URL: http://icfesgovco.free.bg/dinheiro-real/page-598-2024-03-06.html
Submission: On July 17 via api from US — Scanned from DE

Summary

This website contacted 27 IPs in 7 countries across 19 domains to perform 71 HTTP transactions. The main IP is 94.130.71.117, located in Hoppegarten, Germany and belongs to HETZNER-AS, DE. The main domain is icfesgovco.free.bg.
This is the only time icfesgovco.free.bg was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 94.130.71.117 24940 (HETZNER-AS)
6 2a00:1450:400... 15169 (GOOGLE)
1 188.114.97.3 13335 (CLOUDFLAR...)
2 104.21.10.82 13335 (CLOUDFLAR...)
1 80.85.84.176 63949 (AKAMAI-LI...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 23.206.208.114 16625 (AKAMAI-AS)
9 2a00:1450:400... 15169 (GOOGLE)
1 91.215.152.128 59729 (ITL-BG)
1 4 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
71 27
Apex Domain
Subdomains
Transfer
9 youtube.com
www.youtube.com — Cisco Umbrella Rank: 91
960 KB
9 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 57
stats.g.doubleclick.net — Cisco Umbrella Rank: 130
static.doubleclick.net — Cisco Umbrella Rank: 348
6 KB
9 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
612 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 135
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
210 KB
5 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2556
adservice.google.com — Cisco Umbrella Rank: 113
www.google.com — Cisco Umbrella Rank: 10
17 KB
5 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 433
jnn-pa.googleapis.com — Cisco Umbrella Rank: 289
65 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 63
21 KB
4 free.bg
icfesgovco.free.bg
137 KB
3 gstatic.com
fonts.gstatic.com
www.gstatic.com
33 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 4752
515 B
2 addthis.com
s7.addthis.com — Cisco Umbrella Rank: 2484
628 B
2 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 236
85 KB
2 slotsspot.com
slotsspot.com
486 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 126
64 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1129
599 B
1 foxcasino.gr
www.foxcasino.gr
134 KB
1 mobileslots.co
www.mobileslots.co
42 KB
1 roseslots.com
www.roseslots.com
81 KB
0 slotcatalog.com Failed
slotcatalog.com Failed
71 19
Domain Requested by
9 www.youtube.com icfesgovco.free.bg
www.youtube.com
9 www.googletagmanager.com icfesgovco.free.bg
www.googletagmanager.com
6 pagead2.googlesyndication.com icfesgovco.free.bg
pagead2.googlesyndication.com
tpc.googlesyndication.com
4 jnn-pa.googleapis.com www.youtube.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
4 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
www.youtube.com
4 icfesgovco.free.bg icfesgovco.free.bg
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 www.google.com www.youtube.com
tpc.googlesyndication.com
2 fonts.gstatic.com www.youtube.com
2 www.google.de icfesgovco.free.bg
2 region1.analytics.google.com www.googletagmanager.com
2 s7.addthis.com 1 redirects icfesgovco.free.bg
2 yt3.ggpht.com icfesgovco.free.bg
www.youtube.com
2 slotsspot.com icfesgovco.free.bg
1 www.gstatic.com www.youtube.com
1 i.ytimg.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 adservice.google.com pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 ajax.googleapis.com icfesgovco.free.bg
1 www.foxcasino.gr icfesgovco.free.bg
1 www.mobileslots.co icfesgovco.free.bg
1 www.roseslots.com icfesgovco.free.bg
0 slotcatalog.com Failed icfesgovco.free.bg
71 26

This site contains links to these domains. Also see Links.

Domain
www.google.com
uxdv-cassinoonline.somee.com
Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1C3
2023-06-19 -
2023-09-11
3 months crt.sh
roseslots.com
E1
2023-07-10 -
2023-10-08
3 months crt.sh
slotsspot.com
GTS CA 1P5
2023-06-13 -
2023-09-11
3 months crt.sh
www.mobileslots.co
R3
2023-06-07 -
2023-09-05
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-04-17 -
2024-04-16
a year crt.sh
*.googleusercontent.com
GTS CA 1C3
2023-06-19 -
2023-09-11
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-06-19 -
2023-09-11
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-06-19 -
2023-09-11
3 months crt.sh
*.google.com
GTS CA 1C3
2023-06-19 -
2023-09-11
3 months crt.sh
www.google.de
GTS CA 1C3
2023-06-19 -
2023-09-11
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-06-19 -
2023-09-11
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2023-06-19 -
2023-09-11
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2023-06-19 -
2023-09-11
3 months crt.sh
www.google.com
GTS CA 1C3
2023-06-19 -
2023-09-11
3 months crt.sh
edgestatic.com
GTS CA 1C3
2023-06-19 -
2023-09-11
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-06-19 -
2023-09-11
3 months crt.sh

This page contains 6 frames:

Primary Page: http://icfesgovco.free.bg/dinheiro-real/page-598-2024-03-06.html
Frame ID: 04624664C6E52F49F633BC170976ECD2
Requests: 43 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230713/r20190131/zrt_lookup.html
Frame ID: 1CC56037E7FC82ACE2BF9083BF9C269C
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/PiXXfiUh-QU
Frame ID: BE6A43D10D991FC927B1CEA6F3B51AB2
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890287250975679&output=html&adk=1812271804&adf=3025194257&lmt=1689198362&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=http%3A%2F%2Ficfesgovco.free.bg%2Fdinheiro-real%2Fpage-598-2024-03-06.html&ea=0&pra=5&wgl=1&dt=1689629591914&bpp=129&bdt=156&idt=501&shv=r20230713&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3434636803684&frm=20&pv=2&ga_vid=897218422.1689629592&ga_sid=1689629592&ga_hid=691827950&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31075813%2C31075951%2C31076087%2C31076160%2C44788441%2C44796476&oid=2&pvsid=3652993020388291&tmod=1806191461&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=554
Frame ID: E698890C046CC8484CA00067262C63E7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 44FE966F7D3AF9C404D63C0621939D70
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C389662D06CBECEC53922D159C2F31BD
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

⭐⭐⭐⭐⭐ Slots Gratis Sem Download Gypsy Rose | Gypsy Rose Online Slot SG | Play Free Betsoft Slots for Fun

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

Overall confidence: 100%
Detected patterns
  • addthis\.com/js/

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

71
Requests

87 %
HTTPS

77 %
IPv6

19
Domains

26
Subdomains

27
IPs

7
Countries

2955 kB
Transfer

6901 kB
Size

12
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • http://s7.addthis.com/js/300/addthis_widget.js HTTP 308
  • https://s7.addthis.com/js/300/addthis_widget.js
Request Chain 48
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

