www.pwnthis.net Open in urlscan Pro
2a00:1450:4001:81e::2013 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.pwnthis.net/search/label/Slotomania
Submission: On June 24 via manual (June 24th 2019, 7:45:17 am UTC) from IL

Summary HTTP 86 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 36 IPs in 5 countries across 26 domains to perform 86 HTTP transactions. The main IP is 2a00:1450:4001:81e::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE - Google LLC, US. The main domain is www.pwnthis.net.

This is the only time www.pwnthis.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2a00:1450:400... 2a00:1450:4001:81e::2013	15169 (GOOGLE) (GOOGLE - Google LLC)
5	2a00:1450:400... 2a00:1450:4001:81a::2009	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	209.99.16.15 209.99.16.15	394695 (PUBLIC-DO...) (PUBLIC-DOMAIN-REGISTRY - PDR)
6	2a00:1450:400... 2a00:1450:4001:81f::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:821::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a00:1450:400... 2a00:1450:4001:81f::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	188.42.162.229 188.42.162.229	35415 (WEBZILLA) (WEBZILLA)
1	194.187.98.131 194.187.98.131	35415 (WEBZILLA) (WEBZILLA)
4	67.192.42.10 67.192.42.10	33070 (RMH-14) (RMH-14 - Rackspace Hosting)
1	2a00:1450:400... 2a00:1450:4001:81b::2009	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
5	74.214.194.131 74.214.194.131	59940 (PULSEPOIN...) (PULSEPOINT-EU)
1	52.205.146.202 52.205.146.202	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
3	2a00:1450:400... 2a00:1450:400c:c0c::52	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:818::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
2 2	172.217.22.98 172.217.22.98	15169 (GOOGLE) (GOOGLE - Google LLC)
2	151.101.0.166 151.101.0.166	54113 (FASTLY) (FASTLY - Fastly)
3	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	2a00:1450:400... 2a00:1450:4001:815::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
4	45.77.54.226 45.77.54.226	20473 (AS-CHOOPA) (AS-CHOOPA - Choopa)
2	34.95.92.78 34.95.92.78	15169 (GOOGLE) (GOOGLE - Google LLC)
2 4	34.246.137.239 34.246.137.239	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	2a00:1450:400... 2a00:1450:4001:81c::200d	15169 (GOOGLE) (GOOGLE - Google LLC)
4	45.76.91.25 45.76.91.25	20473 (AS-CHOOPA) (AS-CHOOPA - Choopa)
3	205.185.216.42 205.185.216.42	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
3	152.195.132.188 152.195.132.188	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER - Twitter Inc.)
86	36

2 2a00:1450:4001:81e::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.pwnthis.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81a::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.99.16.15 (Austin, United States)

ASN394695 (PUBLIC-DOMAIN-REGISTRY - PDR, US)
PTR: cp-41.webhostbox.net

www.kliptu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

2.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.42.162.229 (Amsterdam, Netherlands) 1 redirects

ASN35415 (WEBZILLA, NL)

go.padstm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.187.98.131 (Netherlands)

ASN35415 (WEBZILLA, NL)

go.padsdel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 67.192.42.10 (San Antonio, United States)

ASN33070 (RMH-14 - Rackspace Hosting, US)

go.adversal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 74.214.194.131 (Amsterdam, Netherlands)

ASN59940 (PULSEPOINT-EU, NL)

tag.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams-ads.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.205.146.202 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-205-146-202.compute-1.amazonaws.com

ads.qadservice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0c::52 (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)

bplugins.googlecode.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:818::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.22.98 (United States) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s18-in-f98.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.0.166 (United States)

ASN54113 (FASTLY - Fastly, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tag-st.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:216:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.77.54.226 (Frankfurt am Main, Germany)

ASN20473 (AS-CHOOPA - Choopa, LLC, US)
PTR: 45.77.54.226.vultr.com

pp-m.ns1p.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.ns1p.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.92.78 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 78.92.95.34.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.246.137.239 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-246-137-239.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Ireland) 1 redirects

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.76.91.25 (Frankfurt am Main, Germany)

ASN20473 (AS-CHOOPA - Choopa, LLC, US)
PTR: 45.76.91.25.vultr.com

s.ns1p.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.ns1p.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 205.185.216.42 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: map2.hwcdn.net

13vqq7w-m.ns1p.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 152.195.132.188 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

1b1pnoz-m.ns1p.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.72 (United States)

ASN13414 (TWITTER - Twitter Inc., US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	ns1p.net pp-m.ns1p.net c.ns1p.net s.ns1p.net 13vqq7w-m.ns1p.net 1b1pnoz-m.ns1p.net b.ns1p.net	14 KB
8	blogspot.com 2.bp.blogspot.com 1.bp.blogspot.com 3.bp.blogspot.com 4.bp.blogspot.com	48 KB
8	google.com apis.google.com adservice.google.com accounts.google.com	127 KB
7	contextweb.com tag.contextweb.com bh.contextweb.com tag-st.contextweb.com ams-ads.contextweb.com	50 KB
6	doubleclick.net 2 redirects googleads.g.doubleclick.net cm.g.doubleclick.net	541 B
5	googlesyndication.com pagead2.googlesyndication.com	192 KB
5	twitter.com platform.twitter.com syndication.twitter.com	101 KB
5	blogger.com www.blogger.com	61 KB
4	demdex.net 2 redirects dpm.demdex.net	3 KB
4	facebook.com 1 redirects staticxx.facebook.com www.facebook.com	282 B
4	adversal.com go.adversal.com	80 KB
3	googlecode.com bplugins.googlecode.com
2	rlcdn.com idsync.rlcdn.com	143 B
2	facebook.net connect.facebook.net	59 KB
2	google-analytics.com www.google-analytics.com	17 KB
2	pwnthis.net www.pwnthis.net	22 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	google.de adservice.google.de	171 B
1	qadservice.com ads.qadservice.com
1	blogblog.com resources.blogblog.com	539 B
1	padsdel.com go.padsdel.com
1	padstm.com 1 redirects go.padstm.com	295 B
1	kliptu.com www.kliptu.com
1	googleapis.com ajax.googleapis.com	33 KB
0	fidelity-media.com Failed ads.fidelity-media.com Failed
0	youtube.com Failed www.youtube.com Failed
86	26

	Domain	Requested by
6	apis.google.com	www.pwnthis.net apis.google.com
5	pagead2.googlesyndication.com	www.pwnthis.net pagead2.googlesyndication.com
5	www.blogger.com	www.pwnthis.net apis.google.com
4	dpm.demdex.net	2 redirects www.pwnthis.net
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com
4	go.adversal.com	www.pwnthis.net go.adversal.com
4	platform.twitter.com	www.pwnthis.net platform.twitter.com
3	1b1pnoz-m.ns1p.net	www.pwnthis.net
3	13vqq7w-m.ns1p.net	www.pwnthis.net
3	bplugins.googlecode.com	www.pwnthis.net
3	tag.contextweb.com	www.pwnthis.net ams-ads.contextweb.com
3	3.bp.blogspot.com	www.pwnthis.net pagead2.googlesyndication.com
2	b.ns1p.net	c.ns1p.net
2	s.ns1p.net	c.ns1p.net
2	c.ns1p.net	www.pwnthis.net
2	www.facebook.com	1 redirects connect.facebook.net
2	idsync.rlcdn.com	ams-ads.contextweb.com
2	pp-m.ns1p.net	ams-ads.contextweb.com
2	ams-ads.contextweb.com	tag-st.contextweb.com
2	staticxx.facebook.com	connect.facebook.net
2	cm.g.doubleclick.net	2 redirects
2	4.bp.blogspot.com	pagead2.googlesyndication.com
2	connect.facebook.net	www.pwnthis.net connect.facebook.net
2	www.google-analytics.com	www.pwnthis.net
2	1.bp.blogspot.com	www.pwnthis.net pagead2.googlesyndication.com
2	www.pwnthis.net	www.pwnthis.net
1	syndication.twitter.com	www.pwnthis.net
1	accounts.google.com	apis.google.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	tag-st.contextweb.com	tag.contextweb.com
1	bh.contextweb.com	www.pwnthis.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	ads.qadservice.com	www.pwnthis.net
1	resources.blogblog.com	www.pwnthis.net
1	go.padsdel.com	www.pwnthis.net
1	go.padstm.com	1 redirects
1	2.bp.blogspot.com	www.pwnthis.net
1	www.kliptu.com	www.pwnthis.net
1	ajax.googleapis.com	www.pwnthis.net
0	ads.fidelity-media.com Failed	ams-ads.contextweb.com
0	www.youtube.com Failed	www.pwnthis.net
86	42

This site contains links to these domains. Also see Links.

Domain
www.blogger.com
twitter.com
www.facebook.com
feeds.feedburner.com
feedburner.google.com
www.google.com

Subject Issuer	Validity	Valid
*.blogger.com Google Internet Authority G3	`2019-06-11` - `2019-09-03`	3 months	crt.sh
	`1970-01-01` - `1970-01-01`	a few seconds	crt.sh
*.apis.google.com Google Internet Authority G3	`2019-06-11` - `2019-09-03`	3 months	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2018-07-07` - `2020-06-03`	2 years	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-06-11` - `2019-09-03`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-06-06` - `2019-09-04`	3 months	crt.sh
*.google.com Google Internet Authority G3	`2019-06-11` - `2019-09-03`	3 months	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2019-06-11` - `2019-09-03`	3 months	crt.sh
*.ns1p.net DigiCert SHA2 Secure Server CA	`2018-05-07` - `2020-07-29`	2 years	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-04-24` - `2020-04-23`	a year	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2018-11-19` - `2019-11-27`	a year	crt.sh
accounts.google.com Google Internet Authority G3	`2019-06-11` - `2019-09-03`	3 months	crt.sh
syndication.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-04-09` - `2020-04-01`	a year	crt.sh

This page contains 17 frames:

Primary Page: http://www.pwnthis.net/search/label/Slotomania
Frame ID: 4C96003958AE04EB38EDBF533163BE87
Requests: 49 HTTP requests in this frame

Frame: https://www.youtube.com/embed/xo2zeK1NQXo
Frame ID: E38EF8A33B2A3A3595CA47232DC4CA47
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20190617/r20190131/show_ads_impl.js
Frame ID: 6D302AB0347352E2C68773728552AB68
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20190617/r20190131/zrt_lookup.html
Frame ID: AB287D653D0F1CD149FD9CF81BE5956F
Requests: 1 HTTP requests in this frame

Frame: https://www.blogger.com/navbar.g?targetBlogID=3867102894804831668&blogName=PWNTHIS&publishMode=PUBLISH_MODE_HOSTED&navbarType=BLACK&layoutType=LAYOUTS&searchRoot=http://www.pwnthis.net/search&blogLocale=en&v=2&homepageUrl=http://www.pwnthis.net/&vt=-8158558199473928814&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.naXRhtwohDo.O%2Fam%3DwQE%2Fd%3D1%2Frs%3DAGLTcCNpTisN1K0yb42y97daiPInZaZD7g%2Fm%3D__features__
Frame ID: 153801387D6783EC6FB9DBD158720C8E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3090693951005014&output=html&h=250&slotname=6001321194&adk=140015663&adf=83885205&w=300&lmt=1528958665&npa=1&guci=1.2.0.0.2.1.0.0&format=300x250&url=http%3A%2F%2Fwww.pwnthis.net%2Fsearch%2Flabel%2FSlotomania&flash=0&avail_w=0&wgl=1&adsid=NT&dt=1561362300890&bpp=22&bdt=764&fdt=130&idt=130&shv=r20190617&cbv=r20190131&saldr=aa&abxe=1&correlator=6039146698243&frm=20&pv=2&ga_vid=1856970383.1561362301&ga_sid=1561362301&ga_hid=824463618&ga_fc=1&iag=0&icsg=549756504576&dssz=33&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=324&ady=206&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=1&uci=1.o4qhhwbhdzqd&fsb=1&xpc=DOnoOvn512&p=http%3A//www.pwnthis.net&dtd=150
Frame ID: 0A720937E0EF65AABDD89C6F177048EB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3090693951005014&output=html&h=250&slotname=6001321194&adk=140015663&adf=1207257747&w=300&lmt=1528958665&npa=1&guci=1.2.0.0.2.1.0.0&format=300x250&url=http%3A%2F%2Fwww.pwnthis.net%2Fsearch%2Flabel%2FSlotomania&flash=0&avail_w=0&wgl=1&adsid=NT&dt=1561362300913&bpp=12&bdt=788&fdt=143&idt=143&shv=r20190617&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250&correlator=6039146698243&frm=20&pv=1&ga_vid=1856970383.1561362301&ga_sid=1561362301&ga_hid=824463618&ga_fc=1&iag=0&icsg=9345849526784&dssz=34&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=626&ady=206&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=2&uci=2.uojcgxz6elas&fsb=1&xpc=1jLRxT2DTT&p=http%3A//www.pwnthis.net&dtd=147
Frame ID: AA8C935D85E9025E443717CA20099CD5
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: 3BD43EE6182759FB9D387F132EE0486D
Requests: 1 HTTP requests in this frame

