www.888casino.it Open in urlscan Pro
108.138.36.13 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://gengingairt.com/?s=780278157952692846&ssk=4da7a5496ac4f5356e893a5aacfa08de&svar=1707596328&z=6757935&pz=4662709&...
Effective URL:
https://www.888casino.it/offerta-speciale/red-door.htm?utm_campaign=100138643_1842791_nodescription&utm_content=100138643...
Submission: On February 10 via manual (February 10th 2024, 11:26:38 pm UTC) from IT — Scanned from IT

Summary HTTP 79 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 20 IPs in 5 countries across 16 domains to perform 79 HTTP transactions. The main IP is 108.138.36.13, located in United States and belongs to AMAZON-02, US. The main domain is www.888casino.it.
TLS certificate: Issued by Amazon RSA 2048 M03 on December 11th 2023. Valid for: a year.

This is the only time www.888casino.it was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	172.64.134.23 172.64.134.23	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
18	139.45.197.251 139.45.197.251	9002 (RETN-AS) (RETN-AS)
1 1	34.102.137.201 34.102.137.201	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	217.147.127.42 217.147.127.42	() ()
1 5	108.138.36.13 108.138.36.13	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:803::201b	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:a658	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2600:9000:20c... 2600:9000:20c3:9600:1d:fa70:cfc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:350... 2a02:26f0:3500:889::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:26d... 2600:9000:26db:a800:3:1e5:8ac0:93a1	16509 (AMAZON-02) (AMAZON-02)
8	2606:4700::68... 2606:4700::6812:82ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	99.84.88.99 99.84.88.99	16509 (AMAZON-02) (AMAZON-02)
2	35.201.112.186 35.201.112.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
1	2600:9000:237... 2600:9000:237d:8200:1b:ed91:4680:93a1	16509 (AMAZON-02) (AMAZON-02)
1	216.239.38.21 216.239.38.21	15169 (GOOGLE) (GOOGLE)
2	51.104.148.203 51.104.148.203	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
79	20

16 172.64.134.23 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

gengingairt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 139.45.197.251 (United Kingdom)

ASN9002 (RETN-AS, GB)

jouteetu.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.137.201 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 201.137.102.34.bc.googleusercontent.com

34.102.137.201	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.147.127.42 (Gibraltar) 1 redirects

ASN- ()
PTR: ic.aff-handler.com

ic.aff-handler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 108.138.36.13 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-13.muc50.r.cloudfront.net

www.888casino.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:a658 (United States)

ASN13335 (CLOUDFLARENET, US)

optimizely-edge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:20c3:9600:1d:fa70:cfc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

images.images4us.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:889::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26db:a800:3:1e5:8ac0:93a1 (United States)

ASN16509 (AMAZON-02, US)

stage-casino-staticcontent.safe-iplay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6812:82ec (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.88.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-99.muc50.r.cloudfront.net

t.contentsquare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.112.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:237d:8200:1b:ed91:4680:93a1 (United States)

ASN16509 (AMAZON-02, US)

csxd.contentsquare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.38.21 (United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2615.1e100.net

analytics.888casino.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.104.148.203 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.az.contentsquare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	jouteetu.net jouteetu.net — Cisco Umbrella Rank: 42908
16	gengingairt.com gengingairt.com	66 KB
8	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 337	129 KB
8	images4us.com images.images4us.com — Cisco Umbrella Rank: 463631	427 KB
6	888casino.it 1 redirects www.888casino.it analytics.888casino.it	35 KB
4	contentsquare.net t.contentsquare.net — Cisco Umbrella Rank: 3684 csxd.contentsquare.net — Cisco Umbrella Rank: 12981 c.az.contentsquare.net — Cisco Umbrella Rank: 7021	78 KB
4	googleapis.com storage.googleapis.com — Cisco Umbrella Rank: 335	114 KB
3	fullstory.com edge.fullstory.com — Cisco Umbrella Rank: 2103 rs.fullstory.com — Cisco Umbrella Rank: 2130	70 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
3	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 11964	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	207 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 553	308 B
1	safe-iplay.com stage-casino-staticcontent.safe-iplay.com — Cisco Umbrella Rank: 881835	17 KB
1	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 902	82 KB
1	optimizely-edge.com optimizely-edge.com — Cisco Umbrella Rank: 153287	9 KB
1	aff-handler.com 1 redirects ic.aff-handler.com — Cisco Umbrella Rank: 737717	596 B
79	16

	Domain	Requested by
18	jouteetu.net	gengingairt.com
16	gengingairt.com	gengingairt.com
8	cdn.cookielaw.org	www.googletagmanager.com cdn.cookielaw.org gengingairt.com
8	images.images4us.com	www.888casino.it
5	www.888casino.it	1 redirects gengingairt.com www.888casino.it
4	storage.googleapis.com	www.888casino.it
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	my.rtmark.net	gengingairt.com
2	c.az.contentsquare.net
2	edge.fullstory.com	gengingairt.com edge.fullstory.com
2	www.googletagmanager.com	www.888casino.it www.googletagmanager.com
1	analytics.888casino.it	www.googletagmanager.com
1	csxd.contentsquare.net	t.contentsquare.net
1	rs.fullstory.com	edge.fullstory.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	t.contentsquare.net	www.googletagmanager.com
1	stage-casino-staticcontent.safe-iplay.com	storage.googleapis.com
1	cdn.optimizely.com	optimizely-edge.com
1	optimizely-edge.com	www.888casino.it
1	ic.aff-handler.com	1 redirects
79	20

This site contains links to these domains. Also see Links.

Domain
www.888.it
www.adm.gov.it
www.gamblingtherapy.org
www.onetrust.com

Subject Issuer	Validity	Valid
gengingairt.com GTS CA 1P5	`2024-01-31` - `2024-04-30`	3 months	crt.sh
rtmark.net R3	`2023-12-23` - `2024-03-22`	3 months	crt.sh
jouteetu.net R3	`2023-12-06` - `2024-03-05`	3 months	crt.sh
*.888casino.com Amazon RSA 2048 M03	`2023-12-11` - `2025-01-08`	a year	crt.sh
storage.googleapis.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-06-19` - `2024-06-18`	a year	crt.sh
*.images4us.com Amazon RSA 2048 M02	`2023-05-30` - `2024-06-28`	a year	crt.sh
cdn.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-01` - `2024-09-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.safe-iplay.com Amazon RSA 2048 M02	`2023-11-26` - `2024-12-24`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
t.contentsquare.net Amazon RSA 2048 M01	`2023-09-13` - `2024-10-11`	a year	crt.sh
edge.fullstory.com GTS CA 1D4	`2024-01-10` - `2024-04-09`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
rs.fullstory.com GTS CA 1D4	`2024-01-07` - `2024-04-06`	3 months	crt.sh
csxd-02.contentsquare.net Amazon RSA 2048 M02	`2023-08-02` - `2024-08-30`	a year	crt.sh
analytics.888casino.it GTS CA 1D4	`2024-01-17` - `2024-04-16`	3 months	crt.sh
dep.aa.contentsquare.net R3	`2023-12-31` - `2024-03-30`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.888casino.it/offerta-speciale/red-door.htm?utm_campaign=100138643_1842791_nodescription&utm_content=100138643&utm_medium=casap&utm_source=aff
Frame ID: 8BBB43F63A3DA996C76E7A18F3CEDC83
Requests: 80 HTTP requests in this frame

Frame: https://csxd.contentsquare.net/uxa/xdframe-single-domain-1.2.0.html?pid=70848
Frame ID: 9908B6BBBDD520DB7D5F097B6F0597F9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Gioca su 888casinoBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

https://gengingairt.com/?s=780278157952692846&ssk=4da7a5496ac4f5356e893a5aacfa08de&svar=1707596328&z... Page URL
https://gengingairt.com/?s=780278157952692846&ssk=4da7a5496ac4f5356e893a5aacfa08de&svar=1707596328&z... Page URL
http://34.102.137.201/2/PU_IT_PA_CS_DT_888?source=4662728&geo=IT&device_type=desktop&browser_type=... HTTP 302
https://ic.aff-handler.com/c/48365?sr=1842791 HTTP 302
https://www.888casino.it/offerta-speciale/red-door.htm?sr=1842791&mm_id=48365&utm_source=aff&utm_medi... HTTP 301
https://www.888casino.it/offerta-speciale/red-door.htm?utm_campaign=100138643_1842791_nodescription&u... Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

79
Requests

99 %
HTTPS

48 %
IPv6

16
Domains

20
Subdomains

20
IPs

5
Countries

1255 kB
Transfer

3282 kB
Size

22
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.888.it/gioco-responsabile.htm
Title: Gioco Responsabile

Search URL Search Domain Scan URL

URL: https://www.888.it/sicurezza-e-privacy/informativa-sulla-privacy.htm
Title: Informativa sulla Privacy

Search URL Search Domain Scan URL

URL: https://www.888.it/sicurezza-e-privacy/accordo-con-utente-real.htm
Title: Accordo Utente

Search URL Search Domain Scan URL

URL: https://www.888.it/contattaci.htm
Title: Contattaci

Search URL Search Domain Scan URL

URL: https://www.adm.gov.it/portale/
Title: Agenziadogane Monopoli

Search URL Search Domain Scan URL

URL: https://www.gamblingtherapy.org/it/
Title: Gt

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://gengingairt.com/?s=780278157952692846&ssk=4da7a5496ac4f5356e893a5aacfa08de&svar=1707596328&z=6757935&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Rome&bto=-60 Page URL
https://gengingairt.com/?s=780278157952692846&ssk=4da7a5496ac4f5356e893a5aacfa08de&svar=1707596328&z=6757935&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Rome&bto=-60&rdc=2 Page URL
http://34.102.137.201/2/PU_IT_PA_CS_DT_888?source=4662728&geo=IT&device_type=desktop&browser_type=chrome&os=windows&region=rm&useragent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/121.0.6167.160%20Safari/537.36&language=it&connection_type=mobile&internet_provider=poste%20italiane%20s.p.a.&carrier=poste_mobile-it&oaid=2fac9f39745588a5e88a327e76d53bff HTTP 302
https://ic.aff-handler.com/c/48365?sr=1842791 HTTP 302
https://www.888casino.it/offerta-speciale/red-door.htm?sr=1842791&mm_id=48365&utm_source=aff&utm_medium=casap&utm_content=100138643&utm_campaign=100138643_1842791_nodescription HTTP 301
https://www.888casino.it/offerta-speciale/red-door.htm?utm_campaign=100138643_1842791_nodescription&utm_content=100138643&utm_medium=casap&utm_source=aff Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

79 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
gengingairt.com/ 40 KB
14 KB 185ms
88ms Document
text/html 172.64.134.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gengingairt.com/?s=780278157952692846&ssk=4da7a5496ac4f5356e893a5aacfa08de&svar=1707596328&z=6757935&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Rome&bto=-60
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.134.23 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 09b5c454afe402d5402cfcd8870d51b1c688ae218ac2ca737aa9e7c84dc42eec

