zwSaDNBlIE9IvO9g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Xss-Protection	0

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/postmessageRelay?parent=http%3A%2F%2Fwww.pwnthis.net&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.8RodOolT8JU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCOIo0_JuSGflMsDv4KwJaDwWj-arA%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.pwnthis.net/search/label/Slotomania
accept-encoding: gzip, deflate, br
cookie: NID=180=Mfw_vxtjJvCh06zuU6aw0_52yvc-JDIeGUM9VrdvnWImcppaajdYw2g9zI6m2pz3ZpdzJM7mptomq5eiv9md69-VCewezfyeJTC7G3ruiTleVxyXKcwDbAajlTqpQ6qmRKODEfl0QTcs217s1EVyHnMDnLyN7TBR6gP7_uiKvmU
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://www.pwnthis.net/search/label/Slotomania

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 07 Apr 2019 09:39:44 GMT
content-security-policy: script-src 'report-sample' 'nonce-pUpOR1zwSaDNBlIE9IvO9g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"

GET
H/1.1 200
OK tweet_button.2e9f365dae390394eb8d923cba8c5b11.en.html
platform.twitter.com/widgets/ Frame 492E 0
0 8ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.2e9f365dae390394eb8d923cba8c5b11.en.html
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40B5) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://www.pwnthis.net/search/label/Slotomania
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://www.pwnthis.net/search/label/Slotomania

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 07 Apr 2019 09:39:44 GMT
Etag: "8dadfe02e828fc4a9d61e33bdd1df329+gzip"
Last-Modified: Thu, 07 Mar 2019 17:39:22 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40B5)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 12257

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
371 B 134ms
134ms Image
image/gif 104.244.42.136
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fwww.pwnthis.net%2Fsearch%2Flabel%2FSlotomania%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1554629984350%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22c1f189f%3A1551939852453%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.136 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 07 Apr 2019 09:39:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
content-length: 65
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 116
pragma: no-cache
last-modified: Sun, 07 Apr 2019 09:39:44 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 730590981f1671aba3b2fe93724c9fe9
x-transaction: 007e9c420035f5b1
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1 200
OK p.js Show response
c.ns1p.net/ Frame 7C13 5 KB
5 KB 49ms
7ms Script
application/javascript 45.77.54.226
Choopa

General

Check archive.org

Show headers Download Go to

Full URL

http://c.ns1p.net/p.js?a=1mbjnam

Requested by

Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania

Protocol

HTTP/1.1

Server

45.77.54.226 Matawan, United States, ASN20473 (AS-CHOOPA - Choopa, LLC, US),

Reverse DNS

45.77.54.226.vultr.com

Software

nginx /

Resource Hash

67e6c780fa5038f3e5057d01c0b0d7be4c136fcb0352f70137b04ea98adcd7e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 07 Apr 2019 09:39:44 GMT
X-Content-Type-Options: nosniff
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=86400, public
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Mon, 08 Apr 2019 09:39:44 GMT

GET
H/1.1 200
OK / Show response
s.ns1p.net/ Frame 7C13 118 B
449 B 49ms
8ms Script
application/javascript 45.76.91.25
Choopa

General

Check archive.org

Show headers Download Go to

Full URL

http://s.ns1p.net/?v=1536174158&a=1mbjnam

Requested by

Host: c.ns1p.net
URL: http://c.ns1p.net/p.js?a=1mbjnam

Protocol

HTTP/1.1

Server

45.76.91.25 Frankfurt Am Main, Germany, ASN20473 (AS-CHOOPA - Choopa, LLC, US),

Reverse DNS

45.76.91.25.vultr.com

Software

psched /

Resource Hash

787dd206de9a6b911960e174e2e0bf271e93e06ba4fb3a9da8f288ed0f718229

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 07 Apr 2019 09:39:44 GMT
X-Content-Type-Options: nosniff
Server: psched
Etag: "42eba3bd9d6513ceab83329985487e3f98adf8ab"
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
Content-Length: 118
X-XSS-Protection: 1; mode=block
Expires: Sun, 07 Apr 2019 09:39:43 GMT