Frame: https://ams-ads.contextweb.com/TagPublish/GetAd.aspx?tagver=1&ca=VIEWAD&cp=547496&ct=128071&cwod=&epid=&esid=&ccid=&wp=0&cf=300X250&asv=30&eid=&rq=1&dw=1600&cwu=http%3A%2F%2Fwww.pwnthis.net%2Fsearch%2Flabel%2FSlotomania&cwr=&mrnd=37861188&if=0&tl=1&pxy=959,305&cxy=1600,1200&dxy=1600,177&tz=0&ln=en-US&acid=pp_ad_container_0
Frame ID: 47BF389030F99CF7A6C766D6BC179F9C
Requests: 12 HTTP requests in this frame

Frame: http://ams-ads.contextweb.com/TagPublish/GetAd.aspx?tagver=1&ca=VIEWAD&cp=547496&ct=128609&cwod=&epid=&esid=&ccid=&wp=0&cf=160X600&asv=30&eid=&rq=1&dw=1600&cwu=http%3A%2F%2Fwww.pwnthis.net%2Fsearch%2Flabel%2FSlotomania&cwr=&mrnd=23235507&if=0&tl=2&pxy=1117,562&cxy=1600,1200&dxy=1600,177&tz=0&ln=en-US&acid=pp_ad_container_1
Frame ID: E749CB698E2609445C96A7526F462AD8
Requests: 11 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.d753e00c3e838c1b2558149bd3f6ecb8.html?origin=http%3A%2F%2Fwww.pwnthis.net
Frame ID: F98A57EDDD34716600D12DC8F3067FBD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3090693951005014&output=html&adk=1812271804&adf=3025194257&lmt=1528958665&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&npa=1&guci=1.2.0.0.2.1.0.0&format=0x0&url=http%3A%2F%2Fwww.pwnthis.net%2Fsearch%2Flabel%2FSlotomania&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1561362301258&bpp=13&bdt=1132&fdt=14&idt=15&shv=r20190617&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250&nras=1&correlator=6039146698243&frm=20&pv=1&ga_vid=1856970383.1561362301&ga_sid=1561362301&ga_hid=824463618&ga_fc=1&iag=0&icsg=45139099660&dssz=45&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=2&uci=2.jgoz9pobxuxe&fsb=1&dtd=20
Frame ID: B4BC87CA8916E0C095115D2354466DF5
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: 09FC69E8FCAE913E1854687D6256D722
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=tall&hl=en-US&origin=http%3A%2F%2Fwww.pwnthis.net&url=http%3A%2F%2Fwww.pwnthis.net%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.naXRhtwohDo.O%2Fam%3DwQE%2Fd%3D1%2Frs%3DAGLTcCNpTisN1K0yb42y97daiPInZaZD7g%2Fm%3D__features__
Frame ID: 117D524EB273FBE34510DE3D8AF7289F
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=207630375915744&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df399ea594d51a54%26domain%3Dwww.pwnthis.net%26origin%3Dhttp%253A%252F%252Fwww.pwnthis.net%252Fff09a386f0b494%26relation%3Dparent.parent&container_width=0&font=verdana&href=http%3A%2F%2Fwww.pwnthis.net%2Fsearch%2Flabel%2FSlotomania&layout=box_count&locale=en_US&sdk=joey&send=false&show_faces=false
Frame ID: 19D0A77F6B2E94D468B7825CC5315B6B
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fwww.pwnthis.net&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.naXRhtwohDo.O%2Fam%3DwQE%2Fd%3D1%2Frs%3DAGLTcCNpTisN1K0yb42y97daiPInZaZD7g%2Fm%3D__features__
Frame ID: 8B5DEDE789308A3C63FBE9CF4BB2C166
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.d753e00c3e838c1b2558149bd3f6ecb8.en.html
Frame ID: FE5C4F4EE11D934C46AA74B9A00826CA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Blogger (Blogs) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Blogger$/i

Python (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Blogger$/i

Java (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /GSE/i

OpenGSE (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /GSE/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /apis\.google\.com\/js\/[a-z]*\.js/i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

86
Requests

45 %
HTTPS

59 %
IPv6

26
Domains

42
Subdomains

36
IPs

5
Countries

834 kB
Transfer

1858 kB
Size

1
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: http://www.blogger.com/home
Title: Blogger

Search URL Search Domain Scan URL

URL: http://www.blogger.com/rearrange?blogID=3867102894804831668&widgetType=HTML&widgetId=HTML2&action=editWidget&sectionId=main
Title:

Search URL Search Domain Scan URL

URL: http://www.blogger.com/rearrange?blogID=3867102894804831668&widgetType=HTML&widgetId=HTML9&action=editWidget&sectionId=main
Title:

Search URL Search Domain Scan URL

URL: http://twitter.com/impwnthis
Title: Twitter

Search URL Search Domain Scan URL

URL: http://www.facebook.com/pwnthis
Title: Facebook

Search URL Search Domain Scan URL

URL: http://feeds.feedburner.com/infinitehax
Title: RSS

Search URL Search Domain Scan URL

URL: http://feedburner.google.com/fb/a/mailverify?uri=infinitehax&loc=en_US
Title: Email

Search URL Search Domain Scan URL

URL: http://www.blogger.com/rearrange?blogID=3867102894804831668&widgetType=HTML&widgetId=HTML6&action=editWidget&sectionId=sidebartop
Title:

Search URL Search Domain Scan URL

URL: http://www.blogger.com/rearrange?blogID=3867102894804831668&widgetType=Label&widgetId=Label1&action=editWidget&sectionId=sidebartop
Title:

Search URL Search Domain Scan URL

URL: http://www.blogger.com/rearrange?blogID=3867102894804831668&widgetType=HTML&widgetId=HTML1&action=editWidget&sectionId=sidebartop
Title:

Search URL Search Domain Scan URL

URL: http://www.google.com/chrome
Title: Google Chrome

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

http://apis.google.com/js/plusone.js HTTP 307
https://apis.google.com/js/plusone.js

Request Chain 9

http://go.padstm.com/?id=483196 HTTP 302
http://go.padsdel.com/?id=483196

Request Chain 21

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 25

http://connect.facebook.net/en_US/all.js HTTP 307
https://connect.facebook.net/en_US/all.js

Request Chain 27

http://www.youtube.com/embed/xo2zeK1NQXo HTTP 307
https://www.youtube.com/embed/xo2zeK1NQXo

Request Chain 39

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=710274769&utmhn=www.pwnthis.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=PWNTHIS%3A%20Slotomania%20%7C%20Cheats%2C%20Hacks%20and%20Tips%20for%20Facebook%20Games&utmhid=824463618&utmr=-&utmp=%2Fsearch%2Flabel%2FSlotomania&utmht=1561362300984&utmac=UA-22390598-1&utmcc=__utma%3D250174215.1856970383.1561362301.1561362301.1561362301.1%3B%2B__utmz%3D250174215.1561362301.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1944351815&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=710274769&utmhn=www.pwnthis.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=PWNTHIS%3A%20Slotomania%20%7C%20Cheats%2C%20Hacks%20and%20Tips%20for%20Facebook%20Games&utmhid=824463618&utmr=-&utmp=%2Fsearch%2Flabel%2FSlotomania&utmht=1561362300984&utmac=UA-22390598-1&utmcc=__utma%3D250174215.1856970383.1561362301.1561362301.1561362301.1%3B%2B__utmz%3D250174215.1561362301.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1944351815&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Request Chain 41

https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm=&google_sc=&google_tc= HTTP 302
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEBwjl8Fj_tOu9BTNirOcmTs&google_cver=1

Request Chain 56

https://dpm.demdex.net/ibs:dpid=96678&dpuuid=QcI2apbscy2Y HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=96678&dpuuid=QcI2apbscy2Y

Request Chain 61

https://www.facebook.com/connect/ping?client_id=207630375915744&domain=www.pwnthis.net&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df2d586511b7e2e8%26domain%3Dwww.pwnthis.net%26origin%3Dhttp%253A%252F%252Fwww.pwnthis.net%252Fff09a386f0b494%26relation%3Dparent&response_type=token%2Csigned_request&sdk=joey HTTP 302
https://staticxx.facebook.com/connect/xd_arbiter.php?version=44

Request Chain 68

http://dpm.demdex.net/ibs:dpid=96678&dpuuid=on2erhYETGmD HTTP 302
http://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=96678&dpuuid=on2erhYETGmD

86 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Slotomania Show response
www.pwnthis.net/search/label/ 96 KB
20 KB 293ms
286ms Document
text/html 2a00:1450:4001:81e::2013
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://www.pwnthis.net/search/label/Slotomania

Protocol

HTTP/1.1

Server

2a00:1450:4001:81e::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

2073b6cd0859f58565e8f808db2a851ba64d0efe5904c8305a50b14705c14364

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: www.pwnthis.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: text/html; charset=UTF-8
Expires: Mon, 24 Jun 2019 07:45:00 GMT
Date: Mon, 24 Jun 2019 07:45:00 GMT
Cache-Control: private, max-age=0
Last-Modified: Thu, 14 Jun 2018 06:44:25 GMT
ETag: W/"18117eaa889e68459898b08eaf13f5ddc183e1494e928d4fc25d0c09c540a2f3"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 19957
Server: GSE

GET
H2 200 2549344219-widget_css_bundle.css
www.blogger.com/static/v1/widgets/ 31 KB
7 KB 9ms
7ms Stylesheet
text/css 2a00:1450:4001:81a::2009
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/2549344219-widget_css_bundle.css

Requested by

Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

d539a910089008f073b426d44a496f1952ba01b9ff018425c18d21bea42aa128

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 01 Jun 2019 04:54:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 31 May 2019 14:28:49 GMT
server: sffe
age: 1997459
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 6822
x-xss-protection: 0
expires: Sun, 31 May 2020 04:54:01 GMT

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 91 KB
33 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:81d::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

Requested by

Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania

Protocol

HTTP/1.1

Security

, ,

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 31 May 2019 04:24:09 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
Server: sffe
Age: 2085651
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 32954
X-XSS-Protection: 0
Expires: Sat, 30 May 2020 04:24:09 GMT

GET
H/1.1 404
Not Found kliptu-ad.js
www.kliptu.com/demo/buysellads/assets/js/ 0
0 658ms
238ms Script
text/html 209.99.16.15
PDR

General

Check archive.org

Show headers Download Go to

Full URL: http://www.kliptu.com/demo/buysellads/assets/js/kliptu-ad.js
Requested by: Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania
Protocol: HTTP/1.1
Security: , ,
Server: 209.99.16.15 Austin, United States, ASN394695 (PUBLIC-DOMAIN-REGISTRY - PDR, US),
Reverse DNS: cp-41.webhostbox.net
Software: /
Resource Hash

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2

200

plusone.js Show response
apis.google.com/js/
Redirect Chain

http://apis.google.com/js/plusone.js
https://apis.google.com/js/plusone.js

43 KB
17 KB

37ms
33ms

Script
application/javascript

2a00:1450:4001:81f::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

675eec2f14f92e7ec8fdc487ff3e14a3bce6d3550fc5f2cf7553d2cd38da3f4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Jun 2019 07:45:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: script-src 'report-sample' 'nonce-YhmVLSK8p7bUKl04YDpaGQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
strict-transport-security: max-age=31536000
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "39de64dbfdd8b5e63ce78dd740d980c7"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin: *
expires: Mon, 24 Jun 2019 07:45:00 GMT

Redirect headers

Location: https://apis.google.com/js/plusone.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 93 KB
93 KB 31ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: http://platform.twitter.com/widgets.js
Requested by: Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania
Protocol: HTTP/1.1
Security: , ,
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40EA) /
Resource Hash: 0870a4508bc178306a11ed2b23e17d129226ebc2de988534d82324ff915cf9a6

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 24 Jun 2019 07:45:00 GMT
Last-Modified: Wed, 05 Jun 2019 16:50:27 GMT
Server: ECS (fcn/40EA)
Etag: "c0ccc06d58626dbfe4c4102bca9dfe9c"
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
Content-Length: 95170

GET
H2 200 plusone.js Show response
apis.google.com/js/ 43 KB
17 KB 43ms
34ms Script
application/javascript 2a00:1450:4001:81f::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