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85381e20dc7d9271-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 10 Feb 2024 23:26:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ymOvdIaF1%2FuQAUu3FPVseSPZ892CSRq%2B82f3eoA7QIT1xHPEBOSzxNtRmDm75G3V9XS0nqrskwHFhl%2FJgaUiyN9jFUClI7chrQ45qzOTVUHUAC91vdVZJu5Q2VylmEL3Q30%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
545 B 130ms
42ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?userId=2fac9f39745588a5e88a327e76d53bff

Requested by

Host: gengingairt.com
URL: https://gengingairt.com/?s=780278157952692846&ssk=4da7a5496ac4f5356e893a5aacfa08de&svar=1707596328&z=6757935&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Rome&bto=-60

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

beb5d5c355e3e579230fc9fe80f1358048351b58bab6e66a7a857d368c40793d

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gengingairt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 23:26:33 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gengingairt.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 micro.tag.min.js Show response
gengingairt.com/pfe/current/ 31 KB
12 KB 67ms
66ms Script
application/javascript 172.64.134.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gengingairt.com/pfe/current/micro.tag.min.js?z=4662709&ymid=780278157952692846&var=6757935&sw=/sw-check-permissions/4662709&uhd=1
Requested by: Host: gengingairt.com
URL: https://gengingairt.com/?s=780278157952692846&ssk=4da7a5496ac4f5356e893a5aacfa08de&svar=1707596328&z=6757935&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Rome&bto=-60
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.134.23 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c044369ca8856f06581f763d01a0394980980a470cfb7a284d4bba62d8463d2

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gengingairt.com/?s=780278157952692846&ssk=4da7a5496ac4f5356e893a5aacfa08de&svar=1707596328&z=6757935&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Rome&bto=-60
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 23:26:33 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 07 Feb 2024 12:34:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65c378bb-7def"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ki11%2FOIc0hgpt4XYBRvQF4seNtQSWInAMHjmZSzNrNSsWU03fvwAQSDc36SAEGB%2FgNTTrlu8OsQFCc1OU%2BSNB2e3ZX73QZtRuK11oV%2Ba5h6J4XxZs4gYQV7M2MpW1HPUqqg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 85381e219cec9271-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 / Show response
gengingairt.com/19/4662728/ 3 KB
3 KB 58ms
58ms XHR
application/json 172.64.134.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gengingairt.com/19/4662728/?abt_opts=1&var=6757935&var3=780278157952692846&ymid=&rhd=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.134.23 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d79bafaa63c3bd4315a6541c4b286d595656af88798efdd2a3b50a3e7e9f7bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gengingairt.com/?s=780278157952692846&ssk=4da7a5496ac4f5356e893a5aacfa08de&svar=1707596328&z=6757935&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Rome&bto=-60
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 23:26:33 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: c7aecb28bd9a5aee0c2356cd0757c026
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X0nciyPKhpUTxTgSgHTlizK7ysiPhUoZptAz45SzGjOyL3EkHM8kjgYfdhx%2BIjQ%2BRk6T7BB9lc8Gj%2BSgFtHR8%2FJkEAcLuJgxQtNbLGtIUNkcOQs1zuP5SQ%2BX6h7%2FJ5OltyM%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 85381e219ced9271-FRA
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
DATA 200
OK truncated
/ 327 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 / Show response
gengingairt.com/ 2 B
408 B 66ms
66ms XHR
application/json 172.64.134.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gengingairt.com/?s=780278157952692846&ssk=4da7a5496ac4f5356e893a5aacfa08de&svar=1707596328&z=6757935&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Rome&bto=-60&mprtr=1
Requested by: Host: gengingairt.com
URL: https://gengingairt.com/?s=780278157952692846&ssk=4da7a5496ac4f5356e893a5aacfa08de&svar=1707596328&z=6757935&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Rome&bto=-60
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.134.23 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gengingairt.com/?s=780278157952692846&ssk=4da7a5496ac4f5356e893a5aacfa08de&svar=1707596328&z=6757935&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Rome&bto=-60
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 23:26:33 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b4apS05UuGsTgu4KTsKq7JWxgMDwpBZOMSFac11jIEw2HnbO2gWYiya7tZPCNijJR7XSa12UvLTo8gmbkSERVTiPq5c4ky1qOQkLFAmlF3SyGRCreEq%2FtDiS%2FUqkubLYeAY%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 85381e219cf29271-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=86400

POST
H2 200 custom
jouteetu.net/ 0
0 103ms
32ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: gengingairt.com
URL: https://gengingairt.com/pfe/current/micro.tag.min.js?z=4662709&ymid=780278157952692846&var=6757935&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://gengingairt.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 4662709
gengingairt.com/sw-check-permissions/ 0
818 B 63ms
62ms Other
application/javascript 172.64.134.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gengingairt.com/sw-check-permissions/4662709?var=6757935&ymid=780278157952692846&uhd=1&zoneId=4662709
Requested by: Host: gengingairt.com
URL: https://gengingairt.com/pfe/current/micro.tag.min.js?z=4662709&ymid=780278157952692846&var=6757935&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.134.23 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gengingairt.com/?s=780278157952692846&ssk=4da7a5496ac4f5356e893a5aacfa08de&svar=1707596328&z=6757935&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Rome&bto=-60
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 23:26:33 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ap6ik0TrQgfB1iRB5znF%2FzjwV1aAxBg7lu0q7GJUs0nGkeRlBZALqOUyiMa2h39dYMcZr9b4d5kRtAuKF0Ot%2FkIL6G1K9zwiF2WzGQceKoU9S53fDbsdltAhvuwKJQuso8E%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray: 85381e221d3c9271-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400

POST
H2 200 custom
jouteetu.net/ 0
0 132ms
63ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: gengingairt.com
URL: https://gengingairt.com/pfe/current/micro.tag.min.js?z=4662709&ymid=780278157952692846&var=6757935&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://gengingairt.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 zone
gengingairt.com/ 0
435 B 57ms
57ms Ping
text/plain 172.64.134.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gengingairt.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=gengingairt.com&var=6757935&ymid=780278157952692846&var_3=&var_4=&dsig=&tg=1&sw=3.1.482&trace_id=7574f883-352a-4393-8eb2-a62770cf1d6d&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=

Requested by

Host: gengingairt.com
URL: https://gengingairt.com/pfe/current/micro.tag.min.js?z=4662709&ymid=780278157952692846&var=6757935&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.134.23 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gengingairt.com/?s=780278157952692846&ssk=4da7a5496ac4f5356e893a5aacfa08de&svar=1707596328&z=6757935&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Rome&bto=-60
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-trace-id: 4ecf80d607d5db2903fe56839789056a
date: Sat, 10 Feb 2024 23:26:33 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CMWFMOSqnJRknlOz5zPLV3jDEEhlcsYinYxU2A6jFHarswF%2BxM8rlKTJeLB1Gi7DZah8IvA8U%2BiyEu%2Be4MwKMBLzP6NOgs%2FQYfdro7qrSCuSP16Ust3XL1zSyEV6KSUWwXE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://gengingairt.com
access-control-allow-credentials: true
cf-ray: 85381e221d3e9271-FRA
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 0
alt-svc: h3=":443"; ma=86400

POST
H2 200 custom
jouteetu.net/ 0
0 131ms
62ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: gengingairt.com
URL: https://gengingairt.com/pfe/current/micro.tag.min.js?z=4662709&ymid=780278157952692846&var=6757935&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://gengingairt.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 100ms
31ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: gengingairt.com
URL: https://gengingairt.com/pfe/current/micro.tag.min.js?z=4662709&ymid=780278157952692846&var=6757935&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://gengingairt.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 130ms
62ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: gengingairt.com
URL: https://gengingairt.com/pfe/current/micro.tag.min.js?z=4662709&ymid=780278157952692846&var=6757935&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://gengingairt.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
543 B 50ms
43ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=780278157952692846&var=6757935

Requested by

Host: gengingairt.com
URL: https://gengingairt.com/pfe/current/micro.tag.min.js?z=4662709&ymid=780278157952692846&var=6757935&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ced7e277aebb0f282b15005b6ce447ab5ac586e15aca88ab825d29983993b402

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gengingairt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 23:26:33 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gengingairt.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

POST
H2 200 custom
jouteetu.net/ 0
0 124ms
61ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: gengingairt.com
URL: https://gengingairt.com/pfe/current/micro.tag.min.js?z=4662709&ymid=780278157952692846&var=6757935&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://gengingairt.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 71ms
70ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: gengingairt.com
URL: https://gengingairt.com/pfe/current/micro.tag.min.js?z=4662709&ymid=780278157952692846&var=6757935&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://gengingairt.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 zone
gengingairt.com/ 798 B
814 B 61ms
61ms Fetch
application/json 172.64.134.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gengingairt.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=gengingairt.com&var=6757935&ymid=780278157952692846&var_3=&var_4=&dsig=&tg=1&sw=3.1.482&trace_id=7574f883-352a-4393-8eb2-a62770cf1d6d&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=

Requested by

Host: gengingairt.com
URL: https://gengingairt.com/pfe/current/micro.tag.min.js?z=4662709&ymid=780278157952692846&var=6757935&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.134.23 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gengingairt.com/?s=780278157952692846&ssk=4da7a5496ac4f5356e893a5aacfa08de&svar=1707596328&z=6757935&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Rome&bto=-60
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 23:26:33 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-trace-id: 481a8c490b799691edf1b4cd0c5cff16
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BdaHLO05JQ3Ff6KuhO%2FOnToUoLpw0xJF6YfL0hKQGwmM4Um0qaUPTjFdVCkoPUXFQpiW%2F6WbXl1wDMY14nGIkQgDatkxug0yEZG%2B5LaWhq5RC1lLPcBhUz2TIS9cstSCVeM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 85381e221d499271-FRA
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept

POST
H2 200 custom
jouteetu.net/ 0
0 62ms
62ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: gengingairt.com
URL: https://gengingairt.com/pfe/current/micro.tag.min.js?z=4662709&ymid=780278157952692846&var=6757935&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://gengingairt.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 / Show response
gengingairt.com/ 40 KB
13 KB 103ms
103ms Document
text/html 172.64.134.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gengingairt.com/?s=780278157952692846&ssk=4da7a5496ac4f5356e893a5aacfa08de&svar=1707596328&z=6757935&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Rome&bto=-60&rdc=2
Requested by: Host: gengingairt.com
URL: https://gengingairt.com/?s=780278157952692846&ssk=4da7a5496ac4f5356e893a5aacfa08de&svar=1707596328&z=6757935&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Rome&bto=-60
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.134.23 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 4ce5af480456e2978b8d22739996e6e5851c78707c298e39b74298d957f7300c

Request headers

Referer: https://gengingairt.com/?s=780278157952692846&ssk=4da7a5496ac4f5356e893a5aacfa08de&svar=1707596328&z=6757935&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Rome&bto=-60
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85381e228c083a70-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 10 Feb 2024 23:26:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O5PDyMh1%2BY54NOdYxvKorEzfb8lBKWvYDLEHHeTLgl8aJY9bZbBIIaNCrZwwVoUBHX0tblQThxrxrRzA8gVubYb7hSj2pVECqS1Q4kb7BqHgCEIAHPYaVCNFoYJveO22fxI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