GET
H/1.1 200
OK in Show response
go.adversal.com/ 0
150 B 259ms
125ms Script
text/html 67.192.42.10
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL: http://go.adversal.com/in?%7B%22plcs%22%3A%7B%221248820%22%3A%7B%22aus%22%3A%7B%221%22%3A%7B%22mt%22%3A%22B%22%2C%22asr%22%3A1%2C%22szinfo%22%3A%7B%22sz%22%3A%22300x250%22%2C%22psz%22%3A%22250x250%2C200x200%2C180x150%22%7D%2C%22cinfo%22%3A%7B%22csz%22%3A%22300x0%22%2C%22wsz%22%3A%221600x1200%22%2C%22docsz%22%3A%221585x2422%22%2C%22scnsz%22%3A%221600x1200%22%7D%7D%2C%222%22%3A%7B%22mt%22%3A%22B%22%2C%22asr%22%3A1%2C%22szinfo%22%3A%7B%22sz%22%3A%22160x600%22%7D%2C%22cinfo%22%3A%7B%22csz%22%3A%220x0%22%2C%22wsz%22%3A%221600x1200%22%2C%22docsz%22%3A%221585x2422%22%2C%22scnsz%22%3A%221600x1200%22%7D%7D%7D%7D%7D%2C%22c%22%3A2%2C%22dvc%22%3A%22dt%22%2C%22loc%22%3A%7B%22h2%22%3A%22www.pwnthis.net%22%2C%22u%22%3A%22http%3A%2F%2Fwww.pwnthis.net%2Fsearch%2Flabel%2FSlotomania%22%7D%7D
Requested by: Host: go.adversal.com
URL: http://go.adversal.com/as?id=1248820&size=300x250&promo_sizes=250x250,200x200,180x150&promo_alignment=center&v=2
Protocol: HTTP/1.1
Server: 67.192.42.10 San Antonio, United States, ASN33070 (RMH-14 - Rackspace Hosting, US),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 07 Apr 2019 09:39:44 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK l.gif
pstatic03_sfo03.nsone.co/a/ Frame 7C13 43 B
407 B 331ms
158ms Image
image/gif 52.8.223.239
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pstatic03_sfo03.nsone.co/a/l.gif?t=pb2866

Requested by

Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania

Protocol

HTTP/1.1

Server

52.8.223.239 San Jose, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-8-223-239.us-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 07 Apr 2019 09:39:44 GMT
X-Content-Type-Options: nosniff
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=0, no-cache, no-store, must-revalidate
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H/1.1 200
OK p.js Show response
c.ns1p.net/ Frame 98C9 5 KB
0 49ms
7ms Script
application/javascript 45.77.54.226
Choopa

General

Check archive.org

Show headers Download Go to

Full URL

http://c.ns1p.net/p.js?a=1mbjnam

Requested by

Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania

Protocol

HTTP/1.1

Server

45.77.54.226 Matawan, United States, ASN20473 (AS-CHOOPA - Choopa, LLC, US),

Reverse DNS

45.77.54.226.vultr.com

Software

nginx /

Resource Hash

67e6c780fa5038f3e5057d01c0b0d7be4c136fcb0352f70137b04ea98adcd7e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 07 Apr 2019 09:39:44 GMT
X-Content-Type-Options: nosniff
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=86400, public
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Mon, 08 Apr 2019 09:39:44 GMT

GET
H/1.1 200
OK / Show response
s.ns1p.net/ Frame 98C9 118 B
449 B 49ms
8ms Script
application/javascript 45.76.91.25
Choopa

General

Check archive.org

Show headers Download Go to

Full URL

http://s.ns1p.net/?v=1536174158&a=1mbjnam

Requested by

Host: c.ns1p.net
URL: http://c.ns1p.net/p.js?a=1mbjnam

Protocol

HTTP/1.1

Server

45.76.91.25 Frankfurt Am Main, Germany, ASN20473 (AS-CHOOPA - Choopa, LLC, US),

Reverse DNS

45.76.91.25.vultr.com

Software

psched /

Resource Hash

34548a10f0f8539c0de58acd6b04e7102a332fb92dab4bed095b33533ecd1fbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
If-None-Match: "42eba3bd9d6513ceab83329985487e3f98adf8ab"

Response headers

Date: Sun, 07 Apr 2019 09:39:44 GMT
X-Content-Type-Options: nosniff
Server: psched
Etag: "ba9873a691b87bed92853fd09b7ba87adfd8030f"
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
Content-Length: 118
X-XSS-Protection: 1; mode=block
Expires: Sun, 07 Apr 2019 09:39:43 GMT