675eec2f14f92e7ec8fdc487ff3e14a3bce6d3550fc5f2cf7553d2cd38da3f4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Jun 2019 07:45:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: script-src 'report-sample' 'nonce-uU9RGHW3L5aMao6QnU9LOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
strict-transport-security: max-age=31536000
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "39de64dbfdd8b5e63ce78dd740d980c7"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin: *
expires: Mon, 24 Jun 2019 07:45:00 GMT

GET
H/1.1 200
OK pwnthis.png
2.bp.blogspot.com/-iz0gWS48FzA/UCYPDAy1wQI/AAAAAAAABHY/9Ony-tdyouE/s1600/ 16 KB
16 KB 35ms
21ms Image
image/png 2a00:1450:4001:806::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://2.bp.blogspot.com/-iz0gWS48FzA/UCYPDAy1wQI/AAAAAAAABHY/9Ony-tdyouE/s1600/pwnthis.png

Requested by

Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania

Protocol

HTTP/1.1

Security

, ,

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

9c8604e0fb6db5384ded555402216456ff70e17e242c8b54035c157c44eba3f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 24 Jun 2019 07:45:00 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v476"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="pwnthis.png"
Timing-Allow-Origin: *
Content-Length: 16015
X-XSS-Protection: 0
Expires: Sun, 23 Jun 2019 00:01:26 GMT

GET
H/1.1 200
OK search_button.png
1.bp.blogspot.com/_b8IA1ajBJG8/TOnmnDGC7II/AAAAAAAABx4/WwjtVUUD78M/s1600/ 1 KB
2 KB 59ms
15ms Image
image/png 2a00:1450:4001:821::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://1.bp.blogspot.com/_b8IA1ajBJG8/TOnmnDGC7II/AAAAAAAABx4/WwjtVUUD78M/s1600/search_button.png

Requested by

Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania

Protocol

HTTP/1.1

Security

, ,

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

d7f0e2bfc2c0cd54c6bfeec7780e7aa3d2a8eb1324228e719c947dff4751cde1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 24 Jun 2019 07:45:00 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v71e"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="search_button.png"
Timing-Allow-Origin: *
Content-Length: 1277
X-XSS-Protection: 0
Expires: Wed, 19 Jun 2019 20:27:13 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 90 KB
34 KB 40ms
20ms Script
text/javascript 2a00:1450:4001:81f::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania

Protocol

HTTP/1.1

Security

, ,

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

55e8d40f6a1ee5b6df964b4ebcb378fcff6ca1a96c062a1d54b7b982567a5036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 24 Jun 2019 07:45:00 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
ETag: 5571157648659556412
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 34137
X-XSS-Protection: 0
Expires: Mon, 24 Jun 2019 07:45:00 GMT

GET
H/1.1

204
No Content

/ Show response
go.padsdel.com/
Redirect Chain

http://go.padstm.com/?id=483196
http://go.padsdel.com/?id=483196

0
0

49ms
22ms

Script
text/html

194.187.98.131
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: http://go.padsdel.com/?id=483196
Requested by: Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania
Protocol: HTTP/1.1
Security: , ,
Server: 194.187.98.131 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

Date: Mon, 24 Jun 2019 07:45:00 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: text/html
Location: http://go.padsdel.com/?id=483196
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 154

GET
H/1.1 200
OK ttj Show response
go.adversal.com/ 2 KB
2 KB 293ms
133ms Script
text/plain 67.192.42.10
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL: http://go.adversal.com/ttj?id=1248820&size=300x250&promo_sizes=250x250,200x200,180x150&promo_alignment=center
Requested by: Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania
Protocol: HTTP/1.1
Security: , ,
Server: 67.192.42.10 San Antonio, United States, ASN33070 (RMH-14 - Rackspace Hosting, US),
Reverse DNS
Software: Apache /
Resource Hash: 2090fbcdebbb13c1f0bc60e0749ddd513b8d69e88770b718f7d9da2439b20c5b

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 24 Jun 2019 07:45:00 GMT
Last-Modified: Thu, 30 Aug 2018 14:27:31 GMT
Server: Apache
ETag: "7e0016-77d-574a7e01a8acc"
Content-Type: text/plain; charset=UTF-8
Cache-Control: no-cache, max-age=0, s-maxage=0, must-revalidate, proxy-revalidate
Connection: close
Accept-Ranges: bytes
Content-Length: 1917
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 icon18_wrench_allbkg.png
resources.blogblog.com/img/ 475 B
539 B 6ms
5ms Image
image/png 2a00:1450:4001:81b::2009
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/icon18_wrench_allbkg.png

Requested by

Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 20 Jun 2019 23:28:58 GMT
x-content-type-options: nosniff
last-modified: Thu, 20 Jun 2019 16:29:39 GMT
server: sffe
age: 288962
content-type: image/png
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 475
x-xss-protection: 0
expires: Thu, 27 Jun 2019 23:28:58 GMT

GET
H/1.1 200
OK Untitled-3.jpg
3.bp.blogspot.com/-250i8ZiARno/T7z_qfnr39I/AAAAAAAAA3U/gTxroZk5Yes/s1600/ 19 KB
20 KB 343ms
319ms Image
image/jpeg 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://3.bp.blogspot.com/-250i8ZiARno/T7z_qfnr39I/AAAAAAAAA3U/gTxroZk5Yes/s1600/Untitled-3.jpg

Requested by

Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania

Protocol

HTTP/1.1

Security

, ,

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

00814de5553816cf84b97a0badd5e9550a33455b3d5b75f0b73b28c9f15bcec5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 24 Jun 2019 07:45:01 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "v375"
Vary: Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Untitled-3.jpg"
Timing-Allow-Origin: *
Content-Length: 19770
X-XSS-Protection: 0
Expires: Tue, 25 Jun 2019 07:45:01 GMT

GET
H2 200 getjs.aspx Show response
tag.contextweb.com/TagPublish/ 1 KB
1 KB 87ms
22ms Script
application/x-javascript 74.214.194.131
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.contextweb.com/TagPublish/getjs.aspx?action=VIEWAD&cwrun=200&cwadformat=300X250&cwpid=547496&cwwidth=300&cwheight=250&cwpnet=1&cwtagid=128071
Requested by: Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 74.214.194.131 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software: envoy /
Resource Hash: b58b9fc86a2d745c752b33f27b67a8c4341d33c9928d85d08fd275c3e5bf2b0a

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Jun 2019 07:44:59 GMT
content-encoding: gzip
server: envoy
p3p: policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
status: 200
cache-control: no-cache, no-store
x-envoy-upstream-service-time: 3
content-type: application/x-javascript
content-length: 727

GET
H/1.1 200
OK t Show response
ads.qadservice.com/ 0
0 237ms
104ms Script
text/html 52.205.146.202
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.qadservice.com/t?id=1d2c9622-8ea4-4065-ae50-650b0b11978a&size=728x90
Requested by: Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania
Protocol: HTTP/1.1
Security: , ,
Server: 52.205.146.202 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-205-146-202.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H/1.1 200
OK getjs.aspx Show response
tag.contextweb.com/TagPublish/ 1 KB
1 KB 39ms
20ms Script
application/x-javascript 74.214.194.131
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to

Full URL: http://tag.contextweb.com/TagPublish/getjs.aspx?action=VIEWAD&cwrun=200&cwadformat=160X600&cwpid=547496&cwwidth=160&cwheight=600&cwpnet=1&cwtagid=128609
Requested by: Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania
Protocol: HTTP/1.1
Security: , ,
Server: 74.214.194.131 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software: envoy /
Resource Hash: fc2506463ee7767edd50f6966ef07a193b0bc89cc115f77dc095e867f3e28d39

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Jun 2019 07:45:00 GMT
content-encoding: gzip
server: envoy
p3p: policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: no-cache, no-store
x-envoy-upstream-service-time: 2
content-type: application/x-javascript
content-length: 727

GET
H/1.1 200
OK ttj Show response
go.adversal.com/ 2 KB
2 KB 260ms
130ms Script
text/plain 67.192.42.10
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL: http://go.adversal.com/ttj?id=1248820&size=160x600&promo_sizes=120x600&promo_alignment=center
Requested by: Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania
Protocol: HTTP/1.1
Security: , ,
Server: 67.192.42.10 San Antonio, United States, ASN33070 (RMH-14 - Rackspace Hosting, US),
Reverse DNS
Software: Apache /
Resource Hash: 2090fbcdebbb13c1f0bc60e0749ddd513b8d69e88770b718f7d9da2439b20c5b

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 24 Jun 2019 07:45:00 GMT
Last-Modified: Thu, 30 Aug 2018 14:27:31 GMT
Server: Apache
ETag: "7e0016-77d-574a7e01a8acc"
Content-Type: text/plain; charset=UTF-8
Cache-Control: no-cache, max-age=0, s-maxage=0, must-revalidate, proxy-revalidate
Connection: close
Accept-Ranges: bytes
Content-Length: 1917
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 404
Not Found pagenumbers.js
bplugins.googlecode.com/files/ 0
0 43ms
14ms Script
text/html 2a00:1450:400c:c0c::52
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://bplugins.googlecode.com/files/pagenumbers.js
Requested by: Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania
Protocol: HTTP/1.1
Security: , ,
Server: 2a00:1450:400c:c0c::52 Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H/1.1 200
OK cookienotice.js Show response
www.pwnthis.net/js/ 6 KB
2 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:81e::2013
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://www.pwnthis.net/js/cookienotice.js

Requested by

Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania

Protocol

HTTP/1.1

Security

, ,

Server

2a00:1450:4001:81e::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 24 Jun 2019 07:45:00 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 24 Jun 2019 04:15:42 GMT
Server: sffe
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
Content-Length: 2026
X-XSS-Protection: 0
Expires: Mon, 01 Jul 2019 07:45:00 GMT

GET
H2 200 4078559275-widgets.js Show response
www.blogger.com/static/v1/widgets/ 148 KB
54 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81a::2009
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/4078559275-widgets.js

Requested by

Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c9a2e79465162fc19dbb8053c7aff236e46dad9b642aa73e2e49ee328b3918c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 00:38:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 13 Jun 2019 23:25:32 GMT
server: sffe
age: 889577
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 55442
x-xss-protection: 0
expires: Sat, 13 Jun 2020 00:38:43 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.naXRhtwohDo.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCNpTisN1K0yb42y97daiPInZaZD7g/ 137 KB
49 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:81f::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.naXRhtwohDo.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCNpTisN1K0yb42y97daiPInZaZD7g/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

265fe1b54696335815ab023d04cda0e32678176e8ea01826ee9feb1c77615f55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 21 Jun 2019 18:00:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 20 Jun 2019 23:48:08 GMT
server: sffe
age: 222250
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 49768
x-xss-protection: 0
expires: Sat, 20 Jun 2020 18:00:50 GMT

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

6ms
5ms

Script
text/javascript

2a00:1450:4001:81c::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 21 May 2019 23:53:44 GMT
server: Golfe2
age: 437
date: Mon, 24 Jun 2019 07:37:43 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 17168
expires: Mon, 24 Jun 2019 09:37:43 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
114 B 119ms
117ms Stylesheet
text/css 2a00:1450:4001:81a::2009
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=3867102894804831668&zx=38287843-fbc0-42f9-8322-92c28cc94b0a

Requested by

Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 21
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 24 Jun 2019 07:45:00 GMT
server: GSE
date: Mon, 24 Jun 2019 07:45:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.naXRhtwohDo.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCNpTisN1K0yb42y97daiPInZaZD7g/ 53 KB
17 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:81f::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.naXRhtwohDo.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCNpTisN1K0yb42y97daiPInZaZD7g/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

270910e368e3e8eaf6b7292f9950778cb4cb1fb81093abdbbc8247449f15d265

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 21 Jun 2019 18:09:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 20 Jun 2019 23:48:08 GMT
server: sffe
age: 221746
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 17560
x-xss-protection: 0
expires: Sat, 20 Jun 2020 18:09:14 GMT

GET
H/1.1 200
OK google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
615 B 8ms
6ms Script
text/javascript 2a00:1450:4001:81f::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/google_top_exp.js

Requested by

Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania

Protocol

HTTP/1.1

Security

, ,

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 14 Jun 2019 02:34:07 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
Age: 882653
ETag: 13036835877489095579
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: public, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 67
X-XSS-Protection: 0
Expires: Fri, 28 Jun 2019 02:34:07 GMT

GET
H2

200

all.js Show response
connect.facebook.net/en_US/
Redirect Chain

http://connect.facebook.net/en_US/all.js
https://connect.facebook.net/en_US/all.js