71 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request page-598-2024-03-06.html
icfesgovco.free.bg/dinheiro-real/
31 KB
9 KB
Document
General
Full URL
http://icfesgovco.free.bg/dinheiro-real/page-598-2024-03-06.html
Protocol
HTTP/1.1
Server
94.130.71.117 Hoppegarten, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
free.bg
Software
nginx /
Resource Hash
423b510b3828d3e87a873134a3bc8ef45e45a0c0cc51b23f24c261b512e97d0d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Mon, 17 Jul 2023 21:33:11 GMT
ETag
W/"64af1f1a-7d9e"
Expires
Mon, 17 Jul 2023 21:33:10 GMT
Last-Modified
Wed, 12 Jul 2023 21:46:02 GMT
Server
nginx
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
bootstrap.min.css
icfesgovco.free.bg/css/
119 KB
120 KB
Stylesheet
General
Full URL
http://icfesgovco.free.bg/css/bootstrap.min.css
Requested by
Host: icfesgovco.free.bg
URL: http://icfesgovco.free.bg/dinheiro-real/page-598-2024-03-06.html
Protocol
HTTP/1.1
Server
94.130.71.117 Hoppegarten, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
free.bg
Software
nginx /
Resource Hash
77d6cef356868f46018abf1911b049186a3e4ca73b0f0cadf48033694324948c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://icfesgovco.free.bg/dinheiro-real/page-598-2024-03-06.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Mon, 17 Jul 2023 21:33:11 GMT
Last-Modified
Wed, 12 Jul 2023 21:45:32 GMT
Server
nginx
ETag
"64af1efc-1dd48"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
122184
Expires
Mon, 17 Jul 2023 21:33:10 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
144 KB
50 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6890287250975679
Requested by
Host: icfesgovco.free.bg
URL: http://icfesgovco.free.bg/dinheiro-real/page-598-2024-03-06.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0b75bbf2b24e0d817eb939f0d5746efd31648e142db49364c185febbca6473db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://icfesgovco.free.bg/
Origin
http://icfesgovco.free.bg
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 21:33:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50465
x-xss-protection
0
server
cafe
etag
12547517061844314563
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 17 Jul 2023 21:33:11 GMT
qwertymin.js
icfesgovco.free.bg/css/
1 KB
2 KB
Script
General
Full URL
http://icfesgovco.free.bg/css/qwertymin.js
Requested by
Host: icfesgovco.free.bg
URL: http://icfesgovco.free.bg/dinheiro-real/page-598-2024-03-06.html
Protocol
HTTP/1.1
Server
94.130.71.117 Hoppegarten, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
free.bg
Software
nginx /
Resource Hash
0ae5586d9890485b7d9cddaad714e8df68cb7abfd679402458149db9f38fdc42
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://icfesgovco.free.bg/dinheiro-real/page-598-2024-03-06.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Mon, 17 Jul 2023 21:33:11 GMT
Last-Modified
Wed, 12 Jul 2023 21:45:32 GMT
Server
nginx
ETag
"64af1efc-555"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1365
Expires
Mon, 17 Jul 2023 21:33:10 GMT
high5gamesslot.jpg
www.roseslots.com/images/local/misc/
80 KB
81 KB
Image
General
Full URL
https://www.roseslots.com/images/local/misc/high5gamesslot.jpg
Requested by
Host: icfesgovco.free.bg
URL: http://icfesgovco.free.bg/dinheiro-real/page-598-2024-03-06.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d61b1d4e40c7a118d26e9b17ecbcef740912dcde9ed667826816938d782ef921

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://icfesgovco.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 21:33:12 GMT
x-amz-version-id
84Prk0yQjCcWyG2F1xCBYYh9xutnCCOX
via
1.1 910a343c3141ba3fe805e18bded62490.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
E86J0W4GSJC4B7KH
x-amz-cf-pop
FRA56-P3
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
82427
x-amz-id-2
LREOhNI05Hm3O/VcW5QbKqHuhWwvjzsU1qw2ZyJ7OpKvruJPTsc3jVX2U+v9mMC1IISkDqKZM/Y=
last-modified
Fri, 11 Jun 2021 12:43:20 GMT
server
cloudflare
etag
"acf8554a0a01df83428693ca4bb2ac10"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oWPtipXtgBHSu63AG9bMEQaRnsuv%2BB8W18TlDJY5nmWJFwIOH7h2YKWJfD72USOgs4rtslCvC6bgF%2BVQutgpx9fT7GZVPJZ3xyGG%2FTwbARJJ7Zjik1JgvL3szII97f7v%2BnWHmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7e859a16abc0380e-FRA
x-amz-cf-id
adi8ZExomKyvLarGUBG28-lEw6xtbY0JD_pODyKGT-yvilE_VfrkmA==
betsoft-gypsy-rose-info2.jpg
slotsspot.com/wp-content/uploads/slotsimages/1/
340 KB
340 KB
Image
General
Full URL
https://slotsspot.com/wp-content/uploads/slotsimages/1/betsoft-gypsy-rose-info2.jpg
Requested by
Host: icfesgovco.free.bg
URL: http://icfesgovco.free.bg/dinheiro-real/page-598-2024-03-06.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.10.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63cb86878e6998e81021051d59d1741f8e141b4e08cfb512d8ed167a0c01813f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://icfesgovco.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-proxy-cache
MISS
date
Mon, 17 Jul 2023 21:33:12 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
347816
x-xss-protection
1; mode=block
last-modified
Sat, 21 Aug 2021 09:38:36 GMT
server
cloudflare
etag
"6120c99c-54ea8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HY8k1dEh789%2B83Egg6EnhbnsVW%2B%2BliIzhyEcEz67VhqUtZ9M7l4ZXzqbLHwKW8tnbhV6TwU5qsHgKEZHZXed22k%2F2esl0SLillGWr7QvjlTIBhshSGgbVa7%2BeDwk%2FQbz"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7e859a16cc0d91ef-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
high5games-gypsy-screen7.png
slotsspot.com/wp-content/uploads/slotsscreens/
145 KB
145 KB
Image
General
Full URL
https://slotsspot.com/wp-content/uploads/slotsscreens/high5games-gypsy-screen7.png
Requested by
Host: icfesgovco.free.bg
URL: http://icfesgovco.free.bg/dinheiro-real/page-598-2024-03-06.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.10.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd2f9e0bd1d1f2b1e702cbdce89bad0cfab33279d95c90acb09accd2b86e63c8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://icfesgovco.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-proxy-cache
MISS
date
Mon, 17 Jul 2023 21:33:12 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
148156
x-xss-protection
1; mode=block
last-modified
Sat, 21 Aug 2021 09:38:18 GMT
server
cloudflare
etag
"6120c98a-242bc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RrFkepDh7tXoSV3FzbxLyLpytp3XY8CRx0ZdiOt0y8UTQLYpUxXIQ0fGtgE9gDm6lbOtBZA2zt1yq39th31qaRfchAxLe1P%2BZ0Tm25zfJMG9nZldlIRXny5k5lp9RFjT"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7e859a16cc0f91ef-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
Gypsy-1_s.jpg
slotcatalog.com/userfiles/image/games/High-5-Games/6336/
0
0