GET
H/1.1 200
OK l.gif
pstatic03_sfo03.nsone.co/a/ Frame 98C9 43 B
407 B 350ms
163ms Image
image/gif 52.8.223.239
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pstatic03_sfo03.nsone.co/a/l.gif?t=4vnxib

Requested by

Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania

Protocol

HTTP/1.1

Server

52.8.223.239 San Jose, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-8-223-239.us-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 07 Apr 2019 09:39:44 GMT
X-Content-Type-Options: nosniff
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=0, no-cache, no-store, must-revalidate
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H/1.1 200
OK l.gif
pstatic03_sfo03.nsone.co/a/ Frame 7C13 43 B
407 B 159ms
158ms Image
image/gif 52.8.223.239
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pstatic03_sfo03.nsone.co/a/l.gif?t=8ubp6y

Protocol

HTTP/1.1

Server

52.8.223.239 San Jose, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-8-223-239.us-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 07 Apr 2019 09:39:44 GMT
X-Content-Type-Options: nosniff
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=0, no-cache, no-store, must-revalidate
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H/1.1 200
OK l.gif
pstatic03_sfo03.nsone.co/a/ Frame 98C9 43 B
407 B 159ms
159ms Image
image/gif 52.8.223.239
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pstatic03_sfo03.nsone.co/a/l.gif?t=xnxe18

Protocol

HTTP/1.1

Server

52.8.223.239 San Jose, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-8-223-239.us-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 07 Apr 2019 09:39:45 GMT
X-Content-Type-Options: nosniff
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=0, no-cache, no-store, must-revalidate
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H/1.1 200
OK l.gif
pstatic03_sfo03.nsone.co/a/ Frame 7C13 43 B
407 B 163ms
163ms Image
image/gif 52.8.223.239
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pstatic03_sfo03.nsone.co/a/l.gif?t=7c9a7u

Protocol

HTTP/1.1

Server

52.8.223.239 San Jose, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-8-223-239.us-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 07 Apr 2019 09:39:45 GMT
X-Content-Type-Options: nosniff
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=0, no-cache, no-store, must-revalidate
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H/1.1 200
OK l.gif
pstatic03_sfo03.nsone.co/a/ Frame 98C9 43 B
407 B 159ms
158ms Image
image/gif 52.8.223.239
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pstatic03_sfo03.nsone.co/a/l.gif?t=6fkev2

Protocol

HTTP/1.1

Server

52.8.223.239 San Jose, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-8-223-239.us-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 07 Apr 2019 09:39:45 GMT
X-Content-Type-Options: nosniff
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=0, no-cache, no-store, must-revalidate
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H/1.1 204
No Content / Show response
b.ns1p.net/ Frame 7C13 0
267 B 48ms
6ms Script
application/javascript 45.76.91.25
Choopa

General

Check archive.org

Show headers Download Go to

Full URL

http://b.ns1p.net/?v=1536174158&a=1mbjnam&x=1543wt0&s=15gjo8m&r=1uxxo37:i|200|158!i|200|159!i|200|163

Requested by

Host: c.ns1p.net
URL: http://c.ns1p.net/p.js?a=1mbjnam

Protocol

HTTP/1.1

Server

45.76.91.25 Frankfurt Am Main, Germany, ASN20473 (AS-CHOOPA - Choopa, LLC, US),

Reverse DNS

45.76.91.25.vultr.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 07 Apr 2019 09:39:45 GMT
X-Content-Type-Options: nosniff
Server: nginx
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
X-XSS-Protection: 1; mode=block
Expires: Sun, 07 Apr 2019 09:39:44 GMT

GET
H/1.1 204
No Content / Show response
b.ns1p.net/ Frame 98C9 0
267 B 33ms
6ms Script
application/javascript 45.76.91.25
Choopa

General

Check archive.org

Show headers Download Go to

Full URL

http://b.ns1p.net/?v=1536174158&a=1mbjnam&x=1ym5xr7&s=1yynt6p&r=1uxxo37:i|200|163!i|200|159!i|200|158