3 KB
2 KB

11ms
10ms

Script
application/x-javascript

2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

d04e70ca63e0d87f413eaf81a3adf7af3bba11367f3f4369f6a211c8b6be537f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 5NYB2LwO8CNo08dxjZQCGw==
status: 200
date: Mon, 24 Jun 2019 07:45:00 GMT
vary: Accept-Encoding
content-length: 1780
x-fb-debug: SlTryT84MesP3T2hr/VpPMZW8/vVktqKMge4lCMFVYTay4xjL5IdvQ9fLP1oqBp0IFMi0ScqdW87b/s+lCEJgg==
x-fb-trip-id: 660048238
x-fb-content-md5: 72c79b48110aaf46d781de9d67fc1a72
etag: "a588340e1d26495cb26813dbd387fe2e"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 24 Jun 2019 07:47:28 GMT

Redirect headers

Location: https://connect.facebook.net/en_US/all.js#xfbml=1&appId=207630375915744
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK as Show response
go.adversal.com/ 75 KB
75 KB 266ms
130ms Script
text/plain 67.192.42.10
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL: http://go.adversal.com/as?id=1248820&size=300x250&promo_sizes=250x250,200x200,180x150&promo_alignment=center&v=2
Requested by: Host: go.adversal.com
URL: http://go.adversal.com/ttj?id=1248820&size=300x250&promo_sizes=250x250,200x200,180x150&promo_alignment=center
Protocol: HTTP/1.1
Security: , ,
Server: 67.192.42.10 San Antonio, United States, ASN33070 (RMH-14 - Rackspace Hosting, US),
Reverse DNS
Software: Apache /
Resource Hash: 689b025d6053c65333dfda274577b96c7042f66043fa1bd3954eed1be736d772

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 24 Jun 2019 07:45:01 GMT
Last-Modified: Mon, 06 May 2019 15:08:52 GMT
Server: Apache
ETag: "7e004d-12bf5-588397a6e55c6"
Content-Type: text/plain; charset=UTF-8
Cache-Control: no-cache, max-age=0, s-maxage=0, must-revalidate, proxy-revalidate
Connection: close
Accept-Ranges: bytes
Content-Length: 76789
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET

xo2zeK1NQXo
www.youtube.com/embed/ Frame E38E
Redirect Chain

http://www.youtube.com/embed/xo2zeK1NQXo
https://www.youtube.com/embed/xo2zeK1NQXo

0
0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 16ms
16ms Script
application/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.pwnthis.net

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Jun 2019 07:45:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 17ms
16ms Script
application/javascript 2a00:1450:4001:80b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.pwnthis.net

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Jun 2019 07:45:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 104
x-xss-protection: 0

GET
H/1.1 200
OK icontime.gif
3.bp.blogspot.com/_ubwIhqPcR6M/TIZYc9FH9JI/AAAAAAAAA9U/maYyFzJjeOY/s1600/ 631 B
1 KB 13ms
7ms Image
image/png 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://3.bp.blogspot.com/_ubwIhqPcR6M/TIZYc9FH9JI/AAAAAAAAA9U/maYyFzJjeOY/s1600/icontime.gif

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

HTTP/1.1

Security

, ,

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

bb72ea15d1c2a397bff55af91b566de7f15c62e97cead113597592b9893d3df1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 24 Jun 2019 07:28:59 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 961
ETag: "v3d5"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="icontime.png"
Timing-Allow-Origin: *
Content-Length: 631
X-XSS-Protection: 0
Expires: Mon, 24 Jun 2019 13:58:55 GMT

GET
H/1.1 200
OK twitter1.png
1.bp.blogspot.com/_ubwIhqPcR6M/TIZZDKoUuUI/AAAAAAAAA9k/5tMMs9lM198/s1600/ 2 KB
2 KB 22ms
16ms Image
image/png 2a00:1450:4001:821::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://1.bp.blogspot.com/_ubwIhqPcR6M/TIZZDKoUuUI/AAAAAAAAA9k/5tMMs9lM198/s1600/twitter1.png

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

HTTP/1.1

Security

, ,

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

664f5a1471a1147e2f6c3faa8818d723610048bf169da33b49aa0cdbb0f1c135

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 24 Jun 2019 07:45:00 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v3d9"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="twitter1.png"
Timing-Allow-Origin: *
Content-Length: 2013
X-XSS-Protection: 0
Expires: Mon, 24 Jun 2019 00:51:17 GMT

GET
H/1.1 200
OK facebook1.png
4.bp.blogspot.com/_ubwIhqPcR6M/TIZZXPQXpOI/AAAAAAAAA9s/eUtxrhfsQnw/s1600/ 2 KB
2 KB 34ms
6ms Image
image/png 2a00:1450:4001:818::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://4.bp.blogspot.com/_ubwIhqPcR6M/TIZZXPQXpOI/AAAAAAAAA9s/eUtxrhfsQnw/s1600/facebook1.png

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

HTTP/1.1

Security

, ,

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

7eaa6c54946e1b8598d1b3fa968b99821e963bc1ac4c1c16405dbee514751309

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 24 Jun 2019 07:09:41 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 2119
ETag: "v3db"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="facebook1.png"
Timing-Allow-Origin: *
Content-Length: 1648
X-XSS-Protection: 0
Expires: Mon, 24 Jun 2019 00:51:17 GMT

GET
H/1.1 200
OK rss1.png
4.bp.blogspot.com/_ubwIhqPcR6M/TIZZpMLXofI/AAAAAAAAA90/38UW2P6muCw/s1600/ 2 KB
3 KB 34ms
6ms Image
image/png 2a00:1450:4001:818::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://4.bp.blogspot.com/_ubwIhqPcR6M/TIZZpMLXofI/AAAAAAAAA90/38UW2P6muCw/s1600/rss1.png

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

HTTP/1.1

Security

, ,

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

9a26b7a04b54ee7d8dc27d564a5513e982f0cd2567583c8071190250c804ed2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 24 Jun 2019 07:09:41 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 2119
ETag: "v3dd"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="rss1.png"
Timing-Allow-Origin: *
Content-Length: 2165
X-XSS-Protection: 0
Expires: Mon, 24 Jun 2019 00:51:17 GMT

GET
H/1.1 200
OK email.png
3.bp.blogspot.com/_ubwIhqPcR6M/TIZZ2uMQeWI/AAAAAAAAA98/Rl3vTdU58gU/s1600/ 2 KB
3 KB 16ms
8ms Image
image/png 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://3.bp.blogspot.com/_ubwIhqPcR6M/TIZZ2uMQeWI/AAAAAAAAA98/Rl3vTdU58gU/s1600/email.png

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

HTTP/1.1

Security

, ,

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

ff04606727a3a5fdf09a1f57a2d35a154aa6ce5244fa10a5d1b3ac1eed4b6252

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 24 Jun 2019 07:09:41 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 2119
ETag: "v3df"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="email.png"
Timing-Allow-Origin: *
Content-Length: 2409
X-XSS-Protection: 0
Expires: Mon, 24 Jun 2019 23:55:56 GMT

GET
H/1.1 200
OK show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190617/r20190131/ 211 KB
79 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:81f::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20190617/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

HTTP/1.1

Security

, ,

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

bc647c5406745d8548d90c846552faa6c50d5055b2fe5c5f1bde696d6787cbc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 24 Jun 2019 07:45:00 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
ETag: 2631350778418321060
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 79885
X-XSS-Protection: 0
Expires: Mon, 24 Jun 2019 07:45:00 GMT

GET
H/1.1 200
OK show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190617/r20190131/ Frame 6D30 211 KB
79 KB 35ms
25ms Script
text/javascript 2a00:1450:4001:81f::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20190617/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

HTTP/1.1

Security

, ,

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

bc647c5406745d8548d90c846552faa6c50d5055b2fe5c5f1bde696d6787cbc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 24 Jun 2019 07:45:00 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
ETag: 2631350778418321060
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 79885
X-XSS-Protection: 0
Expires: Mon, 24 Jun 2019 07:45:00 GMT

GET
H2 200 ca-pub-3090693951005014.js Show response
pagead2.googlesyndication.com/pub-config/r20160913/ 108 B
223 B 109ms
108ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-3090693951005014.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

617229202229089622770a111fef4f514877475b89056525185a70e0cbc5bc95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Jun 2019 07:45:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 23 Jun 2019 20:46:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=43200
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 118
x-xss-protection: 0
expires: Mon, 24 Jun 2019 19:45:00 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20190617/r20190131/ Frame AB28 0
0 7ms
6ms Document
text/html 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20190617/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20190617/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: http://www.pwnthis.net/search/label/Slotomania
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.pwnthis.net/search/label/Slotomania

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Mon, 17 Jun 2019 13:54:36 GMT
expires: Mon, 01 Jul 2019 13:54:36 GMT
content-type: text/html; charset=UTF-8
etag: 9107516332936589630
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 7041
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 582624
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"

GET
H2

200

__utm.gif
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=710274769&utmhn=www.pwnthis.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=PWNTHI...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=710274769&utmhn=www.pwnthis.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=PWNTH...

35 B
111 B

18ms
17ms

Image
image/gif

2a00:1450:4001:81c::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=710274769&utmhn=www.pwnthis.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=PWNTHIS%3A%20Slotomania%20%7C%20Cheats%2C%20Hacks%20and%20Tips%20for%20Facebook%20Games&utmhid=824463618&utmr=-&utmp=%2Fsearch%2Flabel%2FSlotomania&utmht=1561362300984&utmac=UA-22390598-1&utmcc=__utma%3D250174215.1856970383.1561362301.1561362301.1561362301.1%3B%2B__utmz%3D250174215.1561362301.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1944351815&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jun 2019 07:45:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=710274769&utmhn=www.pwnthis.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=PWNTHIS%3A%20Slotomania%20%7C%20Cheats%2C%20Hacks%20and%20Tips%20for%20Facebook%20Games&utmhid=824463618&utmr=-&utmp=%2Fsearch%2Flabel%2FSlotomania&utmht=1561362300984&utmac=UA-22390598-1&utmcc=__utma%3D250174215.1856970383.1561362301.1561362301.1561362301.1%3B%2B__utmz%3D250174215.1561362301.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1944351815&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason: HSTS

GET
H2 200 navbar.g
www.blogger.com/ Frame 1538 0
0 588ms
582ms Document
text/html 2a00:1450:4001:81a::2009
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/navbar.g?targetBlogID=3867102894804831668&blogName=PWNTHIS&publishMode=PUBLISH_MODE_HOSTED&navbarType=BLACK&layoutType=LAYOUTS&searchRoot=http://www.pwnthis.net/search&blogLocale=en&v=2&homepageUrl=http://www.pwnthis.net/&vt=-8158558199473928814&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.naXRhtwohDo.O%2Fam%3DwQE%2Fd%3D1%2Frs%3DAGLTcCNpTisN1K0yb42y97daiPInZaZD7g%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.naXRhtwohDo.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCNpTisN1K0yb42y97daiPInZaZD7g/cb=gapi.loaded_0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.blogger.com
:scheme: https
:path: /navbar.g?targetBlogID=3867102894804831668&blogName=PWNTHIS&publishMode=PUBLISH_MODE_HOSTED&navbarType=BLACK&layoutType=LAYOUTS&searchRoot=http://www.pwnthis.net/search&blogLocale=en&v=2&homepageUrl=http://www.pwnthis.net/&vt=-8158558199473928814&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.naXRhtwohDo.O%2Fam%3DwQE%2Fd%3D1%2Frs%3DAGLTcCNpTisN1K0yb42y97daiPInZaZD7g%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: http://www.pwnthis.net/search/label/Slotomania
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.pwnthis.net/search/label/Slotomania

Response headers

status: 200
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 24 Jun 2019 07:45:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 2578
server: GSE
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"

GET
H/1.1

200
OK

rtset Show response
bh.contextweb.com/bh/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm=&google_sc=&google_tc=
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEBwjl8Fj_tOu9BTNirOcmTs&google_cver=1

0
594 B

64ms
20ms

Script
application/x-javascript

151.101.0.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEBwjl8Fj_tOu9BTNirOcmTs&google_cver=1
Requested by: Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.0.166 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Jetty(9.4.7.v20170914) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 24 Jun 2019 07:45:01 GMT
Via: 1.1 varnish
X-Cache: MISS
P3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Connection: keep-alive
Content-Length: 0
X-Served-By: cache-fra19133-FRA
Server: Jetty(9.4.7.v20170914)
Vary: Accept-Encoding
Content-Language: en
Expires: -1
Cache-Control: private, max-age=0, no-cache, no-store
Accept-Ranges: bytes
Content-Type: application/x-javascript;charset=iso-8859-1
Cw-Server: bh-deployment-6fcd67557-k6qkx
X-Cache-Hits: 0

