urlscan.io logo urlscan.io
SecurityTrails logo

doncafedgbyegcom.free.bg Open in urlscan Pro
94.130.71.117  Public Scan

Go To Rescan Add Verdict Report
URL: http://doncafedgbyegcom.free.bg/dinheiro-real/page-362-2024-02-06.html
Submission: On July 16 via manual from IT — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 30 IPs in 5 countries across 23 domains to perform 69 HTTP transactions. The main IP is 94.130.71.117, located in Hoppegarten, Germany and belongs to HETZNER-AS, DE. The main domain is doncafedgbyegcom.free.bg.
This is the only time doncafedgbyegcom.free.bg was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 94.130.71.117 24940 (HETZNER-AS)
6 172.217.18.98 15169 (GOOGLE)
1 172.67.206.9 13335 (CLOUDFLAR...)
1 2 185.4.176.99 35425 (BYTEMARK-AS)
1 142.250.185.193 15169 (GOOGLE)
2 142.250.181.246 15169 (GOOGLE)
1 172.66.42.211 13335 (CLOUDFLAR...)
1 72.167.127.73 398101 (GO-DADDY-...)
1 104.26.9.22 13335 (CLOUDFLAR...)
1 23.94.139.174 36352 (AS-COLOCR...)
1 1 45.56.114.149 63949 (AKAMAI-LI...)
1 192.155.94.63 63949 (AKAMAI-LI...)
5 172.217.18.1 15169 (GOOGLE)
1 142.250.186.170 15169 (GOOGLE)
1 2 2.19.224.115 16625 (AKAMAI-AS)
5 142.250.186.168 15169 (GOOGLE)
1 91.215.152.128 59729 (ITL-BG)
1 4 172.217.18.2 15169 (GOOGLE)
9 172.217.18.14 15169 (GOOGLE)
2 142.250.184.227 15169 (GOOGLE)
1 172.217.16.194 15169 (GOOGLE)
1 142.250.186.66 15169 (GOOGLE)
2 216.239.34.36 15169 (GOOGLE)
4 173.194.76.156 15169 (GOOGLE)
2 142.250.184.195 15169 (GOOGLE)
4 142.250.185.206 15169 (GOOGLE)
1 216.58.212.166 15169 (GOOGLE)
4 172.217.18.10 15169 (GOOGLE)
2 172.217.18.4 15169 (GOOGLE)
1 142.250.186.163 15169 (GOOGLE)
69 30
4    94.130.71.117 (Hoppegarten, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: free.bg
doncafedgbyegcom.free.bg
6    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net
pagead2.googlesyndication.com
1    172.67.206.9 (United States)

ASN13335 (CLOUDFLARENET, US)
playslotscasinos.com
2    185.4.176.99 (United Kingdom)

ASN35425 (BYTEMARK-AS, GB)
www.freecasino.se
1    142.250.185.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f1.1e100.net
2.bp.blogspot.com
2    142.250.181.246 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f22.1e100.net
i.ytimg.com
1    172.66.42.211 (United States)

ASN13335 (CLOUDFLARENET, US)
www.gamblerspick.com
1    72.167.127.73 (Ashburn, United States)

ASN398101 (GO-DADDY-COM-LLC, US)
PTR: 73.127.167.72.host.secureserver.net
www.onlineslots4u.com
1    104.26.9.22 (None, )

ASN13335 (CLOUDFLARENET, US)
image.winudf.com
1    23.94.139.174 (United States)

ASN36352 (AS-COLOCROSSING, US)
PTR: 23-94-139-174-host.colocrossing.com
mareerice.com
1    45.56.114.149 (Atlanta, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: ln1.fullquality.net
goodcasinos.org
1    192.155.94.63 (Atlanta, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: ln3.fullquality.net
www.fullquality.com
5    172.217.18.1 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f1.1e100.net
1.bp.blogspot.com
yt3.ggpht.com
tpc.googlesyndication.com
1    142.250.186.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f10.1e100.net
ajax.googleapis.com
2    2.19.224.115 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-224-115.deploy.static.akamaitechnologies.com
s7.addthis.com
5    142.250.186.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f8.1e100.net
www.googletagmanager.com
1    91.215.152.128 (Sofia, Bulgaria)

ASN59729 (ITL-BG, UA)
PTR: live7101.vds
91.215.152.128
4    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net
googleads.g.doubleclick.net
9    172.217.18.14 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f14.1e100.net
www.youtube.com
2    142.250.184.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net
fonts.gstatic.com
1    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net
partner.googleadservices.com
1    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
adservice.google.com
2    216.239.34.36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
4    173.194.76.156 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f156.1e100.net
stats.g.doubleclick.net
2    142.250.184.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f3.1e100.net
www.google.it
4    142.250.185.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f14.1e100.net
www.google-analytics.com
1    216.58.212.166 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f166.1e100.net
static.doubleclick.net
4    172.217.18.10 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f10.1e100.net
jnn-pa.googleapis.com
2    172.217.18.4 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f4.1e100.net
www.google.com
1    142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net
www.gstatic.com
Apex Domain
Subdomains		 Transfer
9 youtube.com
www.youtube.com — Cisco Umbrella Rank: 91
960 KB
9 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 57
stats.g.doubleclick.net — Cisco Umbrella Rank: 130
static.doubleclick.net — Cisco Umbrella Rank: 348
6 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 135
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
210 KB
5 google.com
adservice.google.com — Cisco Umbrella Rank: 113
region1.analytics.google.com — Cisco Umbrella Rank: 2556
www.google.com — Cisco Umbrella Rank: 10
17 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
350 KB
5 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 433
jnn-pa.googleapis.com — Cisco Umbrella Rank: 289
65 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 63
21 KB
4 free.bg
doncafedgbyegcom.free.bg
137 KB
3 gstatic.com
fonts.gstatic.com
www.gstatic.com
33 KB
2 google.it
www.google.it — Cisco Umbrella Rank: 18987
515 B
2 addthis.com
s7.addthis.com — Cisco Umbrella Rank: 2484
627 B
2 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 126
189 KB
2 blogspot.com
2.bp.blogspot.com — Cisco Umbrella Rank: 14952
1.bp.blogspot.com — Cisco Umbrella Rank: 11575
267 KB
2 freecasino.se
www.freecasino.se
38 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 236
6 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1129
598 B
1 fullquality.com
www.fullquality.com
47 KB
1 goodcasinos.org
goodcasinos.org
323 B
1 mareerice.com
mareerice.com
137 KB
1 winudf.com
image.winudf.com — Cisco Umbrella Rank: 57361
658 KB
1 onlineslots4u.com
www.onlineslots4u.com
137 KB
1 gamblerspick.com
www.gamblerspick.com
292 KB
1 playslotscasinos.com
playslotscasinos.com
139 KB
69 23
Domain Requested by
9 www.youtube.com doncafedgbyegcom.free.bg
www.youtube.com
6 pagead2.googlesyndication.com doncafedgbyegcom.free.bg
pagead2.googlesyndication.com
tpc.googlesyndication.com
5 www.googletagmanager.com doncafedgbyegcom.free.bg
4 jnn-pa.googleapis.com www.youtube.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
4 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
www.youtube.com
4 doncafedgbyegcom.free.bg doncafedgbyegcom.free.bg
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 www.google.com www.youtube.com
tpc.googlesyndication.com
2 www.google.it doncafedgbyegcom.free.bg
2 region1.analytics.google.com www.googletagmanager.com
2 fonts.gstatic.com www.youtube.com
2 s7.addthis.com 1 redirects doncafedgbyegcom.free.bg
2 i.ytimg.com doncafedgbyegcom.free.bg
www.youtube.com
2 www.freecasino.se 1 redirects doncafedgbyegcom.free.bg
1 www.gstatic.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 adservice.google.com pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 ajax.googleapis.com doncafedgbyegcom.free.bg
1 1.bp.blogspot.com doncafedgbyegcom.free.bg
1 www.fullquality.com doncafedgbyegcom.free.bg
1 goodcasinos.org 1 redirects
1 mareerice.com doncafedgbyegcom.free.bg
1 image.winudf.com doncafedgbyegcom.free.bg
1 www.onlineslots4u.com doncafedgbyegcom.free.bg
1 www.gamblerspick.com doncafedgbyegcom.free.bg
1 2.bp.blogspot.com doncafedgbyegcom.free.bg
1 playslotscasinos.com doncafedgbyegcom.free.bg
69 31

This site contains links to these domains. Also see Links.