Requested by

Host: c.ns1p.net
URL: http://c.ns1p.net/p.js?a=1mbjnam

Protocol

HTTP/1.1

Server

45.76.91.25 Frankfurt Am Main, Germany, ASN20473 (AS-CHOOPA - Choopa, LLC, US),

Reverse DNS

45.76.91.25.vultr.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 07 Apr 2019 09:39:45 GMT
X-Content-Type-Options: nosniff
Server: nginx
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
X-XSS-Protection: 1; mode=block
Expires: Sun, 07 Apr 2019 09:39:44 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ads.qadservice.com
URL: http://ads.qadservice.com/t?id=1d2c9622-8ea4-4065-ae50-650b0b11978a&size=728x90

Domain: www.youtube.com
URL: https://www.youtube.com/embed/xo2zeK1NQXo

Domain: ads.fidelity-media.com
URL: http://ads.fidelity-media.com/ttj?id=1101707&size=300x250&promo_sizes=250x250,300x600,300x50,200x200,180x150,216x36&promo_alignment=center

Domain: ads.fidelity-media.com
URL: http://ads.fidelity-media.com/ttj?id=1101706&size=160x600&promo_sizes=120x600&promo_alignment=center

Verdicts & Comments Add Verdict or Comment

125 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-18 23:50:30	Name: test_cookie Value: CheckForPermission
.pwnthis.net/	1970-01-18 23:50:31	Name: __utmb Value: 250174215.1.10.1554629984
.google.com/	1970-01-19 04:14:01	Name: NID Value: 180=Mfw_vxtjJvCh06zuU6aw0_52yvc-JDIeGUM9VrdvnWImcppaajdYw2g9zI6m2pz3ZpdzJM7mptomq5eiv9md69-VCewezfyeJTC7G3ruiTleVxyXKcwDbAajlTqpQ6qmRKODEfl0QTcs217s1EVyHnMDnLyN7TBR6gP7_uiKvmU
.pwnthis.net/	1970-01-19 17:21:41	Name: __utma Value: 250174215.2141740646.1554629984.1554629984.1554629984.1
.pwnthis.net/	1970-01-18 23:50:30	Name: __utmt Value: 1
.pwnthis.net/	1970-01-19 04:13:17	Name: __utmz Value: 250174215.1554629984.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.doubleclick.net/	1970-01-19 09:12:05	Name: IDE Value: AHWqTUkXLny6_91QBJgDN5g2jjKfnAZPAx6b7p0Vvkl00fQ8QVuwGben_5gcN9FI
.pwnthis.net/	1969-12-31 23:59:59	Name: __utmc Value: 250174215