w6kOE7Hoie4z7jleW68l9Tl72eJkfbmt4t8yenImKBVvK0kTmF0xjctABnaLJIm9-e1401440195493.jpg
www.mobileslots.co/wp-content/uploads/2014/05/
42 KB
42 KB
Image
General
Full URL
https://www.mobileslots.co/wp-content/uploads/2014/05/w6kOE7Hoie4z7jleW68l9Tl72eJkfbmt4t8yenImKBVvK0kTmF0xjctABnaLJIm9-e1401440195493.jpg
Requested by
Host: icfesgovco.free.bg
URL: http://icfesgovco.free.bg/dinheiro-real/page-598-2024-03-06.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
80.85.84.176 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li748-176.members.linode.com
Software
nginx /
Resource Hash
faedcbd7f3ef05c4132f59eda5d9c4656153821df1fb9e4912c6d8c41ef2a71a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://icfesgovco.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 21:33:12 GMT
last-modified
Fri, 30 May 2014 08:56:35 GMT
server
nginx
etag
"538847c3-a72f"
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
42799
2014612112634-betsoft-gaming-slot-gypsy-rose-wild-card-toss-feature.jpg
www.foxcasino.gr/wp-content/uploads/2015/09/
133 KB
134 KB
Image
General
Full URL
https://www.foxcasino.gr/wp-content/uploads/2015/09/2014612112634-betsoft-gaming-slot-gypsy-rose-wild-card-toss-feature.jpg
Requested by
Host: icfesgovco.free.bg
URL: http://icfesgovco.free.bg/dinheiro-real/page-598-2024-03-06.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec513e87eaa9796c1d8fe13637a74a7ae8dc6132a1725e73f4c30287a0b0935a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://icfesgovco.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 21:33:12 GMT
cf-cache-status
MISS
last-modified
Wed, 07 Dec 2022 09:16:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"2148b-5ef395f623800"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5d5xbbHvjbl1in8UjZLJbij5y6TXrAyW%2B5kiXF86tkSfpNbX6DxIILwkDm2lWcvFd5iwuAjuQKLGyGRP6cqT59QjUvKygylMCC9yZ8xAMfE3CE6ZqJcLXYiWwfDl7MCaYNNJfOo%2BMvlIN7ZHTak%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7e859a168d92bbcd-FRA
content-length
136331
expires
Tue, 16 Jul 2024 21:33:12 GMT
Gypsy-Rose-1_s.jpg
slotcatalog.com/userfiles/image/games/Betsoft/903/
0
0

AATXAJw2WfSCNzVnaIhdEoF3jwTDZPgU1zsnqA3wGA=s900-c-k-c0xffffffff-no-rj-mo
yt3.ggpht.com/a/
80 KB
81 KB
Image
General
Full URL
https://yt3.ggpht.com/a/AATXAJw2WfSCNzVnaIhdEoF3jwTDZPgU1zsnqA3wGA=s900-c-k-c0xffffffff-no-rj-mo
Requested by
Host: icfesgovco.free.bg
URL: http://icfesgovco.free.bg/dinheiro-real/page-598-2024-03-06.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
0d5a66108e08970204b87d243572997c3464c1b31dccf4dee29014b1c2c0ad49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://icfesgovco.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 21:33:12 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
82162
x-xss-protection
0
server
fife
etag
"v9"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 18 Jul 2023 21:33:12 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.0/
94 KB
33 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Requested by
Host: icfesgovco.free.bg
URL: http://icfesgovco.free.bg/dinheiro-real/page-598-2024-03-06.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://icfesgovco.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 16:38:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17689
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33576
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 16 Jul 2024 16:38:22 GMT
addthis_widget.js
s7.addthis.com/js/300/
Redirect Chain
  • http://s7.addthis.com/js/300/addthis_widget.js
  • https://s7.addthis.com/js/300/addthis_widget.js
56 B
361 B
Script
General
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: icfesgovco.free.bg
URL: http://icfesgovco.free.bg/dinheiro-real/page-598-2024-03-06.html
Protocol
H2
Server
23.206.208.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-114.deploy.static.akamaitechnologies.com
Software
Oracle API Gateway /
Resource Hash
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://icfesgovco.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 17 Jul 2023 21:33:12 GMT
server
Oracle API Gateway
opc-request-id
/BBA48D386FC346C7859C891D0DC0DB0D/F7B32DFA41A899F9FF1271606785B232
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
text/javascript
x-distribution
99
x-host
s7.addthis.com
content-length
76
x-xss-protection
1; mode=block