Domain
www.google.com
3tc1-jogosdecassino.somee.com
Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-11-20 -
2023-11-20		 a year crt.sh
winudf.com
GTS CA 1P5		 2023-06-14 -
2023-09-12		 3 months crt.sh
mareerice.com
R3		 2023-06-02 -
2023-08-31		 3 months crt.sh
misc-sni.blogspot.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.google.it
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh

This page contains 6 frames:

Primary Page: http://doncafedgbyegcom.free.bg/dinheiro-real/page-362-2024-02-06.html
Frame ID: BEEACB8242CFF05089540E083C8CDFB6
Requests: 41 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20190131/zrt_lookup.html
Frame ID: 204E33C85F9D1F51E42A1276DBEC54EC
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/d3pDyG5Fmyk
Frame ID: 1CF88A5F322E54296A4DA7D9419EB5D0
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890287250975679&output=html&adk=1812271804&adf=3025194257&lmt=1689189412&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=http%3A%2F%2Fdoncafedgbyegcom.free.bg%2Fdinheiro-real%2Fpage-362-2024-02-06.html&ea=0&pra=5&wgl=1&dt=1689465622379&bpp=99&bdt=303&idt=396&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5403732964696&frm=20&pv=2&ga_vid=299970117.1689465623&ga_sid=1689465623&ga_hid=973270996&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42532314%2C44788442&oid=2&pvsid=2135736929548745&tmod=1483850760&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=421
Frame ID: 7A444FAED7EDCE637F5FD0884AFD0018
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F42F06FEC933C4A7D9A64F6F27CB5B12
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8D86AC353AFCA2CFCAEE43A970FE01A3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

🥇 Jogos De Slots Online Big Money Bigfoot | Big money bigfoot - Demo Slot Online

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • addthis\.com/js/
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

69
Requests

83 %
HTTPS

0 %
IPv6

23
Domains

31
Subdomains

30
IPs

5
Countries

3709 kB
Transfer

7186 kB
Size

12
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • http://www.freecasino.se/images/slots/the-legend-of-big-foot-slot-screen.jpg HTTP 301
  • https://www.freecasino.se/images/slots/the-legend-of-big-foot-slot-screen.jpg
Request Chain 11
  • https://goodcasinos.org/wp-content/uploads/2018/11/BigBigfoot2.jpg HTTP 302
  • http://www.fullquality.com/stop-hotlink.jpg
Request Chain 14
  • http://s7.addthis.com/js/300/addthis_widget.js HTTP 308
  • https://s7.addthis.com/js/300/addthis_widget.js
Request Chain 41
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

69 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request page-362-2024-02-06.html
doncafedgbyegcom.free.bg/dinheiro-real/ 		31 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://doncafedgbyegcom.free.bg/dinheiro-real/page-362-2024-02-06.html
Protocol
HTTP/1.1
Server
94.130.71.117 Hoppegarten, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
free.bg
Software
nginx /
Resource Hash
594c3ed6d5d491b86cf697b016dda7680fa03b73a8bc7f101521577ada7e00db
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sun, 16 Jul 2023 00:00:22 GMT
ETag
W/"64aefc24-7a2d"
Expires
Sun, 16 Jul 2023 00:00:21 GMT
Last-Modified
Wed, 12 Jul 2023 19:16:52 GMT
Server
nginx
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
bootstrap.min.css
doncafedgbyegcom.free.bg/css/ 		119 KB
120 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://doncafedgbyegcom.free.bg/css/bootstrap.min.css
Requested by
Host: doncafedgbyegcom.free.bg
URL: http://doncafedgbyegcom.free.bg/dinheiro-real/page-362-2024-02-06.html
Protocol
HTTP/1.1
Server
94.130.71.117 Hoppegarten, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
free.bg
Software
nginx /
Resource Hash
77d6cef356868f46018abf1911b049186a3e4ca73b0f0cadf48033694324948c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://doncafedgbyegcom.free.bg/dinheiro-real/page-362-2024-02-06.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Sun, 16 Jul 2023 00:00:22 GMT
Last-Modified
Wed, 12 Jul 2023 19:16:06 GMT
Server
nginx
ETag
"64aefbf6-1dd48"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
122184
Expires
Sun, 16 Jul 2023 00:00:21 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6890287250975679
Requested by
Host: doncafedgbyegcom.free.bg
URL: http://doncafedgbyegcom.free.bg/dinheiro-real/page-362-2024-02-06.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
cbd154314fc7c8ea487c670d8680c2cd8bddc16612d005bc77950f4820d79716
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://doncafedgbyegcom.free.bg/
Origin
http://doncafedgbyegcom.free.bg
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 00:00:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50470
x-xss-protection
0
server
cafe
etag
13097895690390262188
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 16 Jul 2023 00:00:22 GMT
qwertymin.js
doncafedgbyegcom.free.bg/css/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://doncafedgbyegcom.free.bg/css/qwertymin.js
Requested by
Host: doncafedgbyegcom.free.bg
URL: http://doncafedgbyegcom.free.bg/dinheiro-real/page-362-2024-02-06.html
Protocol
HTTP/1.1
Server
94.130.71.117 Hoppegarten, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
free.bg
Software
nginx /
Resource Hash
0ae5586d9890485b7d9cddaad714e8df68cb7abfd679402458149db9f38fdc42
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://doncafedgbyegcom.free.bg/dinheiro-real/page-362-2024-02-06.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Sun, 16 Jul 2023 00:00:22 GMT
Last-Modified
Wed, 12 Jul 2023 19:16:04 GMT
Server
nginx
ETag
"64aefbf4-555"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1365
Expires
Sun, 16 Jul 2023 00:00:21 GMT
bigfoot.jpg
playslotscasinos.com/assets/images/platforms/microgaming/bigfoot/ 		138 KB
139 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://playslotscasinos.com/assets/images/platforms/microgaming/bigfoot/bigfoot.jpg
Requested by
Host: doncafedgbyegcom.free.bg
URL: http://doncafedgbyegcom.free.bg/dinheiro-real/page-362-2024-02-06.html
Protocol
HTTP/1.1
Server
172.67.206.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46c15393e3f460df861746528fbe7dae447466a3eb73bed7df01eb382624f5f3