Redirect headers

pragma: no-cache
date: Mon, 24 Jun 2019 07:45:01 GMT
server: HTTP server (unknown)
location: https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEBwjl8Fj_tOu9BTNirOcmTs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 306
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK getjs.static.js Show response
tag-st.contextweb.com/TagPublish/ 32 KB
33 KB 45ms
7ms Script
application/x-javascript 151.101.0.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://tag-st.contextweb.com/TagPublish/getjs.static.js?v=30
Requested by: Host: tag.contextweb.com
URL: https://tag.contextweb.com/TagPublish/getjs.aspx?action=VIEWAD&cwrun=200&cwadformat=300X250&cwpid=547496&cwwidth=300&cwheight=250&cwpnet=1&cwtagid=128071
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.0.166 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: envoy /
Resource Hash: bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Mon, 24 Jun 2019 07:45:01 GMT
Via: 1.1 varnish
Age: 244
X-Cache: HIT
p3p: policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
x-envoy-upstream-service-time: 2
Connection: keep-alive
Content-Length: 33021
X-Served-By: cache-fra19170-FRA
server: envoy
X-Timer: S1561362301.046206,VS0,VE0
etag: d13c8ae45565efb782b52cb7f6a3b3828e3d77a7
content-type: application/x-javascript
cache-control: max-age=432000, public
Accept-Ranges: bytes
X-Cache-Hits: 5

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
114 B 717ms
715ms Stylesheet
text/css 2a00:1450:4001:81a::2009
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=3867102894804831668&zx=38287843-fbc0-42f9-8322-92c28cc94b0a

Requested by

Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 21
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 24 Jun 2019 07:45:01 GMT
server: GSE
date: Mon, 24 Jun 2019 07:45:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 190 KB
57 KB 19ms
6ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=810a7290bc4c60c4bd226b13f68a425f&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

135153f77c703ebbd48c85adbe358f46fe357137fc0c2467bc2ba2ce71348b9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.pwnthis.net/search/label/Slotomania
Origin: http://www.pwnthis.net

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: p6tKuxWhCmmfw5TF3M9zuw==
status: 200
date: Mon, 24 Jun 2019 07:45:01 GMT
vary: Accept-Encoding
content-length: 57383
x-fb-debug: U01IM1NiEgYBiTbgq2ZHK5+abROD/0Q7BLoS/u3sBxbZ1gvfS3kvdl6k3KdxLsdpA0xU/DN2ST1BbeZTlVNrmw==
x-fb-trip-id: 660048238
x-fb-content-md5: ac093b6df97b62265f04bc6d678cd77a
etag: "4ba1aaa2014fd041605e5cfba79f4aab"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Tue, 23 Jun 2020 06:23:33 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 0A72 0
0 100ms
100ms Document
text/html 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3090693951005014&output=html&h=250&slotname=6001321194&adk=140015663&adf=83885205&w=300&lmt=1528958665&npa=1&guci=1.2.0.0.2.1.0.0&format=300x250&url=http%3A%2F%2Fwww.pwnthis.net%2Fsearch%2Flabel%2FSlotomania&flash=0&avail_w=0&wgl=1&adsid=NT&dt=1561362300890&bpp=22&bdt=764&fdt=130&idt=130&shv=r20190617&cbv=r20190131&saldr=aa&abxe=1&correlator=6039146698243&frm=20&pv=2&ga_vid=1856970383.1561362301&ga_sid=1561362301&ga_hid=824463618&ga_fc=1&iag=0&icsg=549756504576&dssz=33&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=324&ady=206&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=1&uci=1.o4qhhwbhdzqd&fsb=1&xpc=DOnoOvn512&p=http%3A//www.pwnthis.net&dtd=150

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20190617/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3090693951005014&output=html&h=250&slotname=6001321194&adk=140015663&adf=83885205&w=300&lmt=1528958665&npa=1&guci=1.2.0.0.2.1.0.0&format=300x250&url=http%3A%2F%2Fwww.pwnthis.net%2Fsearch%2Flabel%2FSlotomania&flash=0&avail_w=0&wgl=1&adsid=NT&dt=1561362300890&bpp=22&bdt=764&fdt=130&idt=130&shv=r20190617&cbv=r20190131&saldr=aa&abxe=1&correlator=6039146698243&frm=20&pv=2&ga_vid=1856970383.1561362301&ga_sid=1561362301&ga_hid=824463618&ga_fc=1&iag=0&icsg=549756504576&dssz=33&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=324&ady=206&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=1&uci=1.o4qhhwbhdzqd&fsb=1&xpc=DOnoOvn512&p=http%3A//www.pwnthis.net&dtd=150
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: http://www.pwnthis.net/search/label/Slotomania
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.pwnthis.net/search/label/Slotomania

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 24 Jun 2019 07:45:01 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: IDE=AHWqTUmh4Jsa5d6TBTLmAlfi4ng8bb6rjXFVa09Z5V750JSKrVC5nRMOJh6mOhSU; expires=Sat, 18-Jul-2020 07:45:01 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
expires: Mon, 24 Jun 2019 07:45:01 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 75 KB
28 KB 39ms
37ms Script
text/javascript 2a00:1450:4001:815::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20190617/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

7cec930c8706e25c7dddb1c12ebae9580ae10207817d7ff122600e6dae6ec10d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Jun 2019 07:45:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1561115551053641"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 28356
x-xss-protection: 0
expires: Mon, 24 Jun 2019 07:45:01 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame AA8C 0
0 96ms
95ms Document
text/html 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3090693951005014&output=html&h=250&slotname=6001321194&adk=140015663&adf=1207257747&w=300&lmt=1528958665&npa=1&guci=1.2.0.0.2.1.0.0&format=300x250&url=http%3A%2F%2Fwww.pwnthis.net%2Fsearch%2Flabel%2FSlotomania&flash=0&avail_w=0&wgl=1&adsid=NT&dt=1561362300913&bpp=12&bdt=788&fdt=143&idt=143&shv=r20190617&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250&correlator=6039146698243&frm=20&pv=1&ga_vid=1856970383.1561362301&ga_sid=1561362301&ga_hid=824463618&ga_fc=1&iag=0&icsg=9345849526784&dssz=34&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=626&ady=206&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=2&uci=2.uojcgxz6elas&fsb=1&xpc=1jLRxT2DTT&p=http%3A//www.pwnthis.net&dtd=147

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20190617/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3090693951005014&output=html&h=250&slotname=6001321194&adk=140015663&adf=1207257747&w=300&lmt=1528958665&npa=1&guci=1.2.0.0.2.1.0.0&format=300x250&url=http%3A%2F%2Fwww.pwnthis.net%2Fsearch%2Flabel%2FSlotomania&flash=0&avail_w=0&wgl=1&adsid=NT&dt=1561362300913&bpp=12&bdt=788&fdt=143&idt=143&shv=r20190617&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250&correlator=6039146698243&frm=20&pv=1&ga_vid=1856970383.1561362301&ga_sid=1561362301&ga_hid=824463618&ga_fc=1&iag=0&icsg=9345849526784&dssz=34&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=626&ady=206&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=2&uci=2.uojcgxz6elas&fsb=1&xpc=1jLRxT2DTT&p=http%3A//www.pwnthis.net&dtd=147
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: http://www.pwnthis.net/search/label/Slotomania
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.pwnthis.net/search/label/Slotomania

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 24 Jun 2019 07:45:01 GMT
server: cafe
content-length: 206
x-xss-protection: 0
set-cookie: IDE=AHWqTUmFcH5qdZ1X01rfHZyKvMaSyeEMiWtw6McJ3V6YoTrbRsBJYbKgJNVpGywr; expires=Sat, 18-Jul-2020 07:45:01 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
expires: Mon, 24 Jun 2019 07:45:01 GMT
cache-control: private

GET
H2 200 xd_arbiter.php
staticxx.facebook.com/connect/ Frame 3BD4 0
0 32ms
6ms Document
text/html 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter.php?version=44

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=810a7290bc4c60c4bd226b13f68a425f&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter.php?version=44
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: http://www.pwnthis.net/search/label/Slotomania
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.pwnthis.net/search/label/Slotomania

Response headers

status: 200
content-type: text/html; charset=utf-8
expires: Sat, 20 Jun 2020 20:57:45 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: br
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: public,max-age=31536000,immutable
x-fb-debug: 7pkCJ1XmYOOrlY7sFhicNvtGlO12wg9jdkIFCNMSQ1ophDIfcY7A2HzcuW/LQl+H0+vO2p4Tvtf3HRxts2RINg==
content-length: 11197
x-fb-trip-id: 660048238
date: Mon, 24 Jun 2019 07:45:01 GMT

GET
H/1.1 404
Not Found pagenumbers.js
bplugins.googlecode.com/files/ 0
0 28ms
14ms Script
text/html 2a00:1450:400c:c0c::52
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://bplugins.googlecode.com/files/pagenumbers.js
Requested by: Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania
Protocol: HTTP/1.1
Security: , ,
Server: 2a00:1450:400c:c0c::52 Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 GetAd.aspx Show response
ams-ads.contextweb.com/TagPublish/ Frame 47BF 4 KB
2 KB 46ms
22ms Script
application/x-javascript 74.214.194.131
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://ams-ads.contextweb.com/TagPublish/GetAd.aspx?tagver=1&ca=VIEWAD&cp=547496&ct=128071&cwod=&epid=&esid=&ccid=&wp=0&cf=300X250&asv=30&eid=&rq=1&dw=1600&cwu=http%3A%2F%2Fwww.pwnthis.net%2Fsearch%2Flabel%2FSlotomania&cwr=&mrnd=37861188&if=0&tl=1&pxy=959,305&cxy=1600,1200&dxy=1600,177&tz=0&ln=en-US&acid=pp_ad_container_0
Requested by: Host: tag-st.contextweb.com
URL: https://tag-st.contextweb.com/TagPublish/getjs.static.js?v=30
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 74.214.194.131 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software: envoy /
Resource Hash: 9eef818dba8f4725cf3a587dac2a2f5e3f443a34d5a6149c9cc625ca92dba1d0

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jun 2019 07:45:00 GMT
content-encoding: gzip
server: envoy
p3p: policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
status: 200
cache-control: private, max-age=0, no-cache, no-store
cwdl: 12/110
x-envoy-upstream-service-time: 3
content-type: application/x-javascript; charset=utf-8
cw-server: TAG-DEPLOYMENT-56955F868-CGD8Q:8080 TAG-DEPLOYMENT-56955F868-CGD8Q:8080
content-length: 1716
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK GetAd.aspx Show response
ams-ads.contextweb.com/TagPublish/ Frame E749 3 KB
2 KB 49ms
19ms Script
application/x-javascript 74.214.194.131
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to

Full URL: http://ams-ads.contextweb.com/TagPublish/GetAd.aspx?tagver=1&ca=VIEWAD&cp=547496&ct=128609&cwod=&epid=&esid=&ccid=&wp=0&cf=160X600&asv=30&eid=&rq=1&dw=1600&cwu=http%3A%2F%2Fwww.pwnthis.net%2Fsearch%2Flabel%2FSlotomania&cwr=&mrnd=23235507&if=0&tl=2&pxy=1117,562&cxy=1600,1200&dxy=1600,177&tz=0&ln=en-US&acid=pp_ad_container_1
Requested by: Host: tag-st.contextweb.com
URL: https://tag-st.contextweb.com/TagPublish/getjs.static.js?v=30
Protocol: HTTP/1.1
Security: , ,
Server: 74.214.194.131 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software: envoy /
Resource Hash: e53eb81ffed9865e46ffdfd738234d2ba11ea2fe6d53c54ff397c617d4b2facd

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jun 2019 07:45:00 GMT
content-encoding: gzip
server: envoy
p3p: policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cwdl: 12/110
x-envoy-upstream-service-time: 1
content-type: application/x-javascript; charset=utf-8
cw-server: TAG-DEPLOYMENT-56955F868-XVNHZ:8080 TAG-DEPLOYMENT-56955F868-XVNHZ:8080
content-length: 1441
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 404
Not Found pagenumbers.js
bplugins.googlecode.com/files/ 0
0 14ms
14ms Script
text/html 2a00:1450:400c:c0c::52
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://bplugins.googlecode.com/files/pagenumbers.js
Requested by: Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania
Protocol: HTTP/1.1
Security: , ,
Server: 2a00:1450:400c:c0c::52 Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET ttj
ads.fidelity-media.com/ Frame 47BF 0
0

GET
H/1.1 200
OK l.gif
pp-m.ns1p.net/a/ Frame 47BF 43 B
351 B 48ms
8ms Image
image/gif 45.77.54.226
Choopa

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pp-m.ns1p.net/a/l.gif?t=XvGyz