POST
H2 200 custom
jouteetu.net/ 0
0 61ms
61ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: gengingairt.com
URL: https://gengingairt.com/pfe/current/micro.tag.min.js?z=4662709&ymid=780278157952692846&var=6757935&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://gengingairt.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 micro.tag.min.js Show response
gengingairt.com/pfe/current/ 31 KB
12 KB 84ms
84ms Script
application/javascript 172.64.134.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gengingairt.com/pfe/current/micro.tag.min.js?z=4662709&ymid=780278157952692846&var=6757935&sw=/sw-check-permissions/4662709&uhd=1
Requested by: Host: gengingairt.com
URL: https://gengingairt.com/?s=780278157952692846&ssk=4da7a5496ac4f5356e893a5aacfa08de&svar=1707596328&z=6757935&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Rome&bto=-60&rdc=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.134.23 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c044369ca8856f06581f763d01a0394980980a470cfb7a284d4bba62d8463d2

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gengingairt.com/?s=780278157952692846&ssk=4da7a5496ac4f5356e893a5aacfa08de&svar=1707596328&z=6757935&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Rome&bto=-60&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 23:26:33 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 07 Feb 2024 12:34:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65c378bb-7def"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UG2oUFjiBe2HYbwcJYfyNUPfwynhwblbTc3mlNwr8WB0kCIIYdnjf5XCkd5Kiv%2FCo94SU5VCR508erTX3pVKNdJl2A9UXgkJ10pnMh0336GZzwt5tTyjYBRvAg%2FDkf9vFrA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 85381e234ca93a70-FRA
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 327 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 / Show response
gengingairt.com/19/4662728/ 3 KB
3 KB 84ms
84ms XHR
application/json 172.64.134.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gengingairt.com/19/4662728/?abt_opts=1&var=6757935&var3=780278157952692846&ymid=&rhd=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.134.23 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cff5adf94024a5e101b3793aaf73bddf85416835e2eede9346400453d6f9389

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gengingairt.com/?s=780278157952692846&ssk=4da7a5496ac4f5356e893a5aacfa08de&svar=1707596328&z=6757935&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Rome&bto=-60&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 23:26:33 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: 1c67ff9e0e2b0c7d181c1e001fc65109
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=79ta7SbQS9xvxUuVlphdnHfp4TxMv0mLbbRkTTFZt%2F82SGbbuqQBG7mWe%2FHmkhBSioJC2TwImw3SeWqeN7eUvoUA4xfaouT5kGkKMv1FdAPOBS0bAJwoPZOqKWzlZJVn6zM%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 85381e234caa3a70-FRA
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H3 200 / Show response
gengingairt.com/ 2 B
527 B 74ms
74ms XHR
application/json 172.64.134.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gengingairt.com/?s=780278157952692846&ssk=4da7a5496ac4f5356e893a5aacfa08de&svar=1707596328&z=6757935&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Rome&bto=-60&rdc=2&mprtr=1
Requested by: Host: gengingairt.com
URL: https://gengingairt.com/?s=780278157952692846&ssk=4da7a5496ac4f5356e893a5aacfa08de&svar=1707596328&z=6757935&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Rome&bto=-60&rdc=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.134.23 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gengingairt.com/?s=780278157952692846&ssk=4da7a5496ac4f5356e893a5aacfa08de&svar=1707596328&z=6757935&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Rome&bto=-60&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 23:26:33 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4bQ3835JVpddnbWFYwh1%2FuNH1zQdf7JOCwZbbqPezrRnzeptzETyaKpkfdnNfnjnBSdJga%2BRIpTUQfMegiO4lasDk7NFaW77%2F2AQRYyfJ442SKU%2FTwPBoIklipLoMKDn368%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 85381e238cdb3a70-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=86400

GET
H3 200 rhd Show response
gengingairt.com/ 3 KB
3 KB 99ms
99ms Fetch
application/json 172.64.134.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gengingairt.com/rhd?rb=l5NMPvlZAfuOz46vdBDugTeq3zRqlJDkMGleNV5d7a4IRD5_D5QHUICTsV2sURDdSnkBJ_Yw_dbf6ukKjkyWLGjwR2YipJzd9LbhZNQ7JQLuTAnEhlS_j5JAMQsscNr6Tic8TAp3DOSe4j_70psly366NpiXOlOzfzVWcSCjBnf2cYxAox_0TFFU9vihLkNLd2c0oUw2P3s0U2jBzTN2Dg_Wddv-Ye_lk9ZwUCnPxcpFhUrpe4wTMcc81sipYWlRu-LCgdihLR4AN0LgTf-UYruD6s7AqwN0AeRbWeHADt_mvcY0ZW7wZ52D6LJQGhbUFwV4-6JELKfxtba0-bjJVoN9PxnMvG2UG6c0NacdDXBCejMSbFAEBLnLXJ4xsGeQ-OuULc5iAdxG42KVPY71tY36zdZVFf4KeC2tdYaKh0usCETWFD7gM0X_1FUCzDSNm_MT7GA6eAiWhC7gzqVCPTZ-ZoKoYTQ6JkGvx-sEtvf6vc9gIk6Yh4ziGxfsCQhpkArfADtlmVGTqUa4c65RRGcl59Ey8w0aVsyD3pZ1_wV8Df6-aD1mTv623Ms%3D&request_ab2=0&zoneid=4662728&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Fgengingairt.com%2F%3Fs%3D780278157952692846%26ssk%3D4da7a5496ac4f5356e893a5aacfa08de%26svar%3D1707596328%26z%3D6757935%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb%26btz%3DEurope%2FRome%26bto%3D-60%26rdc%3D2&drf=https%3A%2F%2Fgengingairt.com%2F%3Fs%3D780278157952692846%26ssk%3D4da7a5496ac4f5356e893a5aacfa08de%26svar%3D1707596328%26z%3D6757935%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb%26btz%3DEurope%2FRome%26bto%3D-60&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-unknown&var=6757935&var3=780278157952692846&ymid=&rhd=1&m=link

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.134.23 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9a4406ced5bdf6c486444220af580dd9f8e937d7e5cb6628d864178c349c4bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gengingairt.com/?s=780278157952692846&ssk=4da7a5496ac4f5356e893a5aacfa08de&svar=1707596328&z=6757935&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Rome&bto=-60&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 23:26:33 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: e103558879ba6c53fbbb4e2af35e4606
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=262T2cNYzRGvJz0Gems1IY7yyK4ETACJNeTom6E4TR1vIY%2BABkjdwUtmP0Nslw9Y%2FdFPxRNfCIkB4z%2F3%2BDjZzbUxOQK%2Bfx6hQz4PZ%2F3DJcItg4lvut9aWOaSdXdaJIxPPR0%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 85381e23cd593a70-FRA
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H2 200 custom
jouteetu.net/ 0
0 31ms
31ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: gengingairt.com
URL: https://gengingairt.com/pfe/current/micro.tag.min.js?z=4662709&ymid=780278157952692846&var=6757935&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gengingairt.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 4662709
gengingairt.com/sw-check-permissions/ 0
948 B 78ms
78ms Other
application/javascript 172.64.134.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gengingairt.com/sw-check-permissions/4662709?var=6757935&ymid=780278157952692846&uhd=1&zoneId=4662709
Requested by: Host: gengingairt.com
URL: https://gengingairt.com/pfe/current/micro.tag.min.js?z=4662709&ymid=780278157952692846&var=6757935&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.134.23 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gengingairt.com/?s=780278157952692846&ssk=4da7a5496ac4f5356e893a5aacfa08de&svar=1707596328&z=6757935&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Rome&bto=-60&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 23:26:33 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EOIqBjdy3RSgVLVmQ80X5QWMONM2vjI3nk1PZTWfxsHn%2FajAl67pcY1sFJxWoLwQrG4zJ6qyLtKITcuQ6Srkn5imxJ1qj3%2BEkVcsvbn8ZNVS8cF%2BP0OKbldZptnX9zU%2Bg3o%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray: 85381e23dd5f3a70-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400

POST
H2 200 custom
jouteetu.net/ 0
0 32ms
32ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: gengingairt.com
URL: https://gengingairt.com/pfe/current/micro.tag.min.js?z=4662709&ymid=780278157952692846&var=6757935&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gengingairt.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H3 200 zone
gengingairt.com/ 0
492 B 81ms
80ms Ping
text/plain 172.64.134.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gengingairt.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=gengingairt.com&var=6757935&ymid=780278157952692846&var_3=&var_4=&dsig=&tg=1&sw=3.1.482&trace_id=0ac7b7fa-4b92-4b34-89e5-fbb64bab09fe&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=

Requested by

Host: gengingairt.com
URL: https://gengingairt.com/pfe/current/micro.tag.min.js?z=4662709&ymid=780278157952692846&var=6757935&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.134.23 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gengingairt.com/?s=780278157952692846&ssk=4da7a5496ac4f5356e893a5aacfa08de&svar=1707596328&z=6757935&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Rome&bto=-60&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-trace-id: 637ad00e83b7b1fab2cef009b2389139
date: Sat, 10 Feb 2024 23:26:33 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tz6TOO3lKqs%2BJoMH1IXD%2Bnf9mmb3Nx5iMvdt6OXZJ%2BCygl2gdcU2XXzix8kHzM%2FL3Ov1W9XXRz%2F6MCdXbPncGZYdu3rKopwzeprW3sagX3Wg1NYAC8OPZRbGHn8jXHMNYt8%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://gengingairt.com
access-control-allow-credentials: true
cf-ray: 85381e23dd633a70-FRA
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 0
alt-svc: h3=":443"; ma=86400

POST
H2 200 custom
jouteetu.net/ 0
0 32ms
32ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: gengingairt.com
URL: https://gengingairt.com/pfe/current/micro.tag.min.js?z=4662709&ymid=780278157952692846&var=6757935&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gengingairt.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 33ms
32ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: gengingairt.com
URL: https://gengingairt.com/pfe/current/micro.tag.min.js?z=4662709&ymid=780278157952692846&var=6757935&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gengingairt.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 33ms
33ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: gengingairt.com
URL: https://gengingairt.com/pfe/current/micro.tag.min.js?z=4662709&ymid=780278157952692846&var=6757935&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gengingairt.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
543 B 41ms
41ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=780278157952692846&var=6757935

Requested by

Host: gengingairt.com
URL: https://gengingairt.com/pfe/current/micro.tag.min.js?z=4662709&ymid=780278157952692846&var=6757935&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ced7e277aebb0f282b15005b6ce447ab5ac586e15aca88ab825d29983993b402

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gengingairt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 23:26:33 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gengingairt.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