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://doncafedgbyegcom.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Sun, 16 Jul 2023 00:00:22 GMT
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Content-Length
141579
Pragma
public
Last-Modified
Sun, 05 Dec 2021 22:34:19 GMT
Server
cloudflare
ETag
"61ad3e6b-2290b"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DcTzusbcVBaeMzu97BZp5rvSUwoFpa95P4Vgt5UuChLcc6VsF6ojjE%2B69h1BT8IfDrah1%2BJyDPcwJDnU3rOb4tKFw2IQUreIjPDxSXYiXQaUU3Qbu4Q7BBkN0CmeZsOcAkNYQaA2GQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
7e75f6ecc8460e95-MXP
Expires
Sun, 17 Mar 2024 00:00:22 GMT
the-legend-of-big-foot-slot-screen.jpg
www.freecasino.se/images/slots/
Redirect Chain
  • http://www.freecasino.se/images/slots/the-legend-of-big-foot-slot-screen.jpg
  • https://www.freecasino.se/images/slots/the-legend-of-big-foot-slot-screen.jpg
38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.freecasino.se/images/slots/the-legend-of-big-foot-slot-screen.jpg
Requested by
Host: doncafedgbyegcom.free.bg
URL: http://doncafedgbyegcom.free.bg/dinheiro-real/page-362-2024-02-06.html
Protocol
H2
Server
185.4.176.99 , United Kingdom, ASN35425 (BYTEMARK-AS, GB),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4dd9d846b4b8ea9eadc30783135aace31bbd4abd86cce73973ce95758ba12187

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://doncafedgbyegcom.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Sun, 16 Jul 2023 00:00:22 GMT
last-modified
Mon, 03 Apr 2023 17:56:00 GMT
server
Microsoft-IIS/10.0
etag
"3766d48c5566d91:0"
x-powered-by
ASP.NET
content-type
image/jpeg
accept-ranges
bytes
content-length
38848

Redirect headers

Location
https://www.freecasino.se/images/slots/the-legend-of-big-foot-slot-screen.jpg
X-Powered-By-Plesk
PleskWin
Date
Sun, 16 Jul 2023 00:00:22 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Length
200
Content-Type
text/html; charset=UTF-8
finding-bigfoot-game-01.jpg
2.bp.blogspot.com/-7o6xFQqW0hw/TvaOQW8swdI/AAAAAAAADFA/CLuXp_UWo2E/s1600/ 		197 KB
198 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://2.bp.blogspot.com/-7o6xFQqW0hw/TvaOQW8swdI/AAAAAAAADFA/CLuXp_UWo2E/s1600/finding-bigfoot-game-01.jpg
Requested by
Host: doncafedgbyegcom.free.bg
URL: http://doncafedgbyegcom.free.bg/dinheiro-real/page-362-2024-02-06.html
Protocol
HTTP/1.1
Server
142.250.185.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f1.1e100.net
Software
fife /
Resource Hash
a47298f1107e1f251189a86f28b145180840487859751cb87fb0bc7ee02f93dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://doncafedgbyegcom.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Sun, 16 Jul 2023 00:00:22 GMT
X-Content-Type-Options
nosniff
Server
fife
ETag
"vc50"
Vary
Origin
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
public, max-age=86400, no-transform
Content-Disposition
inline;filename="finding-bigfoot-game-01.jpg"
Timing-Allow-Origin
*
Content-Length
202046
X-XSS-Protection
0
Expires
Mon, 17 Jul 2023 00:00:22 GMT
maxresdefault.jpg
i.ytimg.com/vi/8ICJs4J5ZCk/ 		102 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/8ICJs4J5ZCk/maxresdefault.jpg
Requested by
Host: doncafedgbyegcom.free.bg
URL: http://doncafedgbyegcom.free.bg/dinheiro-real/page-362-2024-02-06.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.246 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f22.1e100.net
Software
sffe /
Resource Hash
e4d499b39dd3fb73af283d7473257e02b028a51205c5137dcc91a41366c52424
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://doncafedgbyegcom.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 00:00:22 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104175
x-xss-protection
0
server
sffe
etag
"1581898991"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 16 Jul 2023 02:00:22 GMT
bigf-s.jpg.7eef44a426c208f507146f075926a2bd.jpg
www.gamblerspick.com/uploads/monthly_2018_12/ 		291 KB
292 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gamblerspick.com/uploads/monthly_2018_12/bigf-s.jpg.7eef44a426c208f507146f075926a2bd.jpg
Requested by
Host: doncafedgbyegcom.free.bg
URL: http://doncafedgbyegcom.free.bg/dinheiro-real/page-362-2024-02-06.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.42.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b2e6a688aa59b2c6bebdd80fb994a2b78cf91d2c42180ed6a61d27460f4150
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://doncafedgbyegcom.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 00:00:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
298456
last-modified
Mon, 20 Jun 2022 10:46:08 GMT
server
cloudflare
etag
"48dd8-5e1decfc2ba66"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BnIKRuha%2BdtKis2txVZR2pPnCk5%2FRSHf%2BnWLtqY3Leu4jOSYror%2F26jQ%2B4PkxFS%2FBgWy9ZHhHqnHXE3lqO3qCT6QAIxiWU%2BtUT7NvKocCMHoEiPfBTck1xJydeUReNuNZoGV%2Byku"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7e75f6ed38c1fc95-FCO
expires
Sat, 22 Jul 2023 19:43:15 GMT
bigfoot-spin.gif
www.onlineslots4u.com/images/screens/partygaming/reels/ 		136 KB
137 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.onlineslots4u.com/images/screens/partygaming/reels/bigfoot-spin.gif
Requested by
Host: doncafedgbyegcom.free.bg
URL: http://doncafedgbyegcom.free.bg/dinheiro-real/page-362-2024-02-06.html
Protocol
HTTP/1.1
Server
72.167.127.73 Ashburn, United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
73.127.167.72.host.secureserver.net
Software
Apache /
Resource Hash
2274a9d795ca9e5fa6ced17c0c42b925de121147f74bab1eea0fcab22b05ad1e

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://doncafedgbyegcom.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Sun, 16 Jul 2023 00:00:22 GMT
Last-Modified
Thu, 17 Nov 2022 10:44:21 GMT
Server
Apache
ETag
"1762223-22108-5eda84592de25"
Upgrade
h2,h2c
Content-Type
image/gif
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
139528
screen-5.jpg
image.winudf.com/v2/image1/Y29tLm1vYmlsZWFtdXNlbWVudHMuQmlnTW9uZXlCdWdzU2xvdHNGUkVFX3NjcmVlbl81XzE1NDU5NjIyNTZfMDY0/ 		656 KB
658 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.winudf.com/v2/image1/Y29tLm1vYmlsZWFtdXNlbWVudHMuQmlnTW9uZXlCdWdzU2xvdHNGUkVFX3NjcmVlbl81XzE1NDU5NjIyNTZfMDY0/screen-5.jpg?fakeurl=1&type=.jpg
Requested by
Host: doncafedgbyegcom.free.bg
URL: http://doncafedgbyegcom.free.bg/dinheiro-real/page-362-2024-02-06.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.9.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90840b41440f9a56d485ce673197b8aa2a9175e53503a6c0e2ad5cc9d03a8083
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://doncafedgbyegcom.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 00:00:23 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
content-length
672107
server
cloudflare
etag
97c3ab15
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FrggzvuU%2Bo%2FJtUo%2FdOXsJFovtYmQE0xLv3iOgQ77CLnKVVM8M8wv%2BpybHmhPAPGA%2BAYnvetUKixpVoNjvhTvAtbQ72oDWxOkhIXxQPMrZvMnbmlMTkYaYVd0kedkJ28GmnY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7e75f6ed1cb10e9b-MXP
10-1.jpg
mareerice.com/wp-content/uploads/2020/12/ 		137 KB
137 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mareerice.com/wp-content/uploads/2020/12/10-1.jpg
Requested by
Host: doncafedgbyegcom.free.bg
URL: http://doncafedgbyegcom.free.bg/dinheiro-real/page-362-2024-02-06.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.94.139.174 , United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
23-94-139-174-host.colocrossing.com
Software
LiteSpeed /
Resource Hash
e2c1be8295f2a06a377749ad8bcd89c81308e3ee19bf3ef13d01a7ab731ce5eb