Requested by

Host: ams-ads.contextweb.com
URL: https://ams-ads.contextweb.com/TagPublish/GetAd.aspx?tagver=1&ca=VIEWAD&cp=547496&ct=128071&cwod=&epid=&esid=&ccid=&wp=0&cf=300X250&asv=30&eid=&rq=1&dw=1600&cwu=http%3A%2F%2Fwww.pwnthis.net%2Fsearch%2Flabel%2FSlotomania&cwr=&mrnd=37861188&if=0&tl=1&pxy=959,305&cxy=1600,1200&dxy=1600,177&tz=0&ln=en-US&acid=pp_ad_container_0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.77.54.226 Frankfurt am Main, Germany, ASN20473 (AS-CHOOPA - Choopa, LLC, US),

Reverse DNS

45.77.54.226.vultr.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 24 Jun 2019 07:45:01 GMT
X-Content-Type-Options: nosniff
Server: nginx
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H2 204 400066.gif
idsync.rlcdn.com/ Frame 47BF 0
62 B 153ms
120ms Image
text/plain 34.95.92.78
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/400066.gif?partner_uid=QcI2apbscy2Y&gdpr=1&gdpr_consent=
Requested by: Host: ams-ads.contextweb.com
URL: https://ams-ads.contextweb.com/TagPublish/GetAd.aspx?tagver=1&ca=VIEWAD&cp=547496&ct=128071&cwod=&epid=&esid=&ccid=&wp=0&cf=300X250&asv=30&eid=&rq=1&dw=1600&cwu=http%3A%2F%2Fwww.pwnthis.net%2Fsearch%2Flabel%2FSlotomania&cwr=&mrnd=37861188&if=0&tl=1&pxy=959,305&cxy=1600,1200&dxy=1600,177&tz=0&ln=en-US&acid=pp_ad_container_0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.92.78 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 78.92.95.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Mon, 24 Jun 2019 07:45:01 GMT
via: 1.1 google
alt-svc: clear

GET
H/1.1

200
OK

demconf.jpg Show response
dpm.demdex.net/ Frame 47BF
Redirect Chain

https://dpm.demdex.net/ibs:dpid=96678&dpuuid=QcI2apbscy2Y
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=96678&dpuuid=QcI2apbscy2Y

42 B
769 B

36ms
35ms

Script
image/gif

34.246.137.239
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=96678&dpuuid=QcI2apbscy2Y
Requested by: Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.137.239 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-246-137-239.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v036-00ef52c71.edge-irl1.demdex.com 5.55.1.20190621110006 3ms
Pragma: no-cache
X-TID: hAxlWcyXSTE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
X-TID: w1mIHpqJTic=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=96678&dpuuid=QcI2apbscy2Y
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK viewability.min.js Show response
tag.contextweb.com/TagPublish/viewability/ Frame 47BF 31 KB
10 KB 22ms
20ms Script
application/x-javascript 74.214.194.131
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to

Full URL: http://tag.contextweb.com/TagPublish/viewability/viewability.min.js?v=3.2.0
Requested by: Host: ams-ads.contextweb.com
URL: https://ams-ads.contextweb.com/TagPublish/GetAd.aspx?tagver=1&ca=VIEWAD&cp=547496&ct=128071&cwod=&epid=&esid=&ccid=&wp=0&cf=300X250&asv=30&eid=&rq=1&dw=1600&cwu=http%3A%2F%2Fwww.pwnthis.net%2Fsearch%2Flabel%2FSlotomania&cwr=&mrnd=37861188&if=0&tl=1&pxy=959,305&cxy=1600,1200&dxy=1600,177&tz=0&ln=en-US&acid=pp_ad_container_0
Protocol: HTTP/1.1
Security: , ,
Server: 74.214.194.131 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software: envoy /
Resource Hash: c8007825ae248427d1a9c9b41c38bbfd2c381c8311e72828f768a2c4b664558b

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Jun 2019 07:45:01 GMT
content-encoding: gzip
server: envoy
etag: 240c35d56e13fdf0ccffd2e405965486bc0fc8c6
p3p: policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: max-age=432000, public, must-revalidate
x-envoy-upstream-service-time: 2
content-type: application/x-javascript
content-length: 9842

GET
H/1.1 200
OK widget_iframe.d753e00c3e838c1b2558149bd3f6ecb8.html
platform.twitter.com/widgets/ Frame F98A 0
0 33ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.d753e00c3e838c1b2558149bd3f6ecb8.html?origin=http%3A%2F%2Fwww.pwnthis.net
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40FC) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://www.pwnthis.net/search/label/Slotomania
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.pwnthis.net/search/label/Slotomania

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Mon, 24 Jun 2019 07:45:01 GMT
Etag: "7d3f6ed140174a20e7c8be261a70a863"
Last-Modified: Wed, 05 Jun 2019 16:49:09 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40FC)
X-Cache: HIT
Content-Length: 15194

GET
H/1.1 200
OK button.509719336ca39171c37a321231ccaf83.js Show response
platform.twitter.com/js/ 7 KB
7 KB 33ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.509719336ca39171c37a321231ccaf83.js
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40D2) /
Resource Hash: 748fd5acb7dc8340d5f4d220fc0e181b1a0caa8d532f398e727acbefbb427c7f

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 24 Jun 2019 07:45:01 GMT
Last-Modified: Wed, 05 Jun 2019 16:49:01 GMT
Server: ECS (fcn/40D2)
Etag: "b1ab34c2b2497b898d66dafcd50118ea"
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
Content-Length: 6910

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame B4BC 0
0 18ms
17ms Document
text/html 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3090693951005014&output=html&adk=1812271804&adf=3025194257&lmt=1528958665&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&npa=1&guci=1.2.0.0.2.1.0.0&format=0x0&url=http%3A%2F%2Fwww.pwnthis.net%2Fsearch%2Flabel%2FSlotomania&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1561362301258&bpp=13&bdt=1132&fdt=14&idt=15&shv=r20190617&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250&nras=1&correlator=6039146698243&frm=20&pv=1&ga_vid=1856970383.1561362301&ga_sid=1561362301&ga_hid=824463618&ga_fc=1&iag=0&icsg=45139099660&dssz=45&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=2&uci=2.jgoz9pobxuxe&fsb=1&dtd=20

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20190617/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3090693951005014&output=html&adk=1812271804&adf=3025194257&lmt=1528958665&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&npa=1&guci=1.2.0.0.2.1.0.0&format=0x0&url=http%3A%2F%2Fwww.pwnthis.net%2Fsearch%2Flabel%2FSlotomania&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1561362301258&bpp=13&bdt=1132&fdt=14&idt=15&shv=r20190617&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250&nras=1&correlator=6039146698243&frm=20&pv=1&ga_vid=1856970383.1561362301&ga_sid=1561362301&ga_hid=824463618&ga_fc=1&iag=0&icsg=45139099660&dssz=45&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=2&uci=2.jgoz9pobxuxe&fsb=1&dtd=20
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: http://www.pwnthis.net/search/label/Slotomania
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUmFcH5qdZ1X01rfHZyKvMaSyeEMiWtw6McJ3V6YoTrbRsBJYbKgJNVpGywr
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.pwnthis.net/search/label/Slotomania

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 24 Jun 2019 07:45:01 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"

GET
H2

200

xd_arbiter.php
staticxx.facebook.com/connect/ Frame 09FC
Redirect Chain

https://www.facebook.com/connect/ping?client_id=207630375915744&domain=www.pwnthis.net&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df2d...
https://staticxx.facebook.com/connect/xd_arbiter.php?version=44

0
0

7ms
6ms

Document
text/html

2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter.php?version=44

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=810a7290bc4c60c4bd226b13f68a425f&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter.php?version=44
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: http://www.pwnthis.net/search/label/Slotomania
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.pwnthis.net/search/label/Slotomania

Response headers

status: 200
content-type: text/html; charset=utf-8
expires: Sat, 20 Jun 2020 20:57:45 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: br
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: public,max-age=31536000,immutable
x-fb-debug: 7pkCJ1XmYOOrlY7sFhicNvtGlO12wg9jdkIFCNMSQ1ophDIfcY7A2HzcuW/LQl+H0+vO2p4Tvtf3HRxts2RINg==
content-length: 11197
x-fb-trip-id: 660048238
date: Mon, 24 Jun 2019 07:45:01 GMT

Redirect headers

status: 302
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
strict-transport-security: max-age=15552000; preload
location: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44#cb=f2d586511b7e2e8&domain=www.pwnthis.net&origin=http%3A%2F%2Fwww.pwnthis.net%2Fff09a386f0b494&relation=parent&error=unknown_user
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
x-content-type-options: nosniff
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: text/html; charset="utf-8"
x-fb-debug: FVr785V/rav2z/bZSv3t5fisoj00Xv5Pelu/iLud7sM1Xuj7jmYmC9fH0Bvh+RFnt9WL7io/YV+XEpvtiP9JzQ==
content-length: 0
date: Mon, 24 Jun 2019 07:45:01 GMT

GET
H2 200 cb=gapi.loaded_2 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.naXRhtwohDo.O/m=auth/exm=gapi_iframes,gapi_iframes_style_bubble,plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCNpTisN1K0yb42y97daiPInZaZD7g/ 75 KB
26 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81f::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.naXRhtwohDo.O/m=auth/exm=gapi_iframes,gapi_iframes_style_bubble,plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCNpTisN1K0yb42y97daiPInZaZD7g/cb=gapi.loaded_2

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

ea97b5a9851a258151238e3d9b75885a9382530ff50fd70a2f99d102ae8041dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 21 Jun 2019 18:18:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 20 Jun 2019 23:48:08 GMT
server: sffe
age: 221207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 26896
x-xss-protection: 0
expires: Sat, 20 Jun 2020 18:18:14 GMT

GET
H2 404 fastbutton
apis.google.com/se/0/_/+1/ Frame 117D 0
0 27ms
26ms Document
text/html 2a00:1450:4001:81f::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=tall&hl=en-US&origin=http%3A%2F%2Fwww.pwnthis.net&url=http%3A%2F%2Fwww.pwnthis.net%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.naXRhtwohDo.O%2Fam%3DwQE%2Fd%3D1%2Frs%3DAGLTcCNpTisN1K0yb42y97daiPInZaZD7g%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: apis.google.com
:scheme: https
:path: /se/0/_/+1/fastbutton?usegapi=1&size=tall&hl=en-US&origin=http%3A%2F%2Fwww.pwnthis.net&url=http%3A%2F%2Fwww.pwnthis.net%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.naXRhtwohDo.O%2Fam%3DwQE%2Fd%3D1%2Frs%3DAGLTcCNpTisN1K0yb42y97daiPInZaZD7g%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: http://www.pwnthis.net/search/label/Slotomania
accept-encoding: gzip, deflate, br
cookie: NID=186=Pug96KRxMSuMFAqdo_RPUbmhAePFvXv_fSHG0ato--YHZ0ZSqxNJpGzpyZDS9pOnnsMTSCU-8HhKc2dVXIRB1ChGRB_WKCTOWIRGJcuMnr43rsY9sDRhhR7JMa_5J8mVMFcBlPParS-DPnlu0ItTMiIVinm2lG7XtdSGEgO5h6I
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.pwnthis.net/search/label/Slotomania

Response headers

status: 404
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 24 Jun 2019 07:45:01 GMT
content-security-policy-report-only: script-src 'report-sample' 'nonce-PVoy9Z3WUMY5S17c5z12jg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"

GET
H2 200 like.php
www.facebook.com/plugins/ Frame 19D0 0
0 135ms
132ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?app_id=207630375915744&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df399ea594d51a54%26domain%3Dwww.pwnthis.net%26origin%3Dhttp%253A%252F%252Fwww.pwnthis.net%252Fff09a386f0b494%26relation%3Dparent.parent&container_width=0&font=verdana&href=http%3A%2F%2Fwww.pwnthis.net%2Fsearch%2Flabel%2FSlotomania&layout=box_count&locale=en_US&sdk=joey&send=false&show_faces=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=810a7290bc4c60c4bd226b13f68a425f&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?app_id=207630375915744&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df399ea594d51a54%26domain%3Dwww.pwnthis.net%26origin%3Dhttp%253A%252F%252Fwww.pwnthis.net%252Fff09a386f0b494%26relation%3Dparent.parent&container_width=0&font=verdana&href=http%3A%2F%2Fwww.pwnthis.net%2Fsearch%2Flabel%2FSlotomania&layout=box_count&locale=en_US&sdk=joey&send=false&show_faces=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: http://www.pwnthis.net/search/label/Slotomania
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.pwnthis.net/search/label/Slotomania