Redirect headers

Date
Mon, 17 Jul 2023 21:33:11 GMT
Server
nginx/1.15.8
X-Distribution
99
Content-Type
text/html
Location
https://s7.addthis.com/js/300/addthis_widget.js
X-Host
s7.addthis.com
Connection
keep-alive
Content-Length
171
js
www.googletagmanager.com/gtag/
262 KB
88 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-WKKLPLJP3V
Requested by
Host: icfesgovco.free.bg
URL: http://icfesgovco.free.bg/dinheiro-real/page-598-2024-03-06.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0adef51d56e6e27f1a09e6633ba862547358d7db59151a9377f442ea5a0405d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://icfesgovco.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 21:33:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89608
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 17 Jul 2023 21:33:12 GMT
js
www.googletagmanager.com/gtag/
243 KB
83 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-B29892VMGP
Requested by
Host: icfesgovco.free.bg
URL: http://icfesgovco.free.bg/dinheiro-real/page-598-2024-03-06.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
22bb9c4268b81f3b343d3620969b7c4a5fafd1c5171cfecb4343affe5313d537
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://icfesgovco.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 21:33:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
84978
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 17 Jul 2023 21:33:12 GMT
js
www.googletagmanager.com/gtag/
162 KB
60 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-96521599-1
Requested by
Host: icfesgovco.free.bg
URL: http://icfesgovco.free.bg/dinheiro-real/page-598-2024-03-06.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
02924cf612e83afb41af87a23ba4dce38bcdca28f9b7992f2dee9f5b78378962
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://icfesgovco.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 21:33:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60943
x-xss-protection
0
last-modified
Mon, 17 Jul 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 17 Jul 2023 21:33:12 GMT
js
www.googletagmanager.com/gtag/
162 KB
60 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-199856617-1
Requested by
Host: icfesgovco.free.bg
URL: http://icfesgovco.free.bg/dinheiro-real/page-598-2024-03-06.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a74eb65b419278bdf1d49884e991f2c927cfccf4d2f9d430599b9390edb2d8b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://icfesgovco.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 21:33:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61010
x-xss-protection
0
last-modified
Mon, 17 Jul 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 17 Jul 2023 21:33:12 GMT
js
www.googletagmanager.com/gtag/
162 KB
60 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-162690612-1
Requested by
Host: icfesgovco.free.bg
URL: http://icfesgovco.free.bg/dinheiro-real/page-598-2024-03-06.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ac2192b2de15c696c8b98f62a2ccdbcdf705195604b304078039e88e7fd2df7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://icfesgovco.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 21:33:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60974
x-xss-protection
0
last-modified
Mon, 17 Jul 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 17 Jul 2023 21:33:12 GMT
bronline
91.215.152.128/
0
0
Script
General
Full URL
http://91.215.152.128/bronline?default_keyword=Slots+gratis+sem+download+Gypsy+Rose
Requested by
Host: icfesgovco.free.bg
URL: http://icfesgovco.free.bg/dinheiro-real/page-598-2024-03-06.html
Protocol
HTTP/1.1
Server
91.215.152.128 Sofia, Bulgaria, ASN59729 (ITL-BG, UA),
Reverse DNS
live7101.vds
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://icfesgovco.free.bg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/
357 KB
123 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6890287250975679&plah=icfesgovco.free.bg
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6890287250975679
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a60d6f3bf8e39e049dd879902286891af76e089e4fdd97dca4b2484adc4a65f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://icfesgovco.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 21:33:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125727
x-xss-protection
0
server
cafe
etag
18439553641014898420
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 17 Jul 2023 21:33:12 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230713/r20190131/ Frame 1CC5
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230713/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6890287250975679
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://icfesgovco.free.bg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
64551
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4544
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 17 Jul 2023 03:37:20 GMT
etag
12368291122986407432
expires
Mon, 31 Jul 2023 03:37:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
PiXXfiUh-QU
www.youtube.com/embed/ Frame BE6A
77 KB
33 KB
Document
General
Full URL
https://www.youtube.com/embed/PiXXfiUh-QU
Requested by
Host: icfesgovco.free.bg
URL: http://icfesgovco.free.bg/dinheiro-real/page-598-2024-03-06.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dac6f62765272708d5dc592e0e41a7b01d52a6c94cab5352d1bf39f897ab6f91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://icfesgovco.free.bg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Mon, 17 Jul 2023 21:33:12 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
logo.jpg
icfesgovco.free.bg/css/
7 KB
7 KB
Image
General
Full URL
http://icfesgovco.free.bg/css/logo.jpg
Requested by
Host: icfesgovco.free.bg
URL: http://icfesgovco.free.bg/dinheiro-real/page-598-2024-03-06.html
Protocol
HTTP/1.1
Server
94.130.71.117 Hoppegarten, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
free.bg
Software
nginx /
Resource Hash
de90b8db133841ab22c95e57687dde9f35523ec13139a3d3a113561da44c5e9b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://icfesgovco.free.bg/dinheiro-real/page-598-2024-03-06.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Mon, 17 Jul 2023 21:33:12 GMT
Last-Modified
Wed, 12 Jul 2023 21:45:32 GMT
Server
nginx
ETag
"64af1efc-1a23"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6691
Expires
Mon, 17 Jul 2023 21:33:11 GMT
collect
region1.analytics.google.com/g/
0
255 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-WKKLPLJP3V&gtm=45je37c0&_p=691827950&_gaz=1&cid=897218422.1689629592&ul=en-us&sr=1600x1200&_s=1&sid=1689629592&sct=1&seg=0&dl=http%3A%2F%2Ficfesgovco.free.bg%2Fdinheiro-real%2Fpage-598-2024-03-06.html&dt=%E2%AD%90%E2%AD%90%E2%AD%90%E2%AD%90%E2%AD%90%20Slots%20Gratis%20Sem%20Download%20Gypsy%20Rose%20%7C%20Gypsy%20Rose%20Online%20Slot%20SG%20%7C%20Play%20Free%20Betsoft%20Slots%20for%20Fun&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WKKLPLJP3V
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://icfesgovco.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jul 2023 21:33:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://icfesgovco.free.bg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
246 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-WKKLPLJP3V&cid=897218422.1689629592&gtm=45je37c0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WKKLPLJP3V
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c02::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://icfesgovco.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jul 2023 21:33:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://icfesgovco.free.bg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
243 KB
83 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-B29892VMGP&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WKKLPLJP3V
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fd37131b5367f27bc08e516c96c4156a796ead84715a3207092a260239271481
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://icfesgovco.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 21:33:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85012
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 17 Jul 2023 21:33:12 GMT
js
www.googletagmanager.com/gtag/
162 KB
60 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-96521599-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WKKLPLJP3V
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8a17815050f6ce74831a127068609d215fc81d6580def780351abfce10d01f87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://icfesgovco.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 21:33:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60993
x-xss-protection
0
last-modified
Mon, 17 Jul 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 17 Jul 2023 21:33:12 GMT
js
www.googletagmanager.com/gtag/
162 KB
60 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-199856617-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WKKLPLJP3V
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
45ecbafbe542ce6c55a7826cb6371f4663ff7f2131ea229efa8d650272124a0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://icfesgovco.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 21:33:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61029
x-xss-protection
0
last-modified
Mon, 17 Jul 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 17 Jul 2023 21:33:12 GMT
js
www.googletagmanager.com/gtag/
162 KB
60 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-162690612-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WKKLPLJP3V
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f951977860eb386e58a15bd953723c8fe674c2653531032f3700588c7adca395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://icfesgovco.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 21:33:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61003
x-xss-protection
0
last-modified
Mon, 17 Jul 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 17 Jul 2023 21:33:12 GMT
ga-audiences
www.google.de/ads/
42 B
408 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-WKKLPLJP3V&cid=897218422.1689629592&gtm=45je37c0&aip=1&z=1558377345
Requested by
Host: icfesgovco.free.bg
URL: http://icfesgovco.free.bg/dinheiro-real/page-598-2024-03-06.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://icfesgovco.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jul 2023 21:33:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
www-player.css