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://doncafedgbyegcom.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 00:00:23 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 05:38:24 GMT
server
LiteSpeed
transfer-encoding
chunked
vary
Accept-Encoding, User-Agent
content-type
image/jpeg
cache-control
max-age=2592000
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
expires
Tue, 15 Aug 2023 00:00:23 GMT
stop-hotlink.jpg
www.fullquality.com/
Redirect Chain
  • https://goodcasinos.org/wp-content/uploads/2018/11/BigBigfoot2.jpg
  • http://www.fullquality.com/stop-hotlink.jpg
46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.fullquality.com/stop-hotlink.jpg
Requested by
Host: doncafedgbyegcom.free.bg
URL: http://doncafedgbyegcom.free.bg/dinheiro-real/page-362-2024-02-06.html
Protocol
HTTP/1.1
Server
192.155.94.63 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
ln3.fullquality.net
Software
Apache/2.4.25 (Debian) /
Resource Hash
3b5132bcd0df94814fed8bfb7a2afbffdb7fbba214ec36853b95ac22d87d5db8

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://doncafedgbyegcom.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Sun, 16 Jul 2023 00:00:23 GMT
Last-Modified
Tue, 04 Dec 2018 17:08:05 GMT
Server
Apache/2.4.25 (Debian)
ETag
"b9c0-57c354f0e4740"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
47552

Redirect headers

Date
Sun, 16 Jul 2023 00:00:22 GMT
Server
Apache
Content-Type
text/html; charset=iso-8859-1
Location
http://www.fullquality.com/stop-hotlink.jpg
Cache-Control
max-age=172800
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
227
Expires
Tue, 18 Jul 2023 00:00:22 GMT
IMG_%25D9%25A2%25D9%25A0%25D9%25A1%25D9%25A9%25D9%25A0%25D9%25A8%25D9%25A2%25D9%25A6_%25D9%25A1%25D9%25A1%25D9%25A1%25D9%25A1%25D9%25A0%25D9%25A5%25D9%25A4%25D9%25A8%25D9%25A4.jpg
1.bp.blogspot.com/-oj5Vvwp2AVM/XWOway9p2AI/AAAAAAAAK04/K0keJA-Ku5Ac1CzZUC3yJZY5xiXiIXxCwCEwYBhgL/s1600/ 		68 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-oj5Vvwp2AVM/XWOway9p2AI/AAAAAAAAK04/K0keJA-Ku5Ac1CzZUC3yJZY5xiXiIXxCwCEwYBhgL/s1600/IMG_%25D9%25A2%25D9%25A0%25D9%25A1%25D9%25A9%25D9%25A0%25D9%25A8%25D9%25A2%25D9%25A6_%25D9%25A1%25D9%25A1%25D9%25A1%25D9%25A1%25D9%25A0%25D9%25A5%25D9%25A4%25D9%25A8%25D9%25A4.jpg
Requested by
Host: doncafedgbyegcom.free.bg
URL: http://doncafedgbyegcom.free.bg/dinheiro-real/page-362-2024-02-06.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f1.1e100.net
Software
fife /
Resource Hash
291fbabe780dd53fd62f0a5d2afebb46b673c32fc86fd633f9a8b3525c8bdd68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://doncafedgbyegcom.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 00:00:22 GMT
x-content-type-options
nosniff
server
fife
etag
"v2b52"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="IMG___________________.jpg";filename*=UTF-8''IMG_%D9%A2%D9%A0%D9%A1%D9%A9%D9%A0%D9%A8%D9%A2%D9%A6_%D9%A1%D9%A1%D9%A1%D9%A1%D9%A0%D9%A5%D9%A4%D9%A8%D9%A4.jpg
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69933
x-xss-protection
0
expires
Mon, 17 Jul 2023 00:00:22 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Requested by
Host: doncafedgbyegcom.free.bg
URL: http://doncafedgbyegcom.free.bg/dinheiro-real/page-362-2024-02-06.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f10.1e100.net
Software
sffe /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://doncafedgbyegcom.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 22:16:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6247
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33576
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 Jul 2024 22:16:15 GMT
addthis_widget.js
s7.addthis.com/js/300/
Redirect Chain
  • http://s7.addthis.com/js/300/addthis_widget.js
  • https://s7.addthis.com/js/300/addthis_widget.js
56 B
360 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: doncafedgbyegcom.free.bg
URL: http://doncafedgbyegcom.free.bg/dinheiro-real/page-362-2024-02-06.html
Protocol
H2
Server
2.19.224.115 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-224-115.deploy.static.akamaitechnologies.com
Software
Oracle API Gateway /
Resource Hash
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://doncafedgbyegcom.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 16 Jul 2023 00:00:22 GMT
server
Oracle API Gateway
opc-request-id
/72D0C13F2B107903A051951DB9C96702/E54876A3C9CAEBFB09D442A7B0F203D6
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
text/javascript
x-distribution
99
x-host
s7.addthis.com
content-length
76
x-xss-protection
1; mode=block

Redirect headers

Date
Sun, 16 Jul 2023 00:00:22 GMT
Server
nginx/1.15.8
X-Distribution
99
Content-Type
text/html
Location
https://s7.addthis.com/js/300/addthis_widget.js
X-Host
s7.addthis.com
Connection
keep-alive
Content-Length
171
js
www.googletagmanager.com/gtag/ 		262 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-WKKLPLJP3V
Requested by
Host: doncafedgbyegcom.free.bg
URL: http://doncafedgbyegcom.free.bg/dinheiro-real/page-362-2024-02-06.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
16f6b7ac2ef43cd97ce651479f097d3890bcb7593dabac2c484e9e4ae8d2faa3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://doncafedgbyegcom.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 00:00:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89611
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 16 Jul 2023 00:00:22 GMT
js
www.googletagmanager.com/gtag/ 		243 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-B29892VMGP
Requested by
Host: doncafedgbyegcom.free.bg
URL: http://doncafedgbyegcom.free.bg/dinheiro-real/page-362-2024-02-06.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
8f0f04c0318ef2403d0e4b1abfb5d642bb077d7c320dc28a4d47dd91e88ac810
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://doncafedgbyegcom.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 00:00:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85047
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 16 Jul 2023 00:00:22 GMT
js
www.googletagmanager.com/gtag/ 		162 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-96521599-1
Requested by
Host: doncafedgbyegcom.free.bg
URL: http://doncafedgbyegcom.free.bg/dinheiro-real/page-362-2024-02-06.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
ef250d88bdc3c15c989f8a648842c9917343596f336ab2cb87b5517575966d64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://doncafedgbyegcom.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 00:00:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
60921
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 16 Jul 2023 00:00:22 GMT
js
www.googletagmanager.com/gtag/ 		162 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-199856617-1
Requested by
Host: doncafedgbyegcom.free.bg
URL: http://doncafedgbyegcom.free.bg/dinheiro-real/page-362-2024-02-06.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
da734f9091cf9a9932c566d479592240cd6b6e3985a25787d331c9e7fb302642
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://doncafedgbyegcom.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 00:00:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
60959
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 16 Jul 2023 00:00:22 GMT
js
www.googletagmanager.com/gtag/ 		162 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-162690612-1
Requested by
Host: doncafedgbyegcom.free.bg
URL: http://doncafedgbyegcom.free.bg/dinheiro-real/page-362-2024-02-06.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
a664b9e67f35944e047de14369b28063aca767c8072d4bba6fb81c7caa1bd44b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://doncafedgbyegcom.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 00:00:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
60954
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 16 Jul 2023 00:00:22 GMT
bronline
91.215.152.128/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://91.215.152.128/bronline?default_keyword=Jogos+de+slots+online+Big+Money+Bigfoot
Requested by
Host: doncafedgbyegcom.free.bg
URL: http://doncafedgbyegcom.free.bg/dinheiro-real/page-362-2024-02-06.html
Protocol
HTTP/1.1
Server
91.215.152.128 Sofia, Bulgaria, ASN59729 (ITL-BG, UA),
Reverse DNS
live7101.vds
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://doncafedgbyegcom.free.bg/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/ 		356 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6890287250975679&plah=doncafedgbyegcom.free.bg
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6890287250975679
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
35b665f1bf705362cdbec940fadaf90130147ace201431518948cb19576946de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://doncafedgbyegcom.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 00:00:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125350
x-xss-protection
0
server
cafe
etag
7004597674277902835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 16 Jul 2023 00:00:22 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230711/r20190131/ Frame 204E 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230711/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6890287250975679
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://doncafedgbyegcom.free.bg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