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: text/html; charset="utf-8"
x-fb-debug: khv8rfsDhlmAdwa8dZMMjNshBCm+4GKjvSQHo3PifCOgGGUfmHqdO5fYO2VNZdeOg/s7rLncHFTADLzevjjkBw==
date: Mon, 24 Jun 2019 07:45:01 GMT

GET ttj
ads.fidelity-media.com/ Frame E749 0
0

GET
H/1.1 200
OK l.gif
pp-m.ns1p.net/a/ Frame E749 43 B
351 B 15ms
7ms Image
image/gif 45.77.54.226
Choopa

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pp-m.ns1p.net/a/l.gif?t=JtRY7

Requested by

Host: ams-ads.contextweb.com
URL: http://ams-ads.contextweb.com/TagPublish/GetAd.aspx?tagver=1&ca=VIEWAD&cp=547496&ct=128609&cwod=&epid=&esid=&ccid=&wp=0&cf=160X600&asv=30&eid=&rq=1&dw=1600&cwu=http%3A%2F%2Fwww.pwnthis.net%2Fsearch%2Flabel%2FSlotomania&cwr=&mrnd=23235507&if=0&tl=2&pxy=1117,562&cxy=1600,1200&dxy=1600,177&tz=0&ln=en-US&acid=pp_ad_container_1

Protocol

HTTP/1.1

Security

, ,

Server

45.77.54.226 Frankfurt am Main, Germany, ASN20473 (AS-CHOOPA - Choopa, LLC, US),

Reverse DNS

45.77.54.226.vultr.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 24 Jun 2019 07:45:01 GMT
X-Content-Type-Options: nosniff
Server: nginx
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H/1.1 204
No Content 400066.gif
idsync.rlcdn.com/ Frame E749 0
81 B 122ms
114ms Image
text/plain 34.95.92.78
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://idsync.rlcdn.com/400066.gif?partner_uid=on2erhYETGmD&gdpr=1&gdpr_consent=
Requested by: Host: ams-ads.contextweb.com
URL: http://ams-ads.contextweb.com/TagPublish/GetAd.aspx?tagver=1&ca=VIEWAD&cp=547496&ct=128609&cwod=&epid=&esid=&ccid=&wp=0&cf=160X600&asv=30&eid=&rq=1&dw=1600&cwu=http%3A%2F%2Fwww.pwnthis.net%2Fsearch%2Flabel%2FSlotomania&cwr=&mrnd=23235507&if=0&tl=2&pxy=1117,562&cxy=1600,1200&dxy=1600,177&tz=0&ln=en-US&acid=pp_ad_container_1
Protocol: HTTP/1.1
Security: , ,
Server: 34.95.92.78 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 78.92.95.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 24 Jun 2019 07:45:01 GMT
Via: 1.1 google

GET
H/1.1

200
OK

demconf.jpg Show response
dpm.demdex.net/ Frame E749
Redirect Chain

http://dpm.demdex.net/ibs:dpid=96678&dpuuid=on2erhYETGmD
http://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=96678&dpuuid=on2erhYETGmD

42 B
910 B

35ms
35ms

Script
image/gif

34.246.137.239
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=96678&dpuuid=on2erhYETGmD
Requested by: Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania
Protocol: HTTP/1.1
Security: , ,
Server: 34.246.137.239 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-246-137-239.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v036-0a7d29319.edge-irl1.demdex.com 5.55.1.20190621110006 3ms
Pragma: no-cache
X-TID: nWRtD9OOTfY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
X-TID: uHMXLIjUQOc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: http://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=96678&dpuuid=on2erhYETGmD
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 postmessageRelay
accounts.google.com/o/oauth2/ Frame 8B5D 0
0 79ms
43ms Document
text/html 2a00:1450:4001:81c::200d
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fwww.pwnthis.net&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.naXRhtwohDo.O%2Fam%3DwQE%2Fd%3D1%2Frs%3DAGLTcCNpTisN1K0yb42y97daiPInZaZD7g%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.naXRhtwohDo.O/m=auth/exm=gapi_iframes,gapi_iframes_style_bubble,plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCNpTisN1K0yb42y97daiPInZaZD7g/cb=gapi.loaded_2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vUq2H3AGhClgWnl1yWRuJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Xss-Protection	0

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/postmessageRelay?parent=http%3A%2F%2Fwww.pwnthis.net&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.naXRhtwohDo.O%2Fam%3DwQE%2Fd%3D1%2Frs%3DAGLTcCNpTisN1K0yb42y97daiPInZaZD7g%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: http://www.pwnthis.net/search/label/Slotomania
accept-encoding: gzip, deflate, br
cookie: NID=186=Pug96KRxMSuMFAqdo_RPUbmhAePFvXv_fSHG0ato--YHZ0ZSqxNJpGzpyZDS9pOnnsMTSCU-8HhKc2dVXIRB1ChGRB_WKCTOWIRGJcuMnr43rsY9sDRhhR7JMa_5J8mVMFcBlPParS-DPnlu0ItTMiIVinm2lG7XtdSGEgO5h6I
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.pwnthis.net/search/label/Slotomania

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 24 Jun 2019 07:45:01 GMT
content-security-policy: script-src 'report-sample' 'nonce-vUq2H3AGhClgWnl1yWRuJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"

GET
H/1.1 200
OK tweet_button.d753e00c3e838c1b2558149bd3f6ecb8.en.html
platform.twitter.com/widgets/ Frame FE5C 0
0 17ms
17ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.d753e00c3e838c1b2558149bd3f6ecb8.en.html
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40E9) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://www.pwnthis.net/search/label/Slotomania
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.pwnthis.net/search/label/Slotomania

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Mon, 24 Jun 2019 07:45:01 GMT
Etag: "d504cffd1f6efab1430f415cd8b3a497"
Last-Modified: Wed, 05 Jun 2019 16:49:06 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40E9)
X-Cache: HIT
Content-Length: 33008

GET
H/1.1 200
OK p.js Show response
c.ns1p.net/ Frame 47BF 5 KB
5 KB 34ms
6ms Script
application/javascript 45.77.54.226
Choopa

General

Check archive.org

Show headers Download Go to

Full URL

http://c.ns1p.net/p.js?a=1mbjnam

Requested by

Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania

Protocol

HTTP/1.1

Security

, ,

Server

45.77.54.226 Frankfurt am Main, Germany, ASN20473 (AS-CHOOPA - Choopa, LLC, US),

Reverse DNS

45.77.54.226.vultr.com

Software

nginx /

Resource Hash

67e6c780fa5038f3e5057d01c0b0d7be4c136fcb0352f70137b04ea98adcd7e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 24 Jun 2019 07:45:01 GMT
X-Content-Type-Options: nosniff
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=86400, public
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Tue, 25 Jun 2019 07:45:01 GMT

GET
H/1.1 200
OK / Show response
s.ns1p.net/ Frame 47BF 135 B
466 B 51ms
10ms Script
application/javascript 45.76.91.25
Choopa

General

Check archive.org

Show headers Download Go to

Full URL

http://s.ns1p.net/?v=1536174158&a=1mbjnam

Requested by

Host: c.ns1p.net
URL: http://c.ns1p.net/p.js?a=1mbjnam

Protocol

HTTP/1.1

Security

, ,

Server

45.76.91.25 Frankfurt am Main, Germany, ASN20473 (AS-CHOOPA - Choopa, LLC, US),

Reverse DNS

45.76.91.25.vultr.com

Software

psched /

Resource Hash

76d8aa62915e06b3bef4054cf3de18c0dbe1e03458a8cc472cf84f300a3f83bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 24 Jun 2019 07:45:01 GMT
X-Content-Type-Options: nosniff
Server: psched
Etag: "3f5f63ac6d8c15979806da2362b69089c226be44"
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
Content-Length: 135
X-XSS-Protection: 1; mode=block
Expires: Mon, 24 Jun 2019 07:45:00 GMT

GET
H/1.1 200
OK p.js Show response
c.ns1p.net/ Frame E749 5 KB
5 KB 8ms
7ms Script
application/javascript 45.77.54.226
Choopa

General

Check archive.org

Show headers Download Go to

Full URL

http://c.ns1p.net/p.js?a=1mbjnam

Requested by

Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania

Protocol

HTTP/1.1

Security

, ,

Server

45.77.54.226 Frankfurt am Main, Germany, ASN20473 (AS-CHOOPA - Choopa, LLC, US),

Reverse DNS

45.77.54.226.vultr.com

Software

nginx /

Resource Hash

67e6c780fa5038f3e5057d01c0b0d7be4c136fcb0352f70137b04ea98adcd7e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 24 Jun 2019 07:45:01 GMT
X-Content-Type-Options: nosniff
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=86400, public
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Tue, 25 Jun 2019 07:45:01 GMT

GET
H/1.1 200
OK / Show response
s.ns1p.net/ Frame E749 121 B
452 B 18ms
8ms Script
application/javascript 45.76.91.25
Choopa

General

Check archive.org

Show headers Download Go to

Full URL

http://s.ns1p.net/?v=1536174158&a=1mbjnam

Requested by

Host: c.ns1p.net
URL: http://c.ns1p.net/p.js?a=1mbjnam

Protocol

HTTP/1.1

Security

, ,

Server

45.76.91.25 Frankfurt am Main, Germany, ASN20473 (AS-CHOOPA - Choopa, LLC, US),

Reverse DNS

45.76.91.25.vultr.com

Software

psched /

Resource Hash

e65dac8526d33a4b037d8fa6b0aaa2aa709db9ac2c3eb90f679c8a1b115265e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 24 Jun 2019 07:45:01 GMT
X-Content-Type-Options: nosniff
Server: psched
Etag: "b5d339fbb6040fc3ba349438b29682639f3154a2"
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
Content-Length: 121
X-XSS-Protection: 1; mode=block
Expires: Mon, 24 Jun 2019 07:45:00 GMT

GET
H/1.1 200
OK in Show response
go.adversal.com/ 0
148 B 295ms
148ms Script
application/javascript 67.192.42.10
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL: http://go.adversal.com/in?%7B%22plcs%22%3A%7B%221248820%22%3A%7B%22aus%22%3A%7B%221%22%3A%7B%22mt%22%3A%22B%22%2C%22asr%22%3A1%2C%22szinfo%22%3A%7B%22sz%22%3A%22300x250%22%2C%22psz%22%3A%22250x250%2C200x200%2C180x150%22%7D%2C%22cinfo%22%3A%7B%22csz%22%3A%22300x0%22%2C%22wsz%22%3A%221600x1200%22%2C%22docsz%22%3A%221585x2422%22%2C%22scnsz%22%3A%221600x1200%22%7D%7D%2C%222%22%3A%7B%22mt%22%3A%22B%22%2C%22asr%22%3A1%2C%22szinfo%22%3A%7B%22sz%22%3A%22160x600%22%7D%2C%22cinfo%22%3A%7B%22csz%22%3A%220x0%22%2C%22wsz%22%3A%221600x1200%22%2C%22docsz%22%3A%221585x2422%22%2C%22scnsz%22%3A%221600x1200%22%7D%7D%7D%7D%7D%2C%22c%22%3A2%2C%22dvc%22%3A%22dt%22%2C%22loc%22%3A%7B%22h2%22%3A%22www.pwnthis.net%22%2C%22u%22%3A%22http%3A%2F%2Fwww.pwnthis.net%2Fsearch%2Flabel%2FSlotomania%22%7D%7D
Requested by: Host: go.adversal.com
URL: http://go.adversal.com/as?id=1248820&size=300x250&promo_sizes=250x250,200x200,180x150&promo_alignment=center&v=2
Protocol: HTTP/1.1
Security: , ,
Server: 67.192.42.10 San Antonio, United States, ASN33070 (RMH-14 - Rackspace Hosting, US),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 24 Jun 2019 07:45:01 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: application/javascript

GET
H/1.1 200
OK l.gif
13vqq7w-m.ns1p.net/a/ Frame E749 43 B
423 B 40ms
9ms Image
image/gif 205.185.216.42
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://13vqq7w-m.ns1p.net/a/l.gif?t=lqhclq
Requested by: Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania
Protocol: HTTP/1.1
Security: , ,
Server: 205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 24 Jun 2019 07:45:01 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
ETag: "23349600"
X-HW: 1561362301.dop016.fr8.t,1561362301.cds060.fr8.c
Content-Type: image/gif
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=1
Connection: Keep-Alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 43

GET
H/1.1 200
OK 1x1.gif
1b1pnoz-m.ns1p.net/009890F/a/ Frame 47BF 42 B
342 B 42ms
7ms Image
image/gif 152.195.132.188
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://1b1pnoz-m.ns1p.net/009890F/a/1x1.gif?t=an4srg
Requested by: Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania
Protocol: HTTP/1.1
Security: , ,
Server: 152.195.132.188 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8F5A) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 24 Jun 2019 07:45:01 GMT
Last-Modified: Thu, 11 Oct 2018 03:31:06 GMT
Server: ECAcc (frc/8F5A)
Etag: "2101128801"
X-Cache: HIT
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 42
Expires: Mon, 01 Jul 2019 07:45:01 GMT