www.youtube.com/s/player/4cc5d082/ Frame BE6A
376 KB
47 KB
Stylesheet
General
Full URL
https://www.youtube.com/s/player/4cc5d082/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/PiXXfiUh-QU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
20c2f0579cc25ebc1abd6ad10b1bc912b28451c9f2258c8b7d8b996577982be0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/PiXXfiUh-QU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 20:31:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
3695
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47953
x-xss-protection
0
last-modified
Wed, 12 Jul 2023 02:37:44 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 16 Jul 2024 20:31:37 GMT
www-embed-player.js
www.youtube.com/s/player/4cc5d082/www-embed-player.vflset/ Frame BE6A
312 KB
94 KB
Script
General
Full URL
https://www.youtube.com/s/player/4cc5d082/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/PiXXfiUh-QU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a3d55d5382139da20f3fe217a9908ff703fd6532067f2ef0b17fc8dc0edb58a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/PiXXfiUh-QU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 21:29:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
248
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95779
x-xss-protection
0
last-modified
Wed, 12 Jul 2023 02:37:44 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 16 Jul 2024 21:29:04 GMT
base.js
www.youtube.com/s/player/4cc5d082/player_ias.vflset/de_DE/ Frame BE6A
2 MB
743 KB
Script
General
Full URL
https://www.youtube.com/s/player/4cc5d082/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/PiXXfiUh-QU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4aab6e7479fd508f7e22a26b81515d83d239dd588e9c51dc6cecbf9813f36459
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/PiXXfiUh-QU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 08:00:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
480761
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
759847
x-xss-protection
0
last-modified
Wed, 12 Jul 2023 02:37:44 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 11 Jul 2024 08:00:31 GMT
fetch-polyfill.js
www.youtube.com/s/player/4cc5d082/fetch-polyfill.vflset/ Frame BE6A
9 KB
3 KB
Script
General
Full URL
https://www.youtube.com/s/player/4cc5d082/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/PiXXfiUh-QU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac8177161c3038b07597ec544de3c00f46e1a0aa6b4b4c045ff0495553cc5069
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/PiXXfiUh-QU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 21:30:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
185
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2625
x-xss-protection
0
last-modified
Wed, 12 Jul 2023 02:37:44 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 16 Jul 2024 21:30:07 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-162690612-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://icfesgovco.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 17 Jul 2023 20:35:19 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
3473
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 17 Jul 2023 22:35:19 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BE6A
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/PiXXfiUh-QU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 00:06:15 GMT
x-content-type-options
nosniff
age
509217
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 Jul 2024 00:06:15 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BE6A
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/PiXXfiUh-QU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 17:47:45 GMT
x-content-type-options
nosniff
age
186327
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 Jul 2024 17:47:45 GMT
collect
region1.analytics.google.com/g/
0
54 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-B29892VMGP&gtm=45je37c0&_p=691827950&_gaz=1&cid=897218422.1689629592&ul=en-us&sr=1600x1200&_s=1&sid=1689629592&sct=1&seg=0&dl=http%3A%2F%2Ficfesgovco.free.bg%2Fdinheiro-real%2Fpage-598-2024-03-06.html&dt=%E2%AD%90%E2%AD%90%E2%AD%90%E2%AD%90%E2%AD%90%20Slots%20Gratis%20Sem%20Download%20Gypsy%20Rose%20%7C%20Gypsy%20Rose%20Online%20Slot%20SG%20%7C%20Play%20Free%20Betsoft%20Slots%20for%20Fun&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B29892VMGP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://icfesgovco.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jul 2023 21:33:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://icfesgovco.free.bg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
45 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-B29892VMGP&cid=897218422.1689629592&gtm=45je37c0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B29892VMGP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c02::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://icfesgovco.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jul 2023 21:33:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://icfesgovco.free.bg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-B29892VMGP&cid=897218422.1689629592&gtm=45je37c0&aip=1&z=1980994881
Requested by
Host: icfesgovco.free.bg
URL: http://icfesgovco.free.bg/dinheiro-real/page-598-2024-03-06.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://icfesgovco.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jul 2023 21:33:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/
381 B
599 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=icfesgovco.free.bg&callback=_gfp_s_&client=ca-pub-6890287250975679
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6890287250975679&plah=icfesgovco.free.bg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5d3adb075a9b515d6b26accec9cae54feb6dc81b6cd9428a50e534a483b74d77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://icfesgovco.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 21:33:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
247
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
456 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=icfesgovco.free.bg
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6890287250975679&plah=icfesgovco.free.bg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://icfesgovco.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 21:33:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E698
603 B
218 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890287250975679&output=html&adk=1812271804&adf=3025194257&lmt=1689198362&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=http%3A%2F%2Ficfesgovco.free.bg%2Fdinheiro-real%2Fpage-598-2024-03-06.html&ea=0&pra=5&wgl=1&dt=1689629591914&bpp=129&bdt=156&idt=501&shv=r20230713&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3434636803684&frm=20&pv=2&ga_vid=897218422.1689629592&ga_sid=1689629592&ga_hid=691827950&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31075813%2C31075951%2C31076087%2C31076160%2C44788441%2C44796476&oid=2&pvsid=3652993020388291&tmod=1806191461&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=554
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6890287250975679&plah=icfesgovco.free.bg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://icfesgovco.free.bg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 17 Jul 2023 21:33:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/
1 B
207 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=691827950&t=pageview&_s=1&dl=http%3A%2F%2Ficfesgovco.free.bg%2Fdinheiro-real%2Fpage-598-2024-03-06.html&ul=en-us&de=UTF-8&dt=%E2%AD%90%E2%AD%90%E2%AD%90%E2%AD%90%E2%AD%90%20Slots%20Gratis%20Sem%20Download%20Gypsy%20Rose%20%7C%20Gypsy%20Rose%20Online%20Slot%20SG%20%7C%20Play%20Free%20Betsoft%20Slots%20for%20Fun&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=644162155&gjid=289963663&cid=897218422.1689629592&tid=UA-162690612-1&_gid=2091851071.1689629593&_r=1&gtm=457e37c0&jsscut=1&z=324956784
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://icfesgovco.free.bg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 17 Jul 2023 21:33:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://icfesgovco.free.bg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
2 B
69 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=691827950&t=pageview&_s=1&dl=http%3A%2F%2Ficfesgovco.free.bg%2Fdinheiro-real%2Fpage-598-2024-03-06.html&ul=en-us&de=UTF-8&dt=%E2%AD%90%E2%AD%90%E2%AD%90%E2%AD%90%E2%AD%90%20Slots%20Gratis%20Sem%20Download%20Gypsy%20Rose%20%7C%20Gypsy%20Rose%20Online%20Slot%20SG%20%7C%20Play%20Free%20Betsoft%20Slots%20for%20Fun&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1130223399&gjid=1544738435&cid=897218422.1689629592&tid=UA-96521599-1&_gid=2091851071.1689629593&_r=1&gtm=457e37c0&jsscut=1&z=1751581531
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://icfesgovco.free.bg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 17 Jul 2023 21:33:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://icfesgovco.free.bg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
2 B
67 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=691827950&t=pageview&_s=1&dl=http%3A%2F%2Ficfesgovco.free.bg%2Fdinheiro-real%2Fpage-598-2024-03-06.html&ul=en-us&de=UTF-8&dt=%E2%AD%90%E2%AD%90%E2%AD%90%E2%AD%90%E2%AD%90%20Slots%20Gratis%20Sem%20Download%20Gypsy%20Rose%20%7C%20Gypsy%20Rose%20Online%20Slot%20SG%20%7C%20Play%20Free%20Betsoft%20Slots%20for%20Fun&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=439955325&gjid=1170983549&cid=897218422.1689629592&tid=UA-199856617-1&_gid=2091851071.1689629593&_r=1&gtm=457e37c0&jsscut=1&z=616803560
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://icfesgovco.free.bg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 17 Jul 2023 21:33:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://icfesgovco.free.bg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
1 B
22 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-96521599-1&cid=897218422.1689629592&jid=1130223399&gjid=1544738435&_gid=2091851071.1689629593&_u=YADAAUABAAAAACAAI~&z=1172612021
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c02::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://icfesgovco.free.bg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 17 Jul 2023 21:33:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://icfesgovco.free.bg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
1 B