age
19551
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4544
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 15 Jul 2023 18:34:31 GMT
etag
12368291122986407432
expires
Sat, 29 Jul 2023 18:34:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
d3pDyG5Fmyk
www.youtube.com/embed/ Frame 1CF8 		77 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/d3pDyG5Fmyk
Requested by
Host: doncafedgbyegcom.free.bg
URL: http://doncafedgbyegcom.free.bg/dinheiro-real/page-362-2024-02-06.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f14.1e100.net
Software
ESF /
Resource Hash
27c9d0d67bcf0afec7a21dc5051001999d34ac23b3dff0687db7ed3d16b3fecc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://doncafedgbyegcom.free.bg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-security-policy-report-only
base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';script-src 'report-sample' 'nonce-2MVF5O1IEIPYIBqIiDhMUg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline';report-uri /cspreport
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Sun, 16 Jul 2023 00:00:22 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=it for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
logo.jpg
doncafedgbyegcom.free.bg/css/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://doncafedgbyegcom.free.bg/css/logo.jpg
Requested by
Host: doncafedgbyegcom.free.bg
URL: http://doncafedgbyegcom.free.bg/dinheiro-real/page-362-2024-02-06.html
Protocol
HTTP/1.1
Server
94.130.71.117 Hoppegarten, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
free.bg
Software
nginx /
Resource Hash
de90b8db133841ab22c95e57687dde9f35523ec13139a3d3a113561da44c5e9b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://doncafedgbyegcom.free.bg/dinheiro-real/page-362-2024-02-06.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Sun, 16 Jul 2023 00:00:22 GMT
Last-Modified
Wed, 12 Jul 2023 19:16:04 GMT
Server
nginx
ETag
"64aefbf4-1a23"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6691
Expires
Sun, 16 Jul 2023 00:00:21 GMT
www-player.css
www.youtube.com/s/player/4cc5d082/ Frame 1CF8 		376 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4cc5d082/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/d3pDyG5Fmyk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f14.1e100.net
Software
sffe /
Resource Hash
20c2f0579cc25ebc1abd6ad10b1bc912b28451c9f2258c8b7d8b996577982be0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.youtube.com/embed/d3pDyG5Fmyk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 22:44:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
4546
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47953
x-xss-protection
0
last-modified
Wed, 12 Jul 2023 02:37:44 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 14 Jul 2024 22:44:36 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1CF8 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/d3pDyG5Fmyk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 00:54:58 GMT
x-content-type-options
nosniff
age
83124
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 Jul 2024 00:54:58 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1CF8 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/d3pDyG5Fmyk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 20:23:37 GMT
x-content-type-options
nosniff
age
358605
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Jul 2024 20:23:37 GMT
www-embed-player.js
www.youtube.com/s/player/4cc5d082/www-embed-player.vflset/ Frame 1CF8 		312 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4cc5d082/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/d3pDyG5Fmyk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f14.1e100.net
Software
sffe /
Resource Hash
4a3d55d5382139da20f3fe217a9908ff703fd6532067f2ef0b17fc8dc0edb58a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.youtube.com/embed/d3pDyG5Fmyk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 22:00:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
7188
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95779
x-xss-protection
0
last-modified
Wed, 12 Jul 2023 02:37:44 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 14 Jul 2024 22:00:34 GMT
base.js
www.youtube.com/s/player/4cc5d082/player_ias.vflset/it_IT/ Frame 1CF8 		2 MB
742 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4cc5d082/player_ias.vflset/it_IT/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/d3pDyG5Fmyk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f14.1e100.net
Software
sffe /
Resource Hash
8d61056780ec53d75a354b1aeb6b6c07e6cab70092fa70ff371a1e95e3ce2195
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.youtube.com/embed/d3pDyG5Fmyk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 08:06:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
316460
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
759558
x-xss-protection
0
last-modified
Wed, 12 Jul 2023 02:37:44 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 11 Jul 2024 08:06:02 GMT
fetch-polyfill.js
www.youtube.com/s/player/4cc5d082/fetch-polyfill.vflset/ Frame 1CF8 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4cc5d082/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/d3pDyG5Fmyk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f14.1e100.net
Software
sffe /
Resource Hash
ac8177161c3038b07597ec544de3c00f46e1a0aa6b4b4c045ff0495553cc5069
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.youtube.com/embed/d3pDyG5Fmyk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 22:54:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
3971
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2625
x-xss-protection
0
last-modified
Wed, 12 Jul 2023 02:37:44 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 14 Jul 2024 22:54:11 GMT
cookie.js
partner.googleadservices.com/gampad/ 		381 B
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=doncafedgbyegcom.free.bg&callback=_gfp_s_&client=ca-pub-6890287250975679
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6890287250975679&plah=doncafedgbyegcom.free.bg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
4d84316808ce87bdd589dd885aefa156dd40799f2537541a68bed4fb41832d1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://doncafedgbyegcom.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 00:00:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
246
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=doncafedgbyegcom.free.bg
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6890287250975679&plah=doncafedgbyegcom.free.bg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://doncafedgbyegcom.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 00:00:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7A44 		603 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890287250975679&output=html&adk=1812271804&adf=3025194257&lmt=1689189412&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=http%3A%2F%2Fdoncafedgbyegcom.free.bg%2Fdinheiro-real%2Fpage-362-2024-02-06.html&ea=0&pra=5&wgl=1&dt=1689465622379&bpp=99&bdt=303&idt=396&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5403732964696&frm=20&pv=2&ga_vid=299970117.1689465623&ga_sid=1689465623&ga_hid=973270996&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42532314%2C44788442&oid=2&pvsid=2135736929548745&tmod=1483850760&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=421
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6890287250975679&plah=doncafedgbyegcom.free.bg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://doncafedgbyegcom.free.bg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 16 Jul 2023 00:00:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.analytics.google.com/g/ 		0
260 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-WKKLPLJP3V&gtm=45je37c0&_p=973270996&_gaz=1&cid=299970117.1689465623&ul=en-us&sr=1600x1200&_s=1&sid=1689465623&sct=1&seg=0&dl=http%3A%2F%2Fdoncafedgbyegcom.free.bg%2Fdinheiro-real%2Fpage-362-2024-02-06.html&dt=%F0%9F%A5%87%20Jogos%20De%20Slots%20Online%20Big%20Money%20Bigfoot%20%7C%20Big%20money%20bigfoot%20-%20Demo%20Slot%20Online&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WKKLPLJP3V
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://doncafedgbyegcom.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 00:00:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://doncafedgbyegcom.free.bg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
260 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-WKKLPLJP3V&cid=299970117.1689465623&gtm=45je37c0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WKKLPLJP3V
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.76.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://doncafedgbyegcom.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 00:00:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://doncafedgbyegcom.free.bg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.it/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.it/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-WKKLPLJP3V&cid=299970117.1689465623&gtm=45je37c0&aip=1&z=880633276
Requested by
Host: doncafedgbyegcom.free.bg
URL: http://doncafedgbyegcom.free.bg/dinheiro-real/page-362-2024-02-06.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://doncafedgbyegcom.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 00:00:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-B29892VMGP&gtm=45je37c0&_p=973270996&_gaz=1&cid=299970117.1689465623&ul=en-us&sr=1600x1200&_s=1&sid=1689465623&sct=1&seg=0&dl=http%3A%2F%2Fdoncafedgbyegcom.free.bg%2Fdinheiro-real%2Fpage-362-2024-02-06.html&dt=%F0%9F%A5%87%20Jogos%20De%20Slots%20Online%20Big%20Money%20Bigfoot%20%7C%20Big%20money%20bigfoot%20-%20Demo%20Slot%20Online&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B29892VMGP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://doncafedgbyegcom.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 00:00:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://doncafedgbyegcom.free.bg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-B29892VMGP&cid=299970117.1689465623&gtm=45je37c0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B29892VMGP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.76.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://doncafedgbyegcom.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 00:00:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://doncafedgbyegcom.free.bg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.it/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.it/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-B29892VMGP&cid=299970117.1689465623&gtm=45je37c0&aip=1&z=514332889
Requested by
Host: doncafedgbyegcom.free.bg
URL: http://doncafedgbyegcom.free.bg/dinheiro-real/page-362-2024-02-06.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://doncafedgbyegcom.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 00:00:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-96521599-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://doncafedgbyegcom.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 15 Jul 2023 22:35:19 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