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
2.bp.blogspot.com
3.bp.blogspot.com
4.bp.blogspot.com
accounts.google.com
ads.fidelity-media.com
ads.qadservice.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
ams-ads.contextweb.com
apis.google.com
b.ns1p.net
bh.contextweb.com
bplugins.googlecode.com
c.ns1p.net
cm.g.doubleclick.net
connect.facebook.net
dpm.demdex.net
go.adversal.com
go.padsdel.com
go.padstm.com
googleads.g.doubleclick.net
idsync.rlcdn.com
pagead2.googlesyndication.com
platform.twitter.com
plus.google.com
pp-m.ns1p.net
pstatic03_sfo03.nsone.co
resources.blogblog.com
s.ns1p.net
staticxx.facebook.com
syndication.twitter.com
tag-st.contextweb.com
tag.contextweb.com
www.blogger.com
www.facebook.com
www.google-analytics.com
www.googletagservices.com
www.kliptu.com
www.pwnthis.net
www.youtube.com
ads.fidelity-media.com
ads.qadservice.com
www.youtube.com
104.244.42.136
151.101.0.166
172.217.21.226
188.42.162.135
188.42.162.229
209.99.16.15
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:806::2002
2a00:1450:4001:806::200e
2a00:1450:4001:808::2001
2a00:1450:4001:808::200a
2a00:1450:4001:809::2002
2a00:1450:4001:814::200e
2a00:1450:4001:816::2002
2a00:1450:4001:819::2002
2a00:1450:4001:819::2013
2a00:1450:4001:81c::200e
2a00:1450:4001:81d::2002
2a00:1450:4001:81f::200d
2a00:1450:4001:821::2002
2a00:1450:4001:825::2009
2a00:1450:400c:c0a::52
2a00:1450:4016:80b::2001
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.247.143.160
45.76.91.25
45.77.54.226
52.0.206.42
52.200.63.47
52.214.222.48
52.8.223.239
67.192.42.10
74.214.194.131
74.214.194.132
00814de5553816cf84b97a0badd5e9550a33455b3d5b75f0b73b28c9f15bcec5
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
107656bc3f573737e66b5865e8cdd07d4cf88011636d813b5513f58ba6e24088
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
2090fbcdebbb13c1f0bc60e0749ddd513b8d69e88770b718f7d9da2439b20c5b
25c35bbb31c62c0d33d0c96e3ae0c6963654810254d3d72f94248fb958748d4f
28105673ac21117e75ffd7075ae3ffd8c92b3159a199e38b811b142d147fef35
2fe2d9a82bb36a32e06fa899f38698795adc30c5d33d70239822314f3f1961c1
34548a10f0f8539c0de58acd6b04e7102a332fb92dab4bed095b33533ecd1fbd
385504a8ba06ed033a4b5e4013105a40bb470395441f08c4f79b8d2e9b980eec
3a429770b773aaf7d49e70d01f6281b124317d59ddb5a08f88009088e8bf926d
460c112ca18e517ef1a6c6abb2ba5ae55187138503a10177bf1908d9261c3a19
4c3bd13053703f0d96a542f033a16166f4f640303bc334c7c6ac9ff75b333721
664f5a1471a1147e2f6c3faa8818d723610048bf169da33b49aa0cdbb0f1c135
67e6c780fa5038f3e5057d01c0b0d7be4c136fcb0352f70137b04ea98adcd7e9
78273316c41942e4b37ad995598c16c907ce75701dbb3e48e5f32553ce643070
787dd206de9a6b911960e174e2e0bf271e93e06ba4fb3a9da8f288ed0f718229
7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8
7eaa6c54946e1b8598d1b3fa968b99821e963bc1ac4c1c16405dbee514751309
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
9a26b7a04b54ee7d8dc27d564a5513e982f0cd2567583c8071190250c804ed2d
9c8604e0fb6db5384ded555402216456ff70e17e242c8b54035c157c44eba3f0
ab504ebf8f2ffbb9dd8170dd861b19dcc51dc94f7467b5aee2a456d075771627
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b58b9fc86a2d745c752b33f27b67a8c4341d33c9928d85d08fd275c3e5bf2b0a
b6c4fb1904cf23fbc3f27c1ecf600f81fc95847e0a5667abd00f29d004e540e0
bb72ea15d1c2a397bff55af91b566de7f15c62e97cead113597592b9893d3df1
bd62cd903cf790d91dfc49b617dcd24c960e1bec7ded22ebbe8e28fccd0ef2ea
bec117b5be8f22e9305be68965e3734a5135357a3ac88cda5814b7069a1c62dc
bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
d539a910089008f073b426d44a496f1952ba01b9ff018425c18d21bea42aa128
d7f0e2bfc2c0cd54c6bfeec7780e7aa3d2a8eb1324228e719c947dff4751cde1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5725dfd2a86729d12fc0265d9ad7df743fe9b0aa75f7e80dc9d995de052c8ba
eaa34f54a04977468dbae1ff33f7ca1e1c430c4ba3f044fbd2551375c4202085
ebf197d9412d19f40c6a004477d9bcb1eb5168eda990ae0dc4b5316187cce160
fc2506463ee7767edd50f6966ef07a193b0bc89cc115f77dc095e867f3e28d39
ff04606727a3a5fdf09a1f57a2d35a154aa6ce5244fa10a5d1b3ac1eed4b6252

www.pwnthis.net Open in urlscan Pro 2a00:1450:4001:819::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

84 Requests

45 %HTTPS

54 %IPv6

27 Domains

42 Subdomains

34 IPs

5 Countries

718 kBTransfer

1795 kBSize

8 Cookies

12 Outgoing links

Redirected requests

84 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

www.pwnthis.net Open in urlscan Pro
2a00:1450:4001:819::2013 Public Scan

Screenshot
Live screenshot

Full Image

84
Requests

45 %
HTTPS

54 %
IPv6

27
Domains

42
Subdomains

34
IPs

5
Countries

718 kB
Transfer

1795 kB
Size

8
Cookies

84 HTTP transactions
0 data transactions