POST
H2 200 custom
jouteetu.net/ 0
0 36ms
35ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: gengingairt.com
URL: https://gengingairt.com/pfe/current/micro.tag.min.js?z=4662709&ymid=780278157952692846&var=6757935&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gengingairt.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 32ms
32ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: gengingairt.com
URL: https://gengingairt.com/pfe/current/micro.tag.min.js?z=4662709&ymid=780278157952692846&var=6757935&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gengingairt.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 zone Show response
gengingairt.com/ 798 B
983 B 82ms
82ms Fetch
application/json 172.64.134.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gengingairt.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=gengingairt.com&var=6757935&ymid=780278157952692846&var_3=&var_4=&dsig=&tg=1&sw=3.1.482&trace_id=0ac7b7fa-4b92-4b34-89e5-fbb64bab09fe&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=

Requested by

Host: gengingairt.com
URL: https://gengingairt.com/pfe/current/micro.tag.min.js?z=4662709&ymid=780278157952692846&var=6757935&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.134.23 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59c03690d9953d678c6dd6be59f077ed8d97a35f68782255fb5d8ceedf53a206

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gengingairt.com/?s=780278157952692846&ssk=4da7a5496ac4f5356e893a5aacfa08de&svar=1707596328&z=6757935&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Rome&bto=-60&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 23:26:33 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-trace-id: f1edd6da3a9603852b39e33733295342
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HoVOGF%2FDyvxL%2Fpn3m467T0uiCPyx85pJ10QWFMoTuuTUs7QgQQ181qSTrIM5DTR%2FugA4CZBJOzgb3qd77TjZ7aBGD%2F3psqRLuPXdhARzgBQ5tSm1Vc8guStmtU%2BSAqu7AfQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 85381e23ed6a3a70-FRA
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept

POST
H2 200 custom
jouteetu.net/ 0
0 31ms
31ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: gengingairt.com
URL: https://gengingairt.com/pfe/current/micro.tag.min.js?z=4662709&ymid=780278157952692846&var=6757935&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gengingairt.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 41ms
41ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: gengingairt.com
URL: https://gengingairt.com/pfe/current/micro.tag.min.js?z=4662709&ymid=780278157952692846&var=6757935&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gengingairt.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2

200

Primary Request red-door.htm Show response
www.888casino.it/offerta-speciale/
Redirect Chain

http://34.102.137.201/2/PU_IT_PA_CS_DT_888?source=4662728&geo=IT&device_type=desktop&browser_type=chrome&os=windows&region=rm&useragent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWe...
https://ic.aff-handler.com/c/48365?sr=1842791
https://www.888casino.it/offerta-speciale/red-door.htm?sr=1842791&mm_id=48365&utm_source=aff&utm_medium=casap&utm_content=100138643&utm_campaign=100138643_1842791_nodescription
https://www.888casino.it/offerta-speciale/red-door.htm?utm_campaign=100138643_1842791_nodescription&utm_content=100138643&utm_medium=casap&utm_source=aff

53 KB
17 KB

71ms
71ms

Document
text/html

108.138.36.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.888casino.it/offerta-speciale/red-door.htm?utm_campaign=100138643_1842791_nodescription&utm_content=100138643&utm_medium=casap&utm_source=aff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-13.muc50.r.cloudfront.net

Software

Resource Hash

d1b491c8a5f8ee06d20b8e484f5d574ee73cf503a7f00dba13892df4a846e7ae

Security Headers

Name

Value

Content-Security-Policy

frame-ancestors 'self' *.genesazrak.com *.888casinoarabic.net *.arabiccasino888.com *.casinoarabic888.com *.casinoarabic-888.com *.888-casinoarabic.com *.888casino-arabic.com http://wrapper.safe-installation.com/ https://wrapper.safe-installation.com/ http://localhost:* https://localhost:* *.bingosys.net *.secured-igaming-usa.com *.888.pt *.sisportsbook.com *.888poker.de *.888slots.de *.safe-iplay.com http://*.safe-iplay.com http://*.888sport.com http://*.sisportsbook.com http://*.secured-igaming-usa.com *.safe-installation.com *.payoutscentral.com *.triple8holdem.com *.888.com *.secured-qa.com *.secured-registration.com *.secureutils.com *.images4us.com *.onlinepersonalmessages.com *.888sport.com *.888sport.es *.888sport.it *.888sport.dk *.888sport.ro *.888sport.se *.888sport.us *.888sport.de *.777.com *.personalinfoonline.com *.888.de *.888casino.com *.888poker.com *.888casino.dk *.888poker.dk *.888.de *.888casino.ro *.888poker.ro *.888casino.se *.888poker.se *.888casino.es *.888poker.es *.888casino.it *.888poker.it *.888casino.us *.888poker.us *.888ladies.com *.888.pt cmsp *.harrahscasino.com *.wsop.com *.delawarepark.com *.doverdowns.com *.harringtongamingonline.com *.secured-igaming-services.com *.secured-igaming-usa.com *.igaming-services.com *.888.ca *.888casino.ca *.888poker.ca *.888sport.ca *.888.nl *.888casino.nl *.888poker.nl *.888sport.nl *.ar-888-casino.com *.888casino-ar.com *.ar888-casino.com *.arab888-casino.com *.casinoelarab-888.com *.alarab-888casino.com *.casinoalarab-888.com *.888casino-alarab.com *.888casino-arabian.com *.arabian-888casino.com *.888-casino-arabian.com *.888-casino-alarab.com *.ballysdover.com *.888casino-uae.com *.playat888-games.com *.888casino-game.com *.online-arabic-casino.net *.tripleeight.live *.playat888online.com *.888games-uae.com *.triple-eight-games.com *.play-casino-now.com *.888slots-uae.com *.888-uae.com *.mrgreen.de *.mrgreen.se *.mrgreen.com *.mrgreen.dk *.williamhill.com *.williamhill.local *.williamhill-pp2.com *.clevernt.com *.cleverwebserver.com

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

age: 666
alt-svc: h3=":443"; ma=86400
apigw-requestid: S8V-lidQjoEEJMA=
cache-control: max-age=1800, must-revalidate
content-encoding: br
content-security-policy: frame-ancestors 'self' *.genesazrak.com *.888casinoarabic.net *.arabiccasino888.com *.casinoarabic888.com *.casinoarabic-888.com *.888-casinoarabic.com *.888casino-arabic.com http://wrapper.safe-installation.com/ https://wrapper.safe-installation.com/ http://localhost:* https://localhost:* *.bingosys.net *.secured-igaming-usa.com *.888.pt *.sisportsbook.com *.888poker.de *.888slots.de *.safe-iplay.com http://*.safe-iplay.com http://*.888sport.com http://*.sisportsbook.com http://*.secured-igaming-usa.com *.safe-installation.com *.payoutscentral.com *.triple8holdem.com *.888.com *.secured-qa.com *.secured-registration.com *.secureutils.com *.images4us.com *.onlinepersonalmessages.com *.888sport.com *.888sport.es *.888sport.it *.888sport.dk *.888sport.ro *.888sport.se *.888sport.us *.888sport.de *.777.com *.personalinfoonline.com *.888.de *.888casino.com *.888poker.com *.888casino.dk *.888poker.dk *.888.de *.888casino.ro *.888poker.ro *.888casino.se *.888poker.se *.888casino.es *.888poker.es *.888casino.it *.888poker.it *.888casino.us *.888poker.us *.888ladies.com *.888.pt cmsp *.harrahscasino.com *.wsop.com *.delawarepark.com *.doverdowns.com *.harringtongamingonline.com *.secured-igaming-services.com *.secured-igaming-usa.com *.igaming-services.com *.888.ca *.888casino.ca *.888poker.ca *.888sport.ca *.888.nl *.888casino.nl *.888poker.nl *.888sport.nl *.ar-888-casino.com *.888casino-ar.com *.ar888-casino.com *.arab888-casino.com *.casinoelarab-888.com *.alarab-888casino.com *.casinoalarab-888.com *.888casino-alarab.com *.888casino-arabian.com *.arabian-888casino.com *.888-casino-arabian.com *.888-casino-alarab.com *.ballysdover.com *.888casino-uae.com *.playat888-games.com *.888casino-game.com *.online-arabic-casino.net *.tripleeight.live *.playat888online.com *.888games-uae.com *.triple-eight-games.com *.play-casino-now.com *.888slots-uae.com *.888-uae.com *.mrgreen.de *.mrgreen.se *.mrgreen.com *.mrgreen.dk *.williamhill.com *.williamhill.local *.williamhill-pp2.com *.clevernt.com *.cleverwebserver.com
content-type: text/html; charset=utf-8
date: Sat, 10 Feb 2024 23:15:28 GMT
p3p: CP="Read our privacy policy at http://www.888.com/security-and-privacy/privacy-policy.htm"
srv: 44305334
vary: Accept-Encoding,User-Agent,Cookie
via: 1.1 068dc56746723ff514ed3604e029e74e.cloudfront.net (CloudFront)
x-amz-cf-id: hpTwinPTBy6Lzo7sFG8xaedJ-upmrQvOVrwmWaaz4SKKicmUytufLw==
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
x-wcs-correlation-id: RoNaq6kTLg6dTzWsOL4iQ2G-eaxso3xa3VA6dRgQkvhQo-gTLhNQfw==

Redirect headers

age: 281
alt-svc: h3=":443"; ma=86400
apigw-requestid: S8W6vhv8joEEPMw=
cache-control: max-age=1800, must-revalidate
content-length: 0
date: Sat, 10 Feb 2024 23:21:53 GMT
location: https://www.888casino.it/offerta-speciale/red-door.htm?utm_campaign=100138643_1842791_nodescription&utm_content=100138643&utm_medium=casap&utm_source=aff
vary: Cookie
via: 1.1 068dc56746723ff514ed3604e029e74e.cloudfront.net (CloudFront)
x-amz-cf-id: 9cXyKlwd8Pn56tD8v0wKbkyJkwUgK2CJFO8iDCE11Rn5SVkMc9Yskw==
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
x-wcs-correlation-id: 1za3fafz_nHait6hVajf6jNxgQ4VdRpOKN6VU7n5fQ2meCjHfwpU2g==