5104
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 16 Jul 2023 00:35:19 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 1CF8
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/d3pDyG5Fmyk
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
00abbfcd84d209c1d6892d1812a1ac4c43754932148adcbfadc95ce5b41f2193
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 00:00:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 16 Jul 2023 00:00:23 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 1CF8 		29 B
494 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4cc5d082/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f166.1e100.net
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 23:59:04 GMT
x-content-type-options
nosniff
age
79
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 16 Jul 2023 00:14:04 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f10.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sun, 16 Jul 2023 00:00:23 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 1CF8 		68 KB
32 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4cc5d082/player_ias.vflset/it_IT/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f10.1e100.net
Software
ESF /
Resource Hash
bda7d106e3c0bb4b1252bdfc825fe57d62de953afff8695367998bb509c88a07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sun, 16 Jul 2023 00:00:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32087
x-xss-protection
0
remote.js
www.youtube.com/s/player/4cc5d082/player_ias.vflset/it_IT/ Frame 1CF8 		116 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4cc5d082/player_ias.vflset/it_IT/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4cc5d082/player_ias.vflset/it_IT/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f14.1e100.net
Software
sffe /
Resource Hash
716a5e258ad8468eaab5e3e12c0eb0e123240bc3002ca441b0e61ba122e08bd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.youtube.com/embed/d3pDyG5Fmyk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 08:12:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
316078
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33572
x-xss-protection
0
last-modified
Wed, 12 Jul 2023 02:37:44 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 11 Jul 2024 08:12:25 GMT
rL43kvhtVfQZ9Jo2nKMlf8e4yf2ohUdnUaT63cNr6lg.js
www.google.com/js/th/ Frame 1CF8 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/rL43kvhtVfQZ9Jo2nKMlf8e4yf2ohUdnUaT63cNr6lg.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4cc5d082/player_ias.vflset/it_IT/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f4.1e100.net
Software
sffe /
Resource Hash
acbe3792f86d55f419f49a369ca3257fc7b8c9fda885476751a4faddc36bea58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 21:19:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
441681
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14720
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 15:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 09 Jul 2024 21:19:02 GMT
sddefault.jpg
i.ytimg.com/vi/d3pDyG5Fmyk/ Frame 1CF8 		87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/d3pDyG5Fmyk/sddefault.jpg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/d3pDyG5Fmyk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.246 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f22.1e100.net
Software
sffe /
Resource Hash
0146b5d03cf2936c26192b91dcc8e8bfbbe2dc6bf887a2f6fafef9cf8522b320
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 00:00:23 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
88710
x-xss-protection
0
server
sffe
etag
"1680875930"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 16 Jul 2023 02:00:23 GMT
embed.js
www.youtube.com/s/player/4cc5d082/player_ias.vflset/it_IT/ Frame 1CF8 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4cc5d082/player_ias.vflset/it_IT/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4cc5d082/player_ias.vflset/it_IT/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f14.1e100.net
Software
sffe /
Resource Hash
ef194ec22d42f60002ec3e9de219fbfab3586466da8d40236b6e8b224186458c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.youtube.com/embed/d3pDyG5Fmyk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 08:06:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
316461
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8161
x-xss-protection
0
last-modified
Wed, 12 Jul 2023 02:37:44 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 11 Jul 2024 08:06:02 GMT
truncated
/ Frame 1CF8 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
cTq0rPLIIJybbXjaccIlL_m9qh6BAdzGVIefToB85-KtQwTPD443n8YnxtqGCIxayUOhIy8IHg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 1CF8 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/cTq0rPLIIJybbXjaccIlL_m9qh6BAdzGVIefToB85-KtQwTPD443n8YnxtqGCIxayUOhIy8IHg=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/d3pDyG5Fmyk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f1.1e100.net
Software
fife /
Resource Hash
755170eb04151e9cdd6120d65b4ac22b12f4e93edd883b4bef6884677240c9e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 21:49:38 GMT
x-content-type-options
nosniff
age
7845
content-disposition
inline;filename="channels4_profile.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5546
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 16 Jul 2023 21:49:38 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 1CF8 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4cc5d082/player_ias.vflset/it_IT/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 00:00:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 16 Jul 2023 00:00:23 GMT
collect
www.google-analytics.com/j/ 		2 B
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=973270996&t=pageview&_s=1&dl=http%3A%2F%2Fdoncafedgbyegcom.free.bg%2Fdinheiro-real%2Fpage-362-2024-02-06.html&ul=en-us&de=UTF-8&dt=%F0%9F%A5%87%20Jogos%20De%20Slots%20Online%20Big%20Money%20Bigfoot%20%7C%20Big%20money%20bigfoot%20-%20Demo%20Slot%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1645625578&gjid=517478380&cid=299970117.1689465623&tid=UA-96521599-1&_gid=161630913.1689465623&_r=1&gtm=457e37c0&jsscut=1&z=929722092
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://doncafedgbyegcom.free.bg/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 00:00:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://doncafedgbyegcom.free.bg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=973270996&t=pageview&_s=1&dl=http%3A%2F%2Fdoncafedgbyegcom.free.bg%2Fdinheiro-real%2Fpage-362-2024-02-06.html&ul=en-us&de=UTF-8&dt=%F0%9F%A5%87%20Jogos%20De%20Slots%20Online%20Big%20Money%20Bigfoot%20%7C%20Big%20money%20bigfoot%20-%20Demo%20Slot%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=474271823&gjid=1799975314&cid=299970117.1689465623&tid=UA-199856617-1&_gid=161630913.1689465623&_r=1&gtm=457e37c0&jsscut=1&z=1644452263
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://doncafedgbyegcom.free.bg/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 00:00:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://doncafedgbyegcom.free.bg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=973270996&t=pageview&_s=1&dl=http%3A%2F%2Fdoncafedgbyegcom.free.bg%2Fdinheiro-real%2Fpage-362-2024-02-06.html&ul=en-us&de=UTF-8&dt=%F0%9F%A5%87%20Jogos%20De%20Slots%20Online%20Big%20Money%20Bigfoot%20%7C%20Big%20money%20bigfoot%20-%20Demo%20Slot%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1835569816&gjid=1220693373&cid=299970117.1689465623&tid=UA-162690612-1&_gid=161630913.1689465623&_r=1&gtm=457e37c0&jsscut=1&z=492400406
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://doncafedgbyegcom.free.bg/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 00:00:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://doncafedgbyegcom.free.bg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
www.youtube.com/ Frame 1CF8 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?lT71bw
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/d3pDyG5Fmyk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f14.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.youtube.com/embed/d3pDyG5Fmyk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 00:00:23 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f10.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sun, 16 Jul 2023 00:00:23 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 1CF8 		90 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4cc5d082/player_ias.vflset/it_IT/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f10.1e100.net
Software
ESF /
Resource Hash
643648297a8cf26c742f8f8663cb0d98f865ce0f49a1ac3d6fa748a027b33beb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sun, 16 Jul 2023 00:00:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
collect
stats.g.doubleclick.net/j/ 		1 B
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-96521599-1&cid=299970117.1689465623&jid=1645625578&gjid=517478380&_gid=161630913.1689465623&_u=YADAAUAAAAAAACAAI~&z=93840115
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.76.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://doncafedgbyegcom.free.bg/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 16 Jul 2023 00:00:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://doncafedgbyegcom.free.bg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-199856617-1&cid=299970117.1689465623&jid=474271823&gjid=1799975314&_gid=161630913.1689465623&_u=YADAAUABAAAAACAAI~&z=973421466
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.76.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://doncafedgbyegcom.free.bg/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 16 Jul 2023 00:00:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://doncafedgbyegcom.free.bg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230711&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6890287250975679&plah=doncafedgbyegcom.free.bg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
62a727f8a5e9aec5d3bbaca630c6589306bf7e866f11046506b865c5c3845a28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://doncafedgbyegcom.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 00:00:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11881
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6890287250975679&plah=doncafedgbyegcom.free.bg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://doncafedgbyegcom.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 00:00:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 16 Jul 2023 00:00:24 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F42F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://doncafedgbyegcom.free.bg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