22 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-199856617-1&cid=897218422.1689629592&jid=439955325&gjid=1170983549&_gid=2091851071.1689629593&_u=YADAAUABAAAAACAAI~&z=419737486
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c02::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://icfesgovco.free.bg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 17 Jul 2023 21:33:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://icfesgovco.free.bg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
id
googleads.g.doubleclick.net/pagead/ Frame BE6A
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B
XHR
General
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/PiXXfiUh-QU
Protocol
H3
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
339d7bd40316255fec41c9ce9ab86da575c01f9e0776b6d10afa3973f7d6f99d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 21:33:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 17 Jul 2023 21:33:12 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame BE6A
29 B
495 B
Script
General
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4cc5d082/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 21:29:04 GMT
x-content-type-options
nosniff
age
248
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 17 Jul 2023 21:44:04 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame
0
0
Preflight
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Mon, 17 Jul 2023 21:33:12 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame BE6A
67 KB
31 KB
XHR
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4cc5d082/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
866c112c6af0e2522361bb6118ff914e6a6f3330c8718c97b4b5297218b21a93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Mon, 17 Jul 2023 21:33:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31677
x-xss-protection
0
remote.js
www.youtube.com/s/player/4cc5d082/player_ias.vflset/de_DE/ Frame BE6A
116 KB
33 KB
Script
General
Full URL
https://www.youtube.com/s/player/4cc5d082/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4cc5d082/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
152ea96453a755a75272226474d70fb1600b59412ba14bdd56159d924610958c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/PiXXfiUh-QU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 08:00:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
480760
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33612
x-xss-protection
0
last-modified
Wed, 12 Jul 2023 02:37:44 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 11 Jul 2024 08:00:32 GMT
V7JOy9E5LPAmHC4-uXpPG1TUC0v77ajXJMI6Ew5elJ8.js
www.google.com/js/th/ Frame BE6A
37 KB
15 KB
Script
General
Full URL
https://www.google.com/js/th/V7JOy9E5LPAmHC4-uXpPG1TUC0v77ajXJMI6Ew5elJ8.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4cc5d082/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
57b24ecbd1392cf0261c2e3eb97a4f1b54d40b4bfbeda8d724c23a130e5e949f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 14:32:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
25233
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14661
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 15:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 16 Jul 2024 14:32:39 GMT
sddefault.jpg
i.ytimg.com/vi/PiXXfiUh-QU/ Frame BE6A
63 KB
64 KB
Image
General
Full URL
https://i.ytimg.com/vi/PiXXfiUh-QU/sddefault.jpg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/PiXXfiUh-QU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd14bf53528ee6ca1798accf7452f38cc8f8e130cc33d3eb35aa0a81f0e487a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 20:22:50 GMT
x-content-type-options
nosniff
age
4222
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64948
x-xss-protection
0
server
sffe
etag
"1643894759"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 17 Jul 2023 22:22:50 GMT
embed.js
www.youtube.com/s/player/4cc5d082/player_ias.vflset/de_DE/ Frame BE6A
28 KB
8 KB
Script
General
Full URL
https://www.youtube.com/s/player/4cc5d082/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4cc5d082/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28e886129a96348ffb4eea9d16c79431b4e6ea3f00dca8d3ce89fecee03aaaff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/PiXXfiUh-QU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 08:00:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
480760
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8166
x-xss-protection
0
last-modified
Wed, 12 Jul 2023 02:37:44 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 11 Jul 2024 08:00:32 GMT
truncated
/ Frame BE6A
175 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
AOPolaQcoCzFnkte_c7gmbiuQc4MytAkMMvPfEtgyydadA=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame BE6A
5 KB
5 KB
Image
General
Full URL
https://yt3.ggpht.com/ytc/AOPolaQcoCzFnkte_c7gmbiuQc4MytAkMMvPfEtgyydadA=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/PiXXfiUh-QU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
1fdcd34d6031cb43b500b1d292981ae2454f34b01a997ac81a40921e0167441d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 20:42:11 GMT
x-content-type-options
nosniff
age
3061
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4930
x-xss-protection
0
server
fife
etag
"vc0"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 18 Jul 2023 20:42:11 GMT
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame BE6A
90 B
134 B
XHR
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4cc5d082/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a3412978c84b5120f6e4862062755f51fbb7ca606b84339064a37a605b2d4ea6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Mon, 17 Jul 2023 21:33:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame
0
0
Preflight
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Mon, 17 Jul 2023 21:33:13 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/
15 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230713&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6890287250975679&plah=icfesgovco.free.bg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ff310b47a1db9db0c1fe9b46c5b7864dc6181ba38f09bd360faf99fd76d127bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://icfesgovco.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 21:33:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11901
x-xss-protection
0
generate_204
www.youtube.com/ Frame BE6A
0
10 B
Image
General
Full URL
https://www.youtube.com/generate_204?xKxSog
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/PiXXfiUh-QU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 21:33:13 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame BE6A
4 KB
2 KB
Script
General
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4cc5d082/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 21:33:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 17 Jul 2023 21:33:13 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6890287250975679&plah=icfesgovco.free.bg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://icfesgovco.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 21:33:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 17 Jul 2023 21:33:13 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 44FE
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://icfesgovco.free.bg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
903
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 17 Jul 2023 21:18:10 GMT
expires
Tue, 16 Jul 2024 21:18:10 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C389
783 B
962 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
24a0195140b4c11d4b95a5479a54aba7eca3591868309e8c1b161d5b4a2dff78
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-PJXXHtpHXWHp8F-IhU1wfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://icfesgovco.free.bg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-PJXXHtpHXWHp8F-IhU1wfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 17 Jul 2023 21:33:13 GMT
expires
Mon, 17 Jul 2023 21:33:13 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
z4IayZfX88ZX2_EYt94GdYIPN7RJq1GGqWNWESymoNs.js
pagead2.googlesyndication.com/bg/ Frame 44FE
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/z4IayZfX88ZX2_EYt94GdYIPN7RJq1GGqWNWESymoNs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf821ac997d7f3c657dbf118b7de0675820f37b449ab5186a96356112ca6a0db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 14:21:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
371498
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14789
x-xss-protection
0
last-modified
Mon, 03 Jul 2023 10:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 12 Jul 2024 14:21:35 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C389
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230713&jk=3652993020388291&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame 44FE
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?9QxTwQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 21:33:13 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230713&jk=3652993020388291&bg=!SEulSx_NAAa3SiIRl0o7ADkAdvg8Wv8b4xyoq3SR4rA10zqHgYNhPMFKzttdL8AexR6O3Nf2GWWa1BJ2XTk2512mNIjb_DW8QbACAAAAgVIAAAAYaAEHCgDT9dP0IdAIC2DkEuL2Y0CQdgtq-Nw3VCmovb6kRZHAAh6xMY7vx8e5n2nQ-6w8pgju4QTDaSY-QgzTAQ7X1tLuWVjgRqivuzO2e-qYG9XXhAoEb5srBVivmOyCuztNhjbv77nVv9mTbwZgoDghQ6JtlF-GSEo6MdsyJBN4Wm7fyeDvdcx0KTevCICCbmctT4eHshIpj2jw12hCXRrBTUJSrP5Iws2vBR_ysXmgFsYMr_pPKWtdQyd_2uzOIWz5TBQMwDpVsvIgPAPL7bcwm2FdcGHDJpkCsXQ0CjvLaPdKJTCDF6_XxK3yBTuB5FRdRePHMJN52X0WBDOgbwDIAoIKClEoceU6aw8Lto8J37FdtVTSVRQBd--1kbCfOu0i8ExCYY8gmmCWtlbgTUXEgFP2Rn8C8h39QWYZZoYVXkf5hICPzPleI5bQ7AXnoSjiHF_DuICjLbuRWj0pn-F_WCJ93B8heHxf2A4dyXCpSaUITjUkodm9bWLdyS5LIg863Zaz05TvG_vD7VK4u9-ghzPGFngO9EC88svPnlp6GQgTG5Duzs1dPyYdBA_ZGsNwrfLTpGxDKeTSLf_0yCvK78FsBNM0hekZvZet85GsKh30BTkatyLfOtnStPxspJNkBtj0MOr64L2RrrDS_9JaZYBFjOKOECbsohp8jIgaCg40etC1ZkzZyxK4h_mWsj-yfMHxtViDNMwfd7f-PKZuzgriKeSQ5-snY6dWAxFdnnSwHAFlEciAGYtEvi74Yn-Akc_2H9ZwUXWcJ-cP-n_O3Qp4V3GXCeHL05LLbjvBlke5SHzl0Fl2rNN_oLEqwqrGyuvizsePs-2EhxSRgpcxXqwVwjJB1wzrYFlujFhO1GS_FlYLupVJkMz4ujJ8rvZY91GP-N4IkHwQb7r87_6gHzNRBFNZU5KvBoXm7aBKm7dfEhu4zuTk62YtgYZyv3zGOS_nFtZYDzEGmOgqDUaPxlsBfC4IBtPvL8d1r_k4v-UWsqjN9mTlHmDXL3YuYJm1Cea2TOHHZHlAPzMXwSHLVgF_YOJnoooMSJmBYy9dimNsp3iC4sQGvX0WRN3wePwjzkrD25pOXUL0w3jWT8R2MTy5RxlznCE1lOgowcOoUU4Q-hj64EBWqoLcViXRmYEBtL1y_L-UaRH0mdSNAhjFpZDZWD9yosAEeuZLFRnyakbyRVGbWd_g0QMe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://icfesgovco.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