POST
H3 200 cat.php
gengingairt.com/ 0
757 B 54ms
54ms Ping
text/plain 172.64.134.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gengingairt.com/cat.php?userId=2fac9f39745588a5e88a327e76d53bff&zoneid=4662728&rb=l5NMPvlZAfuOz46vdBDugTeq3zRqlJDkMGleNV5d7a4IRD5_D5QHUICTsV2sURDdSnkBJ_Yw_dbf6ukKjkyWLGjwR2YipJzd9LbhZNQ7JQLuTAnEhlS_j5JAMQsscNr6Tic8TAp3DOSe4j_70psly366NpiXOlOzfzVWcSCjBnf2cYxAox_0TFFU9vihLkNLd2c0oUw2P3s0U2jBzTN2Dg_Wddv-Ye_lk9ZwUCnPxcpFhUrpe4wTMcc81sipYWlRu-LCgdihLR4AN0LgTf-UYruD6s7AqwN0AeRbWeHADt_mvcY0ZW7wZ52D6LJQGhbUFwV4-6JELKfxtba0-bjJVoN9PxnMvG2UG6c0NacdDXBCejMSbFAEBLnLXJ4xsGeQ-OuULc5iAdxG42KVPY71tY36zdZVFf4KeC2tdYaKh0usCETWFD7gM0X_1FUCzDSNm_MT7GA6eAiWhC7gzqVCPTZ-ZoKoYTQ6JkGvx-sEtvf6vc9gIk6Yh4ziGxfsCQhpkArfADtlmVGTqUa4c65RRGcl59Ey8w0aVsyD3pZ1_wV8Df6-aD1mTv623Ms=&var=6757935&var3=780278157952692846&ymid=&rhd=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.134.23 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://gengingairt.com/?s=780278157952692846&ssk=4da7a5496ac4f5356e893a5aacfa08de&svar=1707596328&z=6757935&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Rome&bto=-60&rdc=2
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 10 Feb 2024 23:26:34 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
x-trace-id: 7d28f616a8483570264e549e52681f90
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FCJAezSuxF%2FfZsUJ2CU%2FxVKx1g8cJUTykICpkyCM1gd33xGqHhnCFSx1YHzVZZHiFGj9lcR4g7wsZ3mh7TGSbPlcf2FF8Yn%2BVJwflRStejXmBKBtype8Fk2Q5%2FuLujYUkh4%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://gengingairt.com
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 85381e2728ad3a70-FRA
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H3 200 funnel-data-v5.min.js Show response
www.888casino.it/js/ 11 KB
3 KB 34ms
34ms Script
text/javascript 108.138.36.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.888casino.it/js/funnel-data-v5.min.js?x=1.2.141
Requested by: Host: www.888casino.it
URL: https://www.888casino.it/offerta-speciale/red-door.htm?utm_campaign=100138643_1842791_nodescription&utm_content=100138643&utm_medium=casap&utm_source=aff
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.36.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-13.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b23530a4d5c362f622fa45bd5cb727b04ba6a969d3de2ecac4fe494d2bae87a6

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/offerta-speciale/red-door.htm?utm_campaign=100138643_1842791_nodescription&utm_content=100138643&utm_medium=casap&utm_source=aff
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 23:01:58 GMT
content-encoding: br
via: 1.1 068dc56746723ff514ed3604e029e74e.cloudfront.net (CloudFront)
last-modified: Mon, 16 Oct 2023 07:45:51 GMT
server: AmazonS3
age: 1477
x-amz-cf-pop: MUC50-P2
x-amz-server-side-encryption: AES256
etag: W/"c21b3fe665c58da77b47efe48edec070"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: C1TuaInXN-Gu9d3EtuBmMDkvm8ozISwJ6S3TNeWUE10AeI-ehBukpg==

GET
H2 200 jquery-lib.js Show response
storage.googleapis.com/cw-prod/ 86 KB
30 KB 126ms
49ms Script
application/javascript 2a00:1450:4001:803::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/cw-prod/jquery-lib.js
Requested by: Host: www.888casino.it
URL: https://www.888casino.it/offerta-speciale/red-door.htm?utm_campaign=100138643_1842791_nodescription&utm_content=100138643&utm_medium=casap&utm_source=aff
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b3cc520b32db55dce4fc3c1da2431c2180fbbb2196b62f4f7c1cccd90a79294b

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 23:26:34 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ABPtcPql8ZLS9kedaNGibyZ9Yc_xPkVuUBAQ8IOJRsQr6Pc3-rQ1gpfWxdxjKaL0wDc3Liu_w_5xn9NFNg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30653
last-modified: Wed, 17 Jan 2024 14:12:40 GMT
server: UploadServer
etag: "5818f4ef2ef03c1a18143a2af191b114"
x-goog-generation: 1705500760644233
x-goog-hash: crc32c=hVBUaQ==, md5=WBj07y7wPBoYFDoq8ZGxFA==
content-type: application/javascript
cache-control: no-cache,max-age=0,no-transform
x-goog-stored-content-length: 30653
accept-ranges: bytes
expires: Sat, 10 Feb 2024 23:26:34 GMT

GET
H2 200 27183480759 Show response
optimizely-edge.com/edge-client/v1/15304250335/ 23 KB
9 KB 88ms
43ms Script
application/javascript 2606:4700::6812:a658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://optimizely-edge.com/edge-client/v1/15304250335/27183480759
Requested by: Host: www.888casino.it
URL: https://www.888casino.it/offerta-speciale/red-door.htm?utm_campaign=100138643_1842791_nodescription&utm_content=100138643&utm_medium=casap&utm_source=aff
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:a658 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4ae2ca870f291908824e0219901f52db08880fa6911e1acb234fd2dd6bae36f

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/offerta-speciale/red-door.htm?utm_campaign=100138643_1842791_nodescription&utm_content=100138643&utm_medium=casap&utm_source=aff
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 23:26:34 GMT
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
cf-ray: 85381e2a5de50e6b-MXP
alt-svc: h3=":443"; ma=86400

GET
H3 200 acqFullBackground.css
www.888casino.it/IT/CSS/main-files/ 33 KB
8 KB 54ms
53ms Stylesheet
text/css 108.138.36.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.888casino.it/IT/CSS/main-files/acqFullBackground.css

Requested by

Host: www.888casino.it
URL: https://www.888casino.it/offerta-speciale/red-door.htm?utm_campaign=100138643_1842791_nodescription&utm_content=100138643&utm_medium=casap&utm_source=aff

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.36.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-13.muc50.r.cloudfront.net

Software

Resource Hash

0f5103d82f2fe4fbee1718d1d0b3691c91d4dcb2200d1ca122fe0d21132b5171

Security Headers

Name

Value

Content-Security-Policy

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/offerta-speciale/red-door.htm?utm_campaign=100138643_1842791_nodescription&utm_content=100138643&utm_medium=casap&utm_source=aff
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.genesazrak.com *.888casinoarabic.net *.arabiccasino888.com *.casinoarabic888.com *.casinoarabic-888.com *.888-casinoarabic.com *.888casino-arabic.com http://wrapper.safe-installation.com/ https://wrapper.safe-installation.com/ http://localhost:* https://localhost:* *.bingosys.net *.secured-igaming-usa.com *.888.pt *.sisportsbook.com *.888poker.de *.888slots.de *.safe-iplay.com http://*.safe-iplay.com http://*.888sport.com http://*.sisportsbook.com http://*.secured-igaming-usa.com *.safe-installation.com *.payoutscentral.com *.triple8holdem.com *.888.com *.secured-qa.com *.secured-registration.com *.secureutils.com *.images4us.com *.onlinepersonalmessages.com *.888sport.com *.888sport.es *.888sport.it *.888sport.dk *.888sport.ro *.888sport.se *.888sport.us *.888sport.de *.777.com *.personalinfoonline.com *.888.de *.888casino.com *.888poker.com *.888casino.dk *.888poker.dk *.888.de *.888casino.ro *.888poker.ro *.888casino.se *.888poker.se *.888casino.es *.888poker.es *.888casino.it *.888poker.it *.888casino.us *.888poker.us *.888ladies.com *.888.pt cmsp *.harrahscasino.com *.wsop.com *.delawarepark.com *.doverdowns.com *.harringtongamingonline.com *.secured-igaming-services.com *.secured-igaming-usa.com *.igaming-services.com *.888.ca *.888casino.ca *.888poker.ca *.888sport.ca *.888.nl *.888casino.nl *.888poker.nl *.888sport.nl *.ar-888-casino.com *.888casino-ar.com *.ar888-casino.com *.arab888-casino.com *.casinoelarab-888.com *.alarab-888casino.com *.casinoalarab-888.com *.888casino-alarab.com *.888casino-arabian.com *.arabian-888casino.com *.888-casino-arabian.com *.888-casino-alarab.com *.ballysdover.com *.888casino-uae.com *.playat888-games.com *.888casino-game.com *.online-arabic-casino.net *.tripleeight.live *.playat888online.com *.888games-uae.com *.triple-eight-games.com *.play-casino-now.com *.888slots-uae.com *.888-uae.com *.mrgreen.de *.mrgreen.se *.mrgreen.com *.mrgreen.dk *.williamhill.com *.williamhill.local *.williamhill-pp2.com *.clevernt.com *.cleverwebserver.com
content-encoding: gzip
via: 1.1 068dc56746723ff514ed3604e029e74e.cloudfront.net (CloudFront)
date: Sat, 10 Feb 2024 23:26:34 GMT
age: 256
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
p3p: CP="Read our privacy policy at http://www.888.com/security-and-privacy/privacy-policy.htm"
x-wcs-correlation-id: AB_MOdeou9dmzbqNkGGtIKHe7lunFVoKe4PwVaAJrvbcbiMrVnXmiQ==
alt-svc: h3=":443"; ma=86400
apigw-requestid: S5Y4ChQ2joEEMeQ=
last-modified: Fri, 08 Sep 2023 07:01:01 GMT
etag: W/"47663a22e2d91:0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1800, must-revalidate
srv: 44305334
x-amz-cf-id: Ce8syBynC1oJcYq1kgxOkk7WjVb0UX01jKOPS3e5hBPTrf3bkMgjkA==

GET
H3 200 acqFullBackground.js Show response
www.888casino.it/IT/JS/main-files/ 15 KB
5 KB 36ms
36ms Script
application/javascript 108.138.36.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.888casino.it/IT/JS/main-files/acqFullBackground.js

Requested by

Host: www.888casino.it
URL: https://www.888casino.it/offerta-speciale/red-door.htm?utm_campaign=100138643_1842791_nodescription&utm_content=100138643&utm_medium=casap&utm_source=aff

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.36.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-13.muc50.r.cloudfront.net