accept-ranges
bytes
age
21138
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 15 Jul 2023 18:08:06 GMT
expires
Sun, 14 Jul 2024 18:08:06 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8D86 		783 B
964 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f4.1e100.net
Software
GSE /
Resource Hash
f1fc7447883fca856609325856d5171ca942f0eb76d1fa4afb76ec9f68280dd5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-LPFvG3x2vQgVUOKp2WeAJA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://doncafedgbyegcom.free.bg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-LPFvG3x2vQgVUOKp2WeAJA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 16 Jul 2023 00:00:24 GMT
expires
Sun, 16 Jul 2023 00:00:24 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js
pagead2.googlesyndication.com/bg/ Frame F42F 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
sffe /
Resource Hash
26ec4365620d6bba2d1f06a2b02ab2312abb8b043209f1eafcb8673525346f65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 14 Jul 2023 04:42:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
155900
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14572
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 15:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 13 Jul 2024 04:42:04 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8D86 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230711&jk=2135736929548745&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame F42F 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?oKvd_Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 00:00:25 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
log_event
www.youtube.com/youtubei/v1/ Frame 1CF8 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4cc5d082/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f14.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
X-Goog-Request-Time
1689465625149
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/d3pDyG5Fmyk
X-YouTube-Client-Version
1.20230711.01.01
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtrN0ZNYXJBbllVdyiW5sylBg%3D%3D
X-YouTube-Ad-Signals
dt=1689465622878&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date
Sun, 16 Jul 2023 00:00:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
expires
Sun, 16 Jul 2023 00:00:25 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230711&jk=2135736929548745&bg=!cXKlcibNAAb90kgr3dI7ADkAdvg8Wicw63OjV6zbg-pJUEVt1rLAC_zfPmAkxs0j-6MMPkCj-R6mJGSJLo020RN5_gpLvKvotd8CAAAAYFIAAAAJaAEHCgCJk4yZmSwSXwPpDLZuj9JBwfa3mxK5JHDDmTiOMNn-rzV7mR3s-n_v0lwq6A6QDGI5KdwKGZpM91hjx57FR77t5ak311tCfh5LWdswaYJsdstw43hYcOi18UraDVnHcfeFDoLyvuEfWD89eoI19phctIBIkiWAWs1bN9IbkN_j7Z_WFk9MBOLH4WyZAqKCMGFZ3eujrF3IkVjvN94NQ5lD65ZP3Co7NUtMo3-l8otfAzc66PPDowGCDxfBcUgThEqZ4Y0fR22TugIuK11df4O6APi6YTqno4zMb0WfeQBZvpqZliKx-aK1hSgHB_d5Aduz_dneDE1aTVYiXGVJUmnwwiKV996SEl2KkObxT7PXXtg0pmYENcuzqcG0bNBW9F2YSkoF9TwhAefa1TF1orhX6c6lQ5URN7MvIfj29ZF_NQ3X29R4fhLYqV5tKV3ylsDpRMsKM45DHBUoNxzw0xx_q4oBnxVS0WRdZibVPERtbhOICHQ6l_a-TA1tRawmpU43RK341-_ouPePDc6e9A4C0u6enxnlrOTPIp_zb00r7BnplozsSvs7knKqMFk225P4zNxi8-7uJdWPhuFVaPw_FbJTVjeswGnJIUxYNTVYF4Bb3WdpHMIpDbEECPLG-gdKCvMR5grrk7MLn_zS74pm4QRVjx0N3XFsqeh8XpV2W16OHpyDdq3PkYl4IbsZHwKCdoN7o7VxyL2W19KLBYYvh2Pxg6EM8hFM0THZw8u8GT7KbLQ08gujLh0sYMPVs9mG02S9cXSthzPR3PfhXCKTuYG0kYPDjzqVaNJDVa6RZfeCnJz4zwk-93oiJVt8sq3fiMUzBZo5S7mBaBe_RC9rvK-uRhA6QgZ2wCU7YYeVkUFuJfrvUA0Vrs6snUCwKcsYn1FbLW3e9bTTSOPr2VkCJj3i_Nf4KEurkTBAdfwsKxilebd8lDyWo2P1wqDxSxE4yuUQb3Z57wPW72dEWhvg7JMQSmHvyynRWivA1b8ynlUxwWfWckQ0jUzSzYozBdmUj45oJKwPQoO-I56iw001epv1YVnIKI-G8sdlfSzn2JguPctzUtcJZNIOSTdRaA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://doncafedgbyegcom.free.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 boolean| credentialless object| onbeforetoggle object| onscrollend string| keyword object| _0xdfb0 object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots number| google_rum_task_id_counter function| google_spfd number| google_unique_id object| google_sv_map function| $ function| jQuery function| google_sa_impl boolean| _gfp_p_ function| processGoogleToken object| googleToken object| googleIMState number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages function| gtag object| dataLayer object| google_tag_manager object| google_tag_data object| googletag function| onYouTubeIframeAPIReady string| GoogleAnalyticsObject function| ga object| gaplugins object| gaData object| GoogleGcLKhOms object| google_image_requests