log_event
www.youtube.com/youtubei/v1/ Frame BE6A
28 B
54 B
XHR
General
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4cc5d082/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
X-Goog-Request-Time
1689629594770
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/PiXXfiUh-QU
X-YouTube-Client-Version
1.20230711.01.01
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtQclI2SkxfVG15OCiY59alBg%3D%3D
X-YouTube-Ad-Signals
dt=1689629592643&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date
Mon, 17 Jul 2023 21:33:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
expires
Mon, 17 Jul 2023 21:33:14 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
slotcatalog.com
URL
https://slotcatalog.com/userfiles/image/games/High-5-Games/6336/Gypsy-1_s.jpg
Domain
slotcatalog.com
URL
https://slotcatalog.com/userfiles/image/games/Betsoft/903/Gypsy-Rose-1_s.jpg

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 boolean| credentialless object| onbeforetoggle object| onscrollend string| keyword object| _0xdfb0 object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots number| google_rum_task_id_counter function| google_spfd number| google_unique_id object| google_sv_map function| $ function| jQuery function| gtag object| dataLayer object| google_tag_manager object| google_tag_data object| googletag function| onYouTubeIframeAPIReady object| gaGlobal string| GoogleAnalyticsObject function| ga function| google_sa_impl boolean| _gfp_p_ function| processGoogleToken object| googleToken object| googleIMState number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| gaplugins object| gaData object| GoogleGcLKhOms object| google_image_requests

12 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: TTaUteZKhLU
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: PrR6JL_Tmy8
.free.bg/ Name: _ga_WKKLPLJP3V
Value: GS1.1.1689629592.1.0.1689629592.60.0.0
.free.bg/ Name: _ga_B29892VMGP
Value: GS1.1.1689629592.1.0.1689629592.60.0.0
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.free.bg/ Name: _ga
Value: GA1.2.897218422.1689629592
.free.bg/ Name: _gid
Value: GA1.2.2091851071.1689629593
.free.bg/ Name: _gat_gtag_UA_162690612_1
Value: 1
.free.bg/ Name: _gat_gtag_UA_96521599_1
Value: 1
.free.bg/ Name: _gat_gtag_UA_199856617_1
Value: 1
.free.bg/ Name: __gads
Value: ID=2cbbea990dc04641-22bc37b7bce20019:T=1689629592:RT=1689629592:S=ALNI_MbECjxbOLkwzzI1_xTU0RQhrHIQRg
.free.bg/ Name: __gpi
Value: UID=00000c3eb945d21a:T=1689629592:RT=1689629592:S=ALNI_MZ5j7hQPtqJju7Gf5iD3UsuKTeSGg