Software

Resource Hash

578b1c088a7fc405c93cb177a00a8c9a325cc1b4ee85e663dd1a9dc46808645e

Security Headers

Name

Value

Content-Security-Policy

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/offerta-speciale/red-door.htm?utm_campaign=100138643_1842791_nodescription&utm_content=100138643&utm_medium=casap&utm_source=aff
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.genesazrak.com *.888casinoarabic.net *.arabiccasino888.com *.casinoarabic888.com *.casinoarabic-888.com *.888-casinoarabic.com *.888casino-arabic.com http://wrapper.safe-installation.com/ https://wrapper.safe-installation.com/ http://localhost:* https://localhost:* *.bingosys.net *.secured-igaming-usa.com *.888.pt *.sisportsbook.com *.888poker.de *.888slots.de *.safe-iplay.com http://*.safe-iplay.com http://*.888sport.com http://*.sisportsbook.com http://*.secured-igaming-usa.com *.safe-installation.com *.payoutscentral.com *.triple8holdem.com *.888.com *.secured-qa.com *.secured-registration.com *.secureutils.com *.images4us.com *.onlinepersonalmessages.com *.888sport.com *.888sport.es *.888sport.it *.888sport.dk *.888sport.ro *.888sport.se *.888sport.us *.888sport.de *.777.com *.personalinfoonline.com *.888.de *.888casino.com *.888poker.com *.888casino.dk *.888poker.dk *.888.de *.888casino.ro *.888poker.ro *.888casino.se *.888poker.se *.888casino.es *.888poker.es *.888casino.it *.888poker.it *.888casino.us *.888poker.us *.888ladies.com *.888.pt cmsp *.harrahscasino.com *.wsop.com *.delawarepark.com *.doverdowns.com *.harringtongamingonline.com *.secured-igaming-services.com *.secured-igaming-usa.com *.igaming-services.com *.888.ca *.888casino.ca *.888poker.ca *.888sport.ca *.888.nl *.888casino.nl *.888poker.nl *.888sport.nl *.ar-888-casino.com *.888casino-ar.com *.ar888-casino.com *.arab888-casino.com *.casinoelarab-888.com *.alarab-888casino.com *.casinoalarab-888.com *.888casino-alarab.com *.888casino-arabian.com *.arabian-888casino.com *.888-casino-arabian.com *.888-casino-alarab.com *.ballysdover.com *.888casino-uae.com *.playat888-games.com *.888casino-game.com *.online-arabic-casino.net *.tripleeight.live *.playat888online.com *.888games-uae.com *.triple-eight-games.com *.play-casino-now.com *.888slots-uae.com *.888-uae.com *.mrgreen.de *.mrgreen.se *.mrgreen.com *.mrgreen.dk *.williamhill.com *.williamhill.local *.williamhill-pp2.com *.clevernt.com *.cleverwebserver.com
content-encoding: br
via: 1.1 068dc56746723ff514ed3604e029e74e.cloudfront.net (CloudFront)
date: Sat, 10 Feb 2024 23:03:24 GMT
age: 1429
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
x-wcs-correlation-id: Qy1RMN2v-KoUrnd6Bi_6_nx5aGzu2OPIlWFqufGZPB09lytOa6caeg==
p3p: CP="Read our privacy policy at http://www.888.com/security-and-privacy/privacy-policy.htm"
alt-svc: h3=":443"; ma=86400
apigw-requestid: S631GiY7joEEPrg=
last-modified: Fri, 08 Sep 2023 07:00:48 GMT
etag: W/"84d24a3222e2d91:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1800, must-revalidate
srv: 44301334
x-amz-cf-id: jPdADR7UNWbyVHuBgNk4uu_VdYOBdOzb33-PWQLkAvy0KcrfCv0G5w==

GET
H2 200 MTP-logo-1676371173930.png
images.images4us.com/888Casino_CGP_IT/IT/ 11 KB
11 KB 225ms
115ms Image
image/png 2600:9000:20c3:9600:1d:fa70:cfc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.images4us.com/888Casino_CGP_IT/IT/MTP-logo-1676371173930.png
Requested by: Host: www.888casino.it
URL: https://www.888casino.it/offerta-speciale/red-door.htm?utm_campaign=100138643_1842791_nodescription&utm_content=100138643&utm_medium=casap&utm_source=aff
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:9600:1d:fa70:cfc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b67caf22a35e8b7e31c5532f83eb8eb21f4530aa87f2d1d18e899f90229a7f28

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 17:03:49 GMT
via: 1.1 7ede51d8c775deaef83b54a3beafab3c.cloudfront.net (CloudFront)
last-modified: Tue, 19 Dec 2023 12:07:29 GMT
x-amz-cf-pop: MUC50-C1
age: 4170165
etag: "fc9b11f07332da1:0"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7776000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 11253
x-amz-cf-id: VQOzskGZlP8DzRvqzURDq4qd21fSG7lQISkGWQ0rsxla52Ku2ncSWA==

GET
H2 200 CAM-79195_Mobile-1702915921723.jpg
images.images4us.com/888Casino_CGP_IT/IT/ 113 KB
114 KB 154ms
44ms Image
image/jpeg 2600:9000:20c3:9600:1d:fa70:cfc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.images4us.com/888Casino_CGP_IT/IT/CAM-79195_Mobile-1702915921723.jpg
Requested by: Host: www.888casino.it
URL: https://www.888casino.it/offerta-speciale/red-door.htm?utm_campaign=100138643_1842791_nodescription&utm_content=100138643&utm_medium=casap&utm_source=aff
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:9600:1d:fa70:cfc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 9e8b3363afcd612a7506f936cef4d01befe5055bd08eea10d3fa10afb92d6cf2

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 15:22:22 GMT
via: 1.1 7ede51d8c775deaef83b54a3beafab3c.cloudfront.net (CloudFront)
last-modified: Tue, 19 Dec 2023 12:07:29 GMT
x-amz-cf-pop: MUC50-C1
age: 3830652
etag: "723128f07332da1:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=7776000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 116075
x-amz-cf-id: 7O14DJGvHOuYjC3LeevVLW7EFNCax4KpNx0zltHt9ciYkUiHoLJ7kg==

GET
H2 200 Sheild%20M2P-1676371601743_tcm1870-569366.png
images.images4us.com/888Casino_CGP_IT/IT/ 8 KB
8 KB 223ms
113ms Image
image/png 2600:9000:20c3:9600:1d:fa70:cfc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.images4us.com/888Casino_CGP_IT/IT/Sheild%20M2P-1676371601743_tcm1870-569366.png
Requested by: Host: www.888casino.it
URL: https://www.888casino.it/offerta-speciale/red-door.htm?utm_campaign=100138643_1842791_nodescription&utm_content=100138643&utm_medium=casap&utm_source=aff
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:9600:1d:fa70:cfc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b33ecf2f63bc06a6a1a3821ae8442db4501469a36052773edbb1dc62f8f50f72

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 11:34:47 GMT
via: 1.1 7ede51d8c775deaef83b54a3beafab3c.cloudfront.net (CloudFront)
last-modified: Mon, 11 Dec 2023 09:18:08 GMT
x-amz-cf-pop: MUC50-C1
age: 4708307
etag: "17434ef4122cda1:0"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7776000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 8123
x-amz-cf-id: 6iQgbp1RwO-Qg2VRycn8F3I7HlxlhLypIb-qSJcNSRrwwqzgaVVQ8w==

GET
H2 200 sperator_white-1570520089985_tcm1870-465230.png
images.images4us.com/888Casino_CGP_IT/IT/ 109 B
472 B 129ms
112ms Image
image/png 2600:9000:20c3:9600:1d:fa70:cfc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.images4us.com/888Casino_CGP_IT/IT/sperator_white-1570520089985_tcm1870-465230.png
Requested by: Host: www.888casino.it
URL: https://www.888casino.it/offerta-speciale/red-door.htm?utm_campaign=100138643_1842791_nodescription&utm_content=100138643&utm_medium=casap&utm_source=aff
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:9600:1d:fa70:cfc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 614a7ecd8cb6d55bac91e6f303401707c74632ac69a562e06695d2af4a99a8b5

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 17:03:49 GMT
via: 1.1 7ede51d8c775deaef83b54a3beafab3c.cloudfront.net (CloudFront)
last-modified: Tue, 19 Dec 2023 12:07:29 GMT
x-amz-cf-pop: MUC50-C1
age: 4170165
etag: "134117f07332da1:0"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7776000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 109
x-amz-cf-id: hU1ARU5-g2yKQPUKnLRIaUQTAFogrdV3Mpv54z0NwJai1YSF4wkz4A==

GET
H2 200 18plus_white-1570520016318_tcm1870-465227.png
images.images4us.com/888Casino_CGP_IT/IT/ 914 B
1 KB 130ms
113ms Image
image/png 2600:9000:20c3:9600:1d:fa70:cfc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.images4us.com/888Casino_CGP_IT/IT/18plus_white-1570520016318_tcm1870-465227.png
Requested by: Host: www.888casino.it
URL: https://www.888casino.it/offerta-speciale/red-door.htm?utm_campaign=100138643_1842791_nodescription&utm_content=100138643&utm_medium=casap&utm_source=aff
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:9600:1d:fa70:cfc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 3d2bc7aaa49060a6767829051bf6b0b7bda6b866abe650a4e56f878d2c0e1f05

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 03:41:35 GMT
via: 1.1 7ede51d8c775deaef83b54a3beafab3c.cloudfront.net (CloudFront)
last-modified: Mon, 11 Dec 2023 09:18:07 GMT
x-amz-cf-pop: MUC50-C1
age: 5255099
etag: "58342f4122cda1:0"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7776000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 914
x-amz-cf-id: _69_L0yHwmkPvs2OL0-Q0sHjSEAW950SPR3qJQ2DlxHFk_MU7IWhSg==

GET
H2 200 IT_responsible-01-1586335583782_tcm1870-479996.png
images.images4us.com/888Casino_CGP_IT/IT/ 15 KB
15 KB 132ms
115ms Image
image/png 2600:9000:20c3:9600:1d:fa70:cfc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.images4us.com/888Casino_CGP_IT/IT/IT_responsible-01-1586335583782_tcm1870-479996.png
Requested by: Host: www.888casino.it
URL: https://www.888casino.it/offerta-speciale/red-door.htm?utm_campaign=100138643_1842791_nodescription&utm_content=100138643&utm_medium=casap&utm_source=aff
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:9600:1d:fa70:cfc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 273cce10d4a84f96bd90b67a53707554eae4414acd08319040a69413d2aec50e

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 17:03:49 GMT
via: 1.1 7ede51d8c775deaef83b54a3beafab3c.cloudfront.net (CloudFront)
last-modified: Tue, 19 Dec 2023 12:07:29 GMT
x-amz-cf-pop: MUC50-C1
age: 4170165
etag: "81751af07332da1:0"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7776000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 15454
x-amz-cf-id: ldlEsCYWDEsW2v2PJsajQkV9Ibge1LODuMvF0Larh8tus-ifODj8AQ==

GET
H2 200 lib.js Show response
storage.googleapis.com/cw-prod/ 6 KB
2 KB 63ms
63ms Script
application/javascript 2a00:1450:4001:803::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/cw-prod/lib.js
Requested by: Host: www.888casino.it
URL: https://www.888casino.it/offerta-speciale/red-door.htm?utm_campaign=100138643_1842791_nodescription&utm_content=100138643&utm_medium=casap&utm_source=aff
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 1bbc5774cc98b6dc2fd1aeb5da63f94d07fccc2415f0b82e4593ccac15a1993c

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 23:26:34 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ABPtcPrsVT--DLTHv5uqFgPvGF1eC4Q7RxfeeM53ByXCBqH7hQfCBbixuPR_rNM-GBQO-2ryzRy0pEerig
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1829
last-modified: Wed, 17 Jan 2024 14:12:39 GMT
server: UploadServer
etag: "500915dfcb6675740922529b611bca65"
x-goog-generation: 1705500759581822
x-goog-hash: crc32c=26+gAg==, md5=UAkV38tmdXQJIlKbYRvKZQ==
content-type: application/javascript
cache-control: no-cache,max-age=0,no-transform
x-goog-stored-content-length: 1829
accept-ranges: bytes
expires: Sat, 10 Feb 2024 23:26:34 GMT