12 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: s7m6u5PZK_k
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: k7FMarAnYUw
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.free.bg/ Name: __gads
Value: ID=6026870da12eeff3-224740ed2cde000d:T=1689465622:RT=1689465622:S=ALNI_MaaW4AtpbOn28zj-8XARDlB1ALaGw
.free.bg/ Name: __gpi
Value: UID=00000cc2d16e41d5:T=1689465622:RT=1689465622:S=ALNI_MapjaPs3-snd7ddZhwnZP_A12jXbg
.free.bg/ Name: _ga_WKKLPLJP3V
Value: GS1.1.1689465623.1.0.1689465623.60.0.0
.free.bg/ Name: _ga_B29892VMGP
Value: GS1.1.1689465623.1.0.1689465623.60.0.0
.free.bg/ Name: _ga
Value: GA1.2.299970117.1689465623
.free.bg/ Name: _gid
Value: GA1.2.161630913.1689465623
.free.bg/ Name: _gat_gtag_UA_96521599_1
Value: 1
.free.bg/ Name: _gat_gtag_UA_199856617_1
Value: 1
.free.bg/ Name: _gat_gtag_UA_162690612_1
Value: 1

4 Console Messages

Source Level URL
Text
javascript warning
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://91.215.152.128/bronline?default_keyword=Jogos+de+slots+online+Big+Money+Bigfoot, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://91.215.152.128/bronline?default_keyword=Jogos+de+slots+online+Big+Money+Bigfoot, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890287250975679&output=html&adk=1812271804&adf=3025194257&lmt=1689189412&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=http%3A%2F%2Fdoncafedgbyegcom.free.bg%2Fdinheiro-real%2Fpage-362-2024-02-06.html&ea=0&pra=5&wgl=1&dt=1689465622379&bpp=99&bdt=303&idt=396&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5403732964696&frm=20&pv=2&ga_vid=299970117.1689465623&ga_sid=1689465623&ga_hid=973270996&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42532314%2C44788442&oid=2&pvsid=2135736929548745&tmod=1483850760&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=421
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
2.bp.blogspot.com
adservice.google.com
ajax.googleapis.com
doncafedgbyegcom.free.bg
fonts.gstatic.com
goodcasinos.org
googleads.g.doubleclick.net
i.ytimg.com
image.winudf.com
jnn-pa.googleapis.com
mareerice.com
pagead2.googlesyndication.com
partner.googleadservices.com
playslotscasinos.com
region1.analytics.google.com
s7.addthis.com
static.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.freecasino.se
www.fullquality.com
www.gamblerspick.com
www.google-analytics.com
www.google.com
www.google.it
www.googletagmanager.com
www.gstatic.com
www.onlineslots4u.com
www.youtube.com
yt3.ggpht.com
104.26.9.22
142.250.181.246
142.250.184.195
142.250.184.227
142.250.185.193
142.250.185.206
142.250.186.163
142.250.186.168
142.250.186.170
142.250.186.66
172.217.16.194
172.217.18.1
172.217.18.10
172.217.18.14
172.217.18.2
172.217.18.4
172.217.18.98
172.66.42.211
172.67.206.9
173.194.76.156
185.4.176.99
192.155.94.63
2.19.224.115
216.239.34.36
216.58.212.166
23.94.139.174
45.56.114.149
72.167.127.73
91.215.152.128
94.130.71.117
00abbfcd84d209c1d6892d1812a1ac4c43754932148adcbfadc95ce5b41f2193
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0146b5d03cf2936c26192b91dcc8e8bfbbe2dc6bf887a2f6fafef9cf8522b320
0ae5586d9890485b7d9cddaad714e8df68cb7abfd679402458149db9f38fdc42
16f6b7ac2ef43cd97ce651479f097d3890bcb7593dabac2c484e9e4ae8d2faa3
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
20c2f0579cc25ebc1abd6ad10b1bc912b28451c9f2258c8b7d8b996577982be0
2274a9d795ca9e5fa6ced17c0c42b925de121147f74bab1eea0fcab22b05ad1e
26ec4365620d6bba2d1f06a2b02ab2312abb8b043209f1eafcb8673525346f65
27c9d0d67bcf0afec7a21dc5051001999d34ac23b3dff0687db7ed3d16b3fecc
291fbabe780dd53fd62f0a5d2afebb46b673c32fc86fd633f9a8b3525c8bdd68
35b665f1bf705362cdbec940fadaf90130147ace201431518948cb19576946de
3b5132bcd0df94814fed8bfb7a2afbffdb7fbba214ec36853b95ac22d87d5db8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
46c15393e3f460df861746528fbe7dae447466a3eb73bed7df01eb382624f5f3
4a3d55d5382139da20f3fe217a9908ff703fd6532067f2ef0b17fc8dc0edb58a
4d84316808ce87bdd589dd885aefa156dd40799f2537541a68bed4fb41832d1c
4dd9d846b4b8ea9eadc30783135aace31bbd4abd86cce73973ce95758ba12187
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
594c3ed6d5d491b86cf697b016dda7680fa03b73a8bc7f101521577ada7e00db
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
60b2e6a688aa59b2c6bebdd80fb994a2b78cf91d2c42180ed6a61d27460f4150
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62a727f8a5e9aec5d3bbaca630c6589306bf7e866f11046506b865c5c3845a28
643648297a8cf26c742f8f8663cb0d98f865ce0f49a1ac3d6fa748a027b33beb
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
716a5e258ad8468eaab5e3e12c0eb0e123240bc3002ca441b0e61ba122e08bd1
755170eb04151e9cdd6120d65b4ac22b12f4e93edd883b4bef6884677240c9e9
77d6cef356868f46018abf1911b049186a3e4ca73b0f0cadf48033694324948c
8d61056780ec53d75a354b1aeb6b6c07e6cab70092fa70ff371a1e95e3ce2195
8f0f04c0318ef2403d0e4b1abfb5d642bb077d7c320dc28a4d47dd91e88ac810
90840b41440f9a56d485ce673197b8aa2a9175e53503a6c0e2ad5cc9d03a8083
a47298f1107e1f251189a86f28b145180840487859751cb87fb0bc7ee02f93dd
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a664b9e67f35944e047de14369b28063aca767c8072d4bba6fb81c7caa1bd44b
ac8177161c3038b07597ec544de3c00f46e1a0aa6b4b4c045ff0495553cc5069
acbe3792f86d55f419f49a369ca3257fc7b8c9fda885476751a4faddc36bea58
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
bda7d106e3c0bb4b1252bdfc825fe57d62de953afff8695367998bb509c88a07
cbd154314fc7c8ea487c670d8680c2cd8bddc16612d005bc77950f4820d79716
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
da734f9091cf9a9932c566d479592240cd6b6e3985a25787d331c9e7fb302642
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de90b8db133841ab22c95e57687dde9f35523ec13139a3d3a113561da44c5e9b
e2c1be8295f2a06a377749ad8bcd89c81308e3ee19bf3ef13d01a7ab731ce5eb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d499b39dd3fb73af283d7473257e02b028a51205c5137dcc91a41366c52424
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef194ec22d42f60002ec3e9de219fbfab3586466da8d40236b6e8b224186458c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef250d88bdc3c15c989f8a648842c9917343596f336ab2cb87b5517575966d64
f1fc7447883fca856609325856d5171ca942f0eb76d1fa4afb76ec9f68280dd5
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d