6 Console Messages

Source Level URL
Text
javascript warning
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://91.215.152.128/bronline?default_keyword=Slots+gratis+sem+download+Gypsy+Rose, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://91.215.152.128/bronline?default_keyword=Slots+gratis+sem+download+Gypsy+Rose, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://slotcatalog.com/userfiles/image/games/Betsoft/903/Gypsy-Rose-1_s.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://slotcatalog.com/userfiles/image/games/High-5-Games/6336/Gypsy-1_s.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890287250975679&output=html&adk=1812271804&adf=3025194257&lmt=1689198362&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=http%3A%2F%2Ficfesgovco.free.bg%2Fdinheiro-real%2Fpage-598-2024-03-06.html&ea=0&pra=5&wgl=1&dt=1689629591914&bpp=129&bdt=156&idt=501&shv=r20230713&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3434636803684&frm=20&pv=2&ga_vid=897218422.1689629592&ga_sid=1689629592&ga_hid=691827950&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31075813%2C31075951%2C31076087%2C31076160%2C44788441%2C44796476&oid=2&pvsid=3652993020388291&tmod=1806191461&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=554
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
ajax.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
icfesgovco.free.bg
jnn-pa.googleapis.com
pagead2.googlesyndication.com
partner.googleadservices.com
region1.analytics.google.com
s7.addthis.com
slotcatalog.com
slotsspot.com
static.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.foxcasino.gr
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.mobileslots.co
www.roseslots.com
www.youtube.com
yt3.ggpht.com
slotcatalog.com
104.21.10.82
188.114.97.3
2001:4860:4802:34::36
23.206.208.114
2606:4700:20::681a:b4e
2a00:1450:4001:800::2001
2a00:1450:4001:801::2003
2a00:1450:4001:802::2006
2a00:1450:4001:803::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:810::200a
2a00:1450:4001:811::200e
2a00:1450:4001:813::2002
2a00:1450:4001:829::2004
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:82b::2016
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2003
2a00:1450:400c:c02::9c
80.85.84.176
91.215.152.128
94.130.71.117
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
02924cf612e83afb41af87a23ba4dce38bcdca28f9b7992f2dee9f5b78378962
0adef51d56e6e27f1a09e6633ba862547358d7db59151a9377f442ea5a0405d3
0ae5586d9890485b7d9cddaad714e8df68cb7abfd679402458149db9f38fdc42
0b75bbf2b24e0d817eb939f0d5746efd31648e142db49364c185febbca6473db
0d5a66108e08970204b87d243572997c3464c1b31dccf4dee29014b1c2c0ad49
152ea96453a755a75272226474d70fb1600b59412ba14bdd56159d924610958c
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1fdcd34d6031cb43b500b1d292981ae2454f34b01a997ac81a40921e0167441d
20c2f0579cc25ebc1abd6ad10b1bc912b28451c9f2258c8b7d8b996577982be0
22bb9c4268b81f3b343d3620969b7c4a5fafd1c5171cfecb4343affe5313d537
24a0195140b4c11d4b95a5479a54aba7eca3591868309e8c1b161d5b4a2dff78
28e886129a96348ffb4eea9d16c79431b4e6ea3f00dca8d3ce89fecee03aaaff
339d7bd40316255fec41c9ce9ab86da575c01f9e0776b6d10afa3973f7d6f99d
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
423b510b3828d3e87a873134a3bc8ef45e45a0c0cc51b23f24c261b512e97d0d
45ecbafbe542ce6c55a7826cb6371f4663ff7f2131ea229efa8d650272124a0f
4a3d55d5382139da20f3fe217a9908ff703fd6532067f2ef0b17fc8dc0edb58a
4aab6e7479fd508f7e22a26b81515d83d239dd588e9c51dc6cecbf9813f36459
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57b24ecbd1392cf0261c2e3eb97a4f1b54d40b4bfbeda8d724c23a130e5e949f
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5d3adb075a9b515d6b26accec9cae54feb6dc81b6cd9428a50e534a483b74d77
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63cb86878e6998e81021051d59d1741f8e141b4e08cfb512d8ed167a0c01813f
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
77d6cef356868f46018abf1911b049186a3e4ca73b0f0cadf48033694324948c
7a60d6f3bf8e39e049dd879902286891af76e089e4fdd97dca4b2484adc4a65f
866c112c6af0e2522361bb6118ff914e6a6f3330c8718c97b4b5297218b21a93
8a17815050f6ce74831a127068609d215fc81d6580def780351abfce10d01f87
a3412978c84b5120f6e4862062755f51fbb7ca606b84339064a37a605b2d4ea6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a74eb65b419278bdf1d49884e991f2c927cfccf4d2f9d430599b9390edb2d8b1
ac2192b2de15c696c8b98f62a2ccdbcdf705195604b304078039e88e7fd2df7f
ac8177161c3038b07597ec544de3c00f46e1a0aa6b4b4c045ff0495553cc5069
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
cd14bf53528ee6ca1798accf7452f38cc8f8e130cc33d3eb35aa0a81f0e487a1
cf821ac997d7f3c657dbf118b7de0675820f37b449ab5186a96356112ca6a0db
d61b1d4e40c7a118d26e9b17ecbcef740912dcde9ed667826816938d782ef921
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dac6f62765272708d5dc592e0e41a7b01d52a6c94cab5352d1bf39f897ab6f91
dd2f9e0bd1d1f2b1e702cbdce89bad0cfab33279d95c90acb09accd2b86e63c8
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de90b8db133841ab22c95e57687dde9f35523ec13139a3d3a113561da44c5e9b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec513e87eaa9796c1d8fe13637a74a7ae8dc6132a1725e73f4c30287a0b0935a
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
f951977860eb386e58a15bd953723c8fe674c2653531032f3700588c7adca395
faedcbd7f3ef05c4132f59eda5d9c4656153821df1fb9e4912c6d8c41ef2a71a
fd37131b5367f27bc08e516c96c4156a796ead84715a3207092a260239271481
ff310b47a1db9db0c1fe9b46c5b7864dc6181ba38f09bd360faf99fd76d127bc