GET
H2 200 6_62a65c9790fa457c7cd2a6c8e3c8ee015be0b0a26586321db2a463d8e297959d_tracking.js Show response
cdn.optimizely.com/public/15304250335/27183480759/ 263 KB
82 KB 108ms
33ms Script
text/javascript 2a02:26f0:3500:889::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/public/15304250335/27183480759/6_62a65c9790fa457c7cd2a6c8e3c8ee015be0b0a26586321db2a463d8e297959d_tracking.js

Requested by

Host: optimizely-edge.com
URL: https://optimizely-edge.com/edge-client/v1/15304250335/27183480759

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:889::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

62a65c9790fa457c7cd2a6c8e3c8ee015be0b0a26586321db2a463d8e297959d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-meta-pci_enabled: True
x-amz-version-id: ncCylZnRd7W6TCvBZGS2OtRtrd6DkHe8
content-encoding: gzip
date: Sat, 10 Feb 2024 23:26:34 GMT
strict-transport-security: max-age=15768000
x-amz-request-id: VKZWZGVEDRG6QRKD
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 6
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, cdn;desc="AkamaiION";dur=0,rtt;desc="27";dur=0,cdnip;desc="2a02:26f0:3500:889::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0, ak_p; desc="1707607594721_388276626_512279672_26_1495_27_32_146";dur=1
content-length: 83184
x-amz-id-2: FhrgDXKxMO7k/OHvMnIcahAP6dR2uE/aXYYHwlJ6h1vf1fX2EcGA+MINVoaT5rN0qtTX7AICDns=
last-modified: Fri, 09 Feb 2024 15:58:08 GMT
server: AmazonS3
etag: "79059d71f4ccc6680c78566733628eb0"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: x-amz-meta-revision
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 406 KB
118 KB 92ms
33ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PQ2ZJ7J

Requested by

Host: www.888casino.it
URL: https://www.888casino.it/offerta-speciale/red-door.htm?utm_campaign=100138643_1842791_nodescription&utm_content=100138643&utm_medium=casap&utm_source=aff

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

69309f5bc8031790d203c2f734d27b9d7bd1641d429ec3a44cdbc1998bd727fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 23:26:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120386
x-xss-protection: 0
last-modified: Sat, 10 Feb 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 10 Feb 2024 23:26:34 GMT

GET
H2 200 main.js Show response
storage.googleapis.com/cw-prod/ 323 KB
74 KB 62ms
62ms Script
application/javascript 2a00:1450:4001:803::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/cw-prod/main.js
Requested by: Host: www.888casino.it
URL: https://www.888casino.it/offerta-speciale/red-door.htm?utm_campaign=100138643_1842791_nodescription&utm_content=100138643&utm_medium=casap&utm_source=aff
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: dd1437bb9ae563f601761d698b964b1c40b0a3d98c02d14cffad52623d516f61

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 23:26:34 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ABPtcPo9lMJH3B6DnSQcZZBrzRoGSBFh0gd890Me2g0UThkvN_mUugdpNfG73T-wOhMCLa61V3hwS2F_QA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75765
last-modified: Wed, 17 Jan 2024 14:12:40 GMT
server: UploadServer
etag: "3e3108493ed07bb6ca066b2d41c61f26"
x-goog-generation: 1705500760107721
x-goog-hash: crc32c=Z3X8qw==, md5=PjEIST7Qe7bKBmstQcYfJg==
content-type: application/javascript
cache-control: no-cache,max-age=0,no-transform
x-goog-stored-content-length: 75765
accept-ranges: bytes
expires: Sat, 10 Feb 2024 23:26:34 GMT

GET
H2 200 Circle%20M2P%20-1665577612963_tcm1870-569367.png
images.images4us.com/888Casino_CGP_IT/IT/ 17 KB
17 KB 125ms
123ms Image
image/png 2600:9000:20c3:9600:1d:fa70:cfc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.images4us.com/888Casino_CGP_IT/IT/Circle%20M2P%20-1665577612963_tcm1870-569367.png
Requested by: Host: www.888casino.it
URL: https://www.888casino.it/offerta-speciale/red-door.htm?utm_campaign=100138643_1842791_nodescription&utm_content=100138643&utm_medium=casap&utm_source=aff
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:9600:1d:fa70:cfc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b3f97bdfa28d959d0230309b44783e6717212e102a8c5c4d44c91578c25862fd

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 07:26:34 GMT
via: 1.1 7ede51d8c775deaef83b54a3beafab3c.cloudfront.net (CloudFront)
last-modified: Tue, 19 Dec 2023 12:07:29 GMT
x-amz-cf-pop: MUC50-C1
age: 2822400
etag: "9def21f07332da1:0"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7776000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 17224
x-amz-cf-id: MAopF0PfwFlROWfzOIabI1462CPuLKu6x_QQxPsCfalyLK_NPEdx2A==

GET
H2 200 CAM-79195_Desktop-1702915770009.jpg
images.images4us.com/888Casino_CGP_IT/IT/ 258 KB
259 KB 121ms
121ms Image
image/jpeg 2600:9000:20c3:9600:1d:fa70:cfc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.images4us.com/888Casino_CGP_IT/IT/CAM-79195_Desktop-1702915770009.jpg
Requested by: Host: www.888casino.it
URL: https://www.888casino.it/offerta-speciale/red-door.htm?utm_campaign=100138643_1842791_nodescription&utm_content=100138643&utm_medium=casap&utm_source=aff
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:9600:1d:fa70:cfc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bf997a14e70bb530fbb1a61bf1b28af8913406c6ae4c30d48d569386e7b6462c

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 15:22:22 GMT
via: 1.1 7ede51d8c775deaef83b54a3beafab3c.cloudfront.net (CloudFront)
last-modified: Tue, 19 Dec 2023 12:07:29 GMT
x-amz-cf-pop: MUC50-C1
age: 3830652
etag: "efd24f07332da1:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=7776000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 264186
x-amz-cf-id: tupM0hH-lsCkUT4NUTKNFH9UKsx36UEt1W_ElhF-k3imjleHj9xIcw==

GET
H2 200 footer.css
storage.googleapis.com/cw-prod/ 45 KB
7 KB 47ms
46ms Stylesheet
text/css 2a00:1450:4001:803::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/cw-prod/footer.css
Requested by: Host: www.888casino.it
URL: https://www.888casino.it/IT/JS/main-files/acqFullBackground.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 3a732d688e5ac8731d92b6e5a1e6410f4832c3916769366c4fc89c1778c20669

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 23:26:34 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ABPtcPowvcUogtWmYQU3vpOCL_ans_DDpY9lvDOA3bSMYydlTdZd04u-8Wt7LH4XC6ta6MGPebFojONudQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7171
last-modified: Wed, 17 Jan 2024 14:12:40 GMT
server: UploadServer
etag: "dd8a42bb4bd2135bdff2899b67be9ff9"
x-goog-generation: 1705500760591733
x-goog-hash: crc32c=fs3eZg==, md5=3YpCu0vSE1vf8ombZ76f+Q==
content-type: text/css
cache-control: no-cache,max-age=0,no-transform
x-goog-stored-content-length: 7171
accept-ranges: bytes
expires: Sat, 10 Feb 2024 23:26:34 GMT

GET
H2 200 it-footer-sprite.png
stage-casino-staticcontent.safe-iplay.com/assets/media/images/acq-full-background-template/ 17 KB
17 KB 142ms
51ms Image
image/png 2600:9000:26db:a800:3:1e5:8ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stage-casino-staticcontent.safe-iplay.com/assets/media/images/acq-full-background-template/it-footer-sprite.png
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/cw-prod/footer.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:a800:3:1e5:8ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d73920a12fff53e1984710d9cd686113e97c8c94e27d73934c42b1705852366

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://storage.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 22:58:17 GMT
via: 1.1 667b60dd320c04dc9adf041517122fc2.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 1704
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 17271
last-modified: Tue, 30 Jan 2024 12:32:02 GMT
server: AmazonS3
etag: "caeb3957b66ce7ae1f2614fcf54ed45c"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=3600
accept-ranges: bytes
x-amz-cf-id: 4hztpU7XLy4YJYMyKRebP3-AgkXkqpo_9EgNyJwOG0OCDGtqY625ig==

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 71ms
28ms Script
application/javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PQ2ZJ7J

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5be2dfa172d505acb197760b55c4731347cc239a7a046013c251948bb8214dbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 10 Feb 2024 23:26:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: jEXNH7qItSS8Y+G7eM2k2w==
age: 54427
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6841
x-ms-lease-status: unlocked
last-modified: Fri, 09 Feb 2024 19:39:00 GMT
server: cloudflare
etag: 0x8DC29A6C39FC4B3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d0c130ae-101e-000c-32ce-5bae8b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 85381e2c197b5276-MXP

GET
H2 200 b8a61645-5e45-45d1-aa81-aaa0a412824e.json Show response
cdn.cookielaw.org/consent/b8a61645-5e45-45d1-aa81-aaa0a412824e/ 3 KB
2 KB 72ms
35ms XHR
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/b8a61645-5e45-45d1-aa81-aaa0a412824e/b8a61645-5e45-45d1-aa81-aaa0a412824e.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63f5683ffd8a00abe5ffec5d8eea77e76fda44f30973b7a2d2c947691e3eac90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 10 Feb 2024 23:26:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 76560
content-md5: QSm4EkUgUtxPUXRV5//irg==
content-length: 1422
x-ms-lease-status: unlocked
last-modified: Mon, 25 Jul 2022 13:25:35 GMT
server: cloudflare
etag: 0x8DA6E41281B4B07
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 96795725-e01e-006a-0cc6-0be1ab000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 85381e2c8fe3ba9d-MXP
expires: Sun, 11 Feb 2024 23:26:34 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 262 KB
89 KB 34ms
34ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1YFG8LJ90F&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PQ2ZJ7J

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fc209a18e38dfb9fe76b0c508c0531323238f159feaf6d5d2dacec439c1a3d05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 23:26:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90876
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 10 Feb 2024 23:26:34 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 84ms
26ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PQ2ZJ7J

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 10 Feb 2024 21:48:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5906
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 10 Feb 2024 23:48:09 GMT

GET
H2 200 ba1424f147c2a.js Show response
t.contentsquare.net/uxa/ 325 KB
76 KB 118ms
41ms Script
application/javascript 99.84.88.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.contentsquare.net/uxa/ba1424f147c2a.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PQ2ZJ7J
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-99.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2ee4003ed948bb9824a2cd35fc32c76191d20e488f1420e5554360b8ba2d2468

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 13:26:28 GMT
content-encoding: br
via: 1.1 4ba99d04800d29b58ab9861f60991a2a.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
age: 0
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 77696
last-modified: Thu, 08 Feb 2024 13:26:22 GMT
server: AmazonS3
etag: "490c93b746e72dc6db20489f1266cb60"
vary: Origin
content-type: application/javascript;charset=utf-8
cache-control: max-age=900
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: hZHWmhb-gtnI08_8eJKgu8Jn-pD9E1Kir5RRLsLE8i3XK-iHXkEjbw==