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
120 B 124ms
123ms Image
image/gif 104.244.42.72
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fwww.pwnthis.net%2Fsearch%2Flabel%2FSlotomania%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1561362301547%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%227e980dd%3A1559715853415%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Jun 2019 07:45:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
content-length: 65
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 116
pragma: no-cache
last-modified: Mon, 24 Jun 2019 07:45:01 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 59e6e79dd1c69f44123e2fb56b0c3ce1
x-transaction: 00b40a7500e1e76b
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1 200
OK l.gif
13vqq7w-m.ns1p.net/a/ Frame E749 43 B
423 B 11ms
11ms Image
image/gif 205.185.216.42
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://13vqq7w-m.ns1p.net/a/l.gif?t=aqjckj
Requested by: Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania
Protocol: HTTP/1.1
Security: , ,
Server: 205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 24 Jun 2019 07:45:01 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
ETag: "23349600"
X-HW: 1561362301.dop016.fr8.t,1561362301.cds060.fr8.c
Content-Type: image/gif
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=1
Connection: Keep-Alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 43

GET
H/1.1 200
OK 1x1.gif
1b1pnoz-m.ns1p.net/009890F/a/ Frame 47BF 42 B
342 B 9ms
8ms Image
image/gif 152.195.132.188
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://1b1pnoz-m.ns1p.net/009890F/a/1x1.gif?t=p1eodw
Requested by: Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania
Protocol: HTTP/1.1
Security: , ,
Server: 152.195.132.188 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8F5A) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 24 Jun 2019 07:45:01 GMT
Last-Modified: Thu, 11 Oct 2018 03:31:06 GMT
Server: ECAcc (frc/8F5A)
Etag: "2101128801"
X-Cache: HIT
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 42
Expires: Mon, 01 Jul 2019 07:45:01 GMT

GET
H/1.1 200
OK l.gif
13vqq7w-m.ns1p.net/a/ Frame E749 43 B
423 B 9ms
9ms Image
image/gif 205.185.216.42
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://13vqq7w-m.ns1p.net/a/l.gif?t=36syyo
Requested by: Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania
Protocol: HTTP/1.1
Security: , ,
Server: 205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 24 Jun 2019 07:45:01 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
ETag: "23349600"
X-HW: 1561362301.dop016.fr8.t,1561362301.cds060.fr8.c
Content-Type: image/gif
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=1
Connection: Keep-Alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 43

GET
H/1.1 200
OK 1x1.gif
1b1pnoz-m.ns1p.net/009890F/a/ Frame 47BF 42 B
342 B 11ms
10ms Image
image/gif 152.195.132.188
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://1b1pnoz-m.ns1p.net/009890F/a/1x1.gif?t=ck058d
Requested by: Host: www.pwnthis.net
URL: http://www.pwnthis.net/search/label/Slotomania
Protocol: HTTP/1.1
Security: , ,
Server: 152.195.132.188 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8F5A) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 24 Jun 2019 07:45:01 GMT
Last-Modified: Thu, 11 Oct 2018 03:31:06 GMT
Server: ECAcc (frc/8F5A)
Etag: "2101128801"
X-Cache: HIT
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 42
Expires: Mon, 01 Jul 2019 07:45:01 GMT

GET
H/1.1 204
No Content / Show response
b.ns1p.net/ Frame E749 0
267 B 59ms
7ms Script
application/javascript 45.76.91.25
Choopa

General

Check archive.org

Show headers Download Go to

Full URL

http://b.ns1p.net/?v=1536174158&a=1mbjnam&x=14izxfv&s=14vql4r&r=13vqq7w:i|200|9!i|200|11!i|200|13

Requested by

Host: c.ns1p.net
URL: http://c.ns1p.net/p.js?a=1mbjnam

Protocol

HTTP/1.1

Security

, ,

Server

45.76.91.25 Frankfurt am Main, Germany, ASN20473 (AS-CHOOPA - Choopa, LLC, US),

Reverse DNS

45.76.91.25.vultr.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 24 Jun 2019 07:45:01 GMT
X-Content-Type-Options: nosniff
Server: nginx
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
X-XSS-Protection: 1; mode=block
Expires: Mon, 24 Jun 2019 07:45:00 GMT

GET
H/1.1 204
No Content / Show response
b.ns1p.net/ Frame 47BF 0
267 B 42ms
7ms Script
application/javascript 45.76.91.25
Choopa

General

Check archive.org

Show headers Download Go to

Full URL

http://b.ns1p.net/?v=1536174158&a=1mbjnam&x=tth9l1&s=tha94l&r=1b1pnoz:i|200|44!i|200|14!i|200|31

Requested by

Host: c.ns1p.net
URL: http://c.ns1p.net/p.js?a=1mbjnam

Protocol

HTTP/1.1

Security

, ,

Server

45.76.91.25 Frankfurt am Main, Germany, ASN20473 (AS-CHOOPA - Choopa, LLC, US),

Reverse DNS

45.76.91.25.vultr.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.pwnthis.net/search/label/Slotomania
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 24 Jun 2019 07:45:01 GMT
X-Content-Type-Options: nosniff
Server: nginx
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
X-XSS-Protection: 1; mode=block
Expires: Mon, 24 Jun 2019 07:45:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.youtube.com
URL: https://www.youtube.com/embed/xo2zeK1NQXo

Domain: ads.fidelity-media.com
URL: http://ads.fidelity-media.com/ttj?id=1101707&size=300x250&promo_sizes=250x250,300x600,300x50,200x200,180x150,216x36&promo_alignment=center

Domain: ads.fidelity-media.com
URL: http://ads.fidelity-media.com/ttj?id=1101706&size=160x600&promo_sizes=120x600&promo_alignment=center

Verdicts & Comments Add Verdict or Comment

127 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.google.com/	1970-01-19 06:06:13	Name: NID Value: 186=dQ0fjBwYu2KAoEgbt_EEIanDNoBa-lzfmhXni-l3ncj7Le-Qq7XJY53BdBw5LxTLCmT2AMycKQb4z48vkn95L4CvyPSYj7-6lHTfRwM5fxB8rO7duriw20mh4NkRsLmqRGf5zTT-ho5qeV3jwFBnT6ikjkFfgdten-f_YTF9Krw

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
13vqq7w-m.ns1p.net
1b1pnoz-m.ns1p.net
2.bp.blogspot.com
3.bp.blogspot.com
4.bp.blogspot.com
accounts.google.com
ads.fidelity-media.com
ads.qadservice.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
ams-ads.contextweb.com
apis.google.com
b.ns1p.net
bh.contextweb.com
bplugins.googlecode.com
c.ns1p.net
cm.g.doubleclick.net
connect.facebook.net
dpm.demdex.net
go.adversal.com
go.padsdel.com
go.padstm.com
googleads.g.doubleclick.net
idsync.rlcdn.com
pagead2.googlesyndication.com
platform.twitter.com
pp-m.ns1p.net
resources.blogblog.com
s.ns1p.net
staticxx.facebook.com
syndication.twitter.com
tag-st.contextweb.com
tag.contextweb.com
www.blogger.com
www.facebook.com
www.google-analytics.com
www.googletagservices.com
www.kliptu.com
www.pwnthis.net
www.youtube.com
ads.fidelity-media.com
www.youtube.com
104.244.42.72
151.101.0.166
152.195.132.188
172.217.22.98
188.42.162.229
194.187.98.131
205.185.216.42
209.99.16.15
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:806::2001
2a00:1450:4001:806::2002
2a00:1450:4001:808::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:815::2002
2a00:1450:4001:818::2001
2a00:1450:4001:81a::2009
2a00:1450:4001:81b::2009
2a00:1450:4001:81c::2002
2a00:1450:4001:81c::200d
2a00:1450:4001:81c::200e
2a00:1450:4001:81d::200a
2a00:1450:4001:81e::2013
2a00:1450:4001:81f::2002
2a00:1450:4001:81f::200e
2a00:1450:4001:820::2002
2a00:1450:4001:821::2001
2a00:1450:400c:c0c::52
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.246.137.239
34.95.92.78
45.76.91.25
45.77.54.226
52.205.146.202
67.192.42.10
74.214.194.131
00814de5553816cf84b97a0badd5e9550a33455b3d5b75f0b73b28c9f15bcec5
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
0870a4508bc178306a11ed2b23e17d129226ebc2de988534d82324ff915cf9a6
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
135153f77c703ebbd48c85adbe358f46fe357137fc0c2467bc2ba2ce71348b9b
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
2073b6cd0859f58565e8f808db2a851ba64d0efe5904c8305a50b14705c14364
2090fbcdebbb13c1f0bc60e0749ddd513b8d69e88770b718f7d9da2439b20c5b
265fe1b54696335815ab023d04cda0e32678176e8ea01826ee9feb1c77615f55
270910e368e3e8eaf6b7292f9950778cb4cb1fb81093abdbbc8247449f15d265
55e8d40f6a1ee5b6df964b4ebcb378fcff6ca1a96c062a1d54b7b982567a5036
617229202229089622770a111fef4f514877475b89056525185a70e0cbc5bc95
664f5a1471a1147e2f6c3faa8818d723610048bf169da33b49aa0cdbb0f1c135
675eec2f14f92e7ec8fdc487ff3e14a3bce6d3550fc5f2cf7553d2cd38da3f4e
67e6c780fa5038f3e5057d01c0b0d7be4c136fcb0352f70137b04ea98adcd7e9
689b025d6053c65333dfda274577b96c7042f66043fa1bd3954eed1be736d772
748fd5acb7dc8340d5f4d220fc0e181b1a0caa8d532f398e727acbefbb427c7f
76d8aa62915e06b3bef4054cf3de18c0dbe1e03458a8cc472cf84f300a3f83bb
7cec930c8706e25c7dddb1c12ebae9580ae10207817d7ff122600e6dae6ec10d
7eaa6c54946e1b8598d1b3fa968b99821e963bc1ac4c1c16405dbee514751309
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
9a26b7a04b54ee7d8dc27d564a5513e982f0cd2567583c8071190250c804ed2d
9c8604e0fb6db5384ded555402216456ff70e17e242c8b54035c157c44eba3f0
9eef818dba8f4725cf3a587dac2a2f5e3f443a34d5a6149c9cc625ca92dba1d0
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b58b9fc86a2d745c752b33f27b67a8c4341d33c9928d85d08fd275c3e5bf2b0a
bb72ea15d1c2a397bff55af91b566de7f15c62e97cead113597592b9893d3df1
bc647c5406745d8548d90c846552faa6c50d5055b2fe5c5f1bde696d6787cbc7
bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69
c8007825ae248427d1a9c9b41c38bbfd2c381c8311e72828f768a2c4b664558b
c9a2e79465162fc19dbb8053c7aff236e46dad9b642aa73e2e49ee328b3918c7
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d04e70ca63e0d87f413eaf81a3adf7af3bba11367f3f4369f6a211c8b6be537f
d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
d539a910089008f073b426d44a496f1952ba01b9ff018425c18d21bea42aa128
d7f0e2bfc2c0cd54c6bfeec7780e7aa3d2a8eb1324228e719c947dff4751cde1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e53eb81ffed9865e46ffdfd738234d2ba11ea2fe6d53c54ff397c617d4b2facd
e65dac8526d33a4b037d8fa6b0aaa2aa709db9ac2c3eb90f679c8a1b115265e7
ea97b5a9851a258151238e3d9b75885a9382530ff50fd70a2f99d102ae8041dd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fc2506463ee7767edd50f6966ef07a193b0bc89cc115f77dc095e867f3e28d39
ff04606727a3a5fdf09a1f57a2d35a154aa6ce5244fa10a5d1b3ac1eed4b6252

www.pwnthis.net Open in urlscan Pro 2a00:1450:4001:81e::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

86 Requests

45 %HTTPS

59 %IPv6

26 Domains

42 Subdomains

36 IPs

5 Countries

834 kBTransfer

1858 kBSize

1 Cookies

12 Outgoing links

Redirected requests

86 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

www.pwnthis.net Open in urlscan Pro
2a00:1450:4001:81e::2013 Public Scan

Screenshot
Live screenshot

Full Image

86
Requests

45 %
HTTPS

59 %
IPv6

26
Domains

42
Subdomains

36
IPs

5
Countries

834 kB
Transfer

1858 kB
Size

1
Cookies

86 HTTP transactions
0 data transactions