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 249 KB
69 KB 60ms
17ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: gengingairt.com
URL: https://gengingairt.com/?s=780278157952692846&ssk=4da7a5496ac4f5356e893a5aacfa08de&svar=1707596328&z=6757935&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Rome&bto=-60
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c43a4b513b502f760edfc6f05c0c6c08803b38f32e0aebfe47d076535b0e7bee

Request headers

Referer: https://www.888casino.it/
Origin: https://www.888casino.it
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 22:50:23 GMT
content-encoding: br
age: 2171
x-guploader-uploadid: ABPtcPp6tiNttG7JTRf9OTVSrXRE7UFHJ_PqjyEd2qUygIjHzHOLCQ6NebnZ6yTX9Uc_TElPXGEC8j9MYA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69620
last-modified: Wed, 31 Jan 2024 15:14:47 GMT
server: UploadServer
etag: "78d3d2a47d7b156b9fafba7d72f3355a"
vary: Accept-Encoding
x-goog-generation: 1706714087012800
x-goog-hash: crc32c=8Jgz1A==, md5=eNPSpH17FWufr7p9cvM1Wg==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 69620
accept-ranges: bytes
content-type: application/javascript
expires: Sat, 10 Feb 2024 23:50:23 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 69 B
308 B 75ms
31ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6964d03a8ab5896300c3dd5cb3fc6fa302ef3d1b5453d2021282038af12e5679

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.888casino.it/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 23:26:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 85381e2d1fd70f6e-MXP
access-control-allow-headers: Content-Type

GET
H2 200 web Show response
edge.fullstory.com/s/settings/o-1APZPQ-na1/v1/ 4 KB
2 KB 18ms
17ms XHR
application/json 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/settings/o-1APZPQ-na1/v1/web
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 9e074330ccdd9b155912ea4bea675df2283c8514e33db05edd0ba4f5ae9baf3a

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 23:24:31 GMT
content-encoding: gzip
age: 124
x-guploader-uploadid: ABPtcPoAt7PgVomkDhNbx0VxkK2INxoPALtHAjrIzyYpCodN2vcSEk1MQjdnpeqceZJdS-zsPQE7Ks-gJQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1224
last-modified: Sat, 10 Feb 2024 23:23:38 GMT
server: UploadServer
etag: "5bb9f84faaed01f98cb13212435d7187"
x-goog-generation: 1706713717938362
x-goog-hash: crc32c=pPS5wA==, md5=W7n4T6rtAfmMsTISQ11xhw==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=900,no-transform
x-goog-stored-content-length: 1224
accept-ranges: bytes
content-type: application/json
expires: Sat, 10 Feb 2024 23:39:31 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.34.0/ 348 KB
83 KB 25ms
25ms Script
application/javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.34.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e88dafe889a514ea8b9b07747f53d08b66a473b7caa78645b4aa2167563651e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 10 Feb 2024 23:26:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ywzctmjVIapkx83Pz3a+AQ==
age: 62525
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 84671
x-ms-lease-status: unlocked
last-modified: Tue, 17 May 2022 16:31:35 GMT
server: cloudflare
etag: 0x8DA3822B5C4CCF6
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 24814a3a-201e-0038-4ce6-1d9d43000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 85381e2d4b445276-MXP

POST
H2 202 page Show response
rs.fullstory.com/rec/ 78 B
277 B 178ms
139ms XHR
text/plain 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rs.fullstory.com/rec/page

Requested by

Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

58.194.186.35.bc.googleusercontent.com

Software

Resource Hash

92cfd7867f7de91319906d35b9f6a13497f415a38daf17974256bc5f6404a55c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.888casino.it/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 10 Feb 2024 23:26:35 GMT
via: 1.1 google
x-content-type-options: nosniff
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.888casino.it
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78

GET
H2 200 xdframe-single-domain-1.2.0.html Show response
csxd.contentsquare.net/uxa/ Frame 9908 2 KB
1 KB 140ms
33ms Document
text/html 2600:9000:237d:8200:1b:ed91:4680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://csxd.contentsquare.net/uxa/xdframe-single-domain-1.2.0.html?pid=70848
Requested by: Host: t.contentsquare.net
URL: https://t.contentsquare.net/uxa/ba1424f147c2a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:8200:1b:ed91:4680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 535feb1335a0a42ed2cd06f68cb63002dbda9d385ecd00fbbc0697ae98c6b32f

Request headers

Referer: https://www.888casino.it/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

age: 2118502
cache-control: max-age=31536000
content-encoding: gzip
content-type: text/html
date: Wed, 17 Jan 2024 10:58:14 GMT
etag: W/"17303eed7f8afe41b1523ca58723426b"
last-modified: Fri, 04 Aug 2023 17:04:45 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 9f8416bf8a85d328bf3649469ef2a474.cloudfront.net (CloudFront)
x-amz-cf-id: T0K03W2K1UztudwjRpIXSr_TuDsI4K675KwQrJFyB_WexRgxABPeHw==
x-amz-cf-pop: MUC50-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: null
x-cache: Hit from cloudfront

GET
BLOB 200
OK 861881a0-5bb3-4910-9edf-8d961bd03413
https://www.888casino.it/ 7 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.888casino.it/861881a0-5bb3-4910-9edf-8d961bd03413
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1d959f985f144d73bf7e483dc5b5027417eb785966a53fb8b1378979c43d6f90

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Length: 7329
Content-Type: application/javascript

GET
H2 200 it.json Show response
cdn.cookielaw.org/consent/b8a61645-5e45-45d1-aa81-aaa0a412824e/6451f36f-d3de-4feb-938f-4a21c97a5ed7/ 67 KB
16 KB 35ms
35ms Fetch
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/b8a61645-5e45-45d1-aa81-aaa0a412824e/6451f36f-d3de-4feb-938f-4a21c97a5ed7/it.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a32df32f80914320eb97da78b55e3e219882d7f88f489e62d21b5855d7fa4b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 10 Feb 2024 23:26:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 66715
content-md5: YA/g4a872t9EfSL+WcX8Lw==
content-length: 16292
x-ms-lease-status: unlocked
last-modified: Mon, 25 Jul 2022 13:25:36 GMT
server: cloudflare
etag: 0x8DA6E4128A8D140
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: c08460e8-f01e-0059-54e7-1dbe00000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 85381e2d995aba9d-MXP
expires: Sun, 11 Feb 2024 23:26:35 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
209 B 32ms
32ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1118712003&t=pageview&_s=1&dl=https%3A%2F%2Fwww.888casino.it%2Fofferta-speciale%2Fred-door.htm%3Futm_campaign%3D100138643_1842791_nodescription%26utm_content%3D100138643%26utm_medium%3Dcasap%26utm_source%3Daff&ul=en-us&de=UTF-8&dt=Gioca%20su%20888casino&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABEAAAICAAIg~&cid=501879057.1707607595&tid=UA-183049889-3&_gid=1051256086.1707607595&_slc=1&gtm=45He4270n81PQ2ZJ7Jv832208706za200&cd1=1842791&cd6=0&cd7=anon&cd9=https%3A%2F%2Fwww.888casino.it%2Fofferta-speciale%2Fred-door.htm&cd10=0&cd11=false&cd12=0&cd13=Bingo%20CD%20-%20N%2FA&cd14=0&cd15=Bingo%20CD%20-%20N%2FA&cd17=0&cd18=0&cd19=0&cd20=Bingo%20CD%20-%20N%2FA&cd21=Bingo%20CD%20-%20N%2FA&cd26=0&cd27=GTM-PQ2ZJ7J&gcs=G101&gcd=13q3v3q3q5&dma_cps=-&dma=1&npa=1&z=1769695227

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.888casino.it/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 23:26:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.888casino.it
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect Show response
analytics.888casino.it/g/ 65 B
531 B 120ms
62ms XHR
text/plain 216.239.38.21
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.888casino.it/g/collect?v=2&tid=G-1YFG8LJ90F&gtm=45je4270v897577087z8832208706za200&_p=1707607594658&gcs=G101&gcd=13q3v3q3q5&npa=1&dma_cps=-&dma=1&cid=501879057.1707607595&ul=en-us&sr=1600x1200&_fplc=0&ur=IT-25&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=denied&sst.uc=IT&sst.rnd=2031711550.1707607595&sst.gse=1&sst.etld=google.it&sst.gcsub=region1&sst.gcd=13q3v3q3q5&sst.tft=1707607594658&_s=1&sid=1707607594&sct=1&seg=0&dl=https%3A%2F%2Fwww.888casino.it%2Fofferta-speciale%2Fred-door.htm%3Futm_campaign%3D100138643_1842791_nodescription%26utm_content%3D100138643%26utm_medium%3Dcasap%26utm_source%3Daff&dt=Gioca%20su%20888casino&en=page_view&_fv=1&_ss=1&epn.serial=1842791&epn.subBrandId=46&ep.environment=production&ep.userStatus=Anonymous&ep.isFTD=false&ep.isNative=false&ep.country=ita&epn.timestamp_micros=1707607594936&tfd=1095&richsstsse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1YFG8LJ90F&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.38.21 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

any-in-2615.1e100.net

Software

Google Frontend /

Resource Hash

e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 23:26:35 GMT
x-content-type-options: nosniff
server: Google Frontend
content-type: text/plain
access-control-allow-origin: https://www.888casino.it
cache-control: no-cache
access-control-allow-credentials: true
x-accel-buffering: no
expires: Sat, 10 Feb 2024 23:26:35 GMT

GET
H2 200 otFloatingRounded.json Show response
cdn.cookielaw.org/scripttemplates/6.34.0/assets/ 10 KB
3 KB 27ms
27ms Fetch
application/json 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.34.0/assets/otFloatingRounded.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b2a793c91a6b4893ca1934faa1738d3fea531ba0f7bfbb4180c0abc7ccb6930

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 10 Feb 2024 23:26:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: GnBP1Tj0YWr4Qdbm7JUdUA==
age: 69231
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2586
x-ms-lease-status: unlocked
last-modified: Tue, 17 May 2022 16:31:25 GMT
server: cloudflare
etag: 0x8DA3822AFC3B334
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: db1241b2-d01e-0061-7f46-141ac0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 85381e2df9e5ba9d-MXP

GET
H2 200 otPcPanel.json Show response
cdn.cookielaw.org/scripttemplates/6.34.0/assets/v2/ 49 KB
12 KB 26ms
26ms Fetch
application/json 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.34.0/assets/v2/otPcPanel.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa2a533259add5c6153cd3812130ed56ccecf82d5e0c3b44ad661e3722a3ad16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 10 Feb 2024 23:26:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: hpvDwHPbzfRabRITP+pUfw==
age: 61305
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 11724
x-ms-lease-status: unlocked
last-modified: Tue, 17 May 2022 16:31:28 GMT
server: cloudflare
etag: 0x8DA3822B15824D7
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: a5b0c6a7-b01e-0067-2199-13297f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 85381e2df9e6ba9d-MXP

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.34.0/assets/ 21 KB
4 KB 27ms
27ms Fetch
text/css 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.34.0/assets/otCommonStyles.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74c39b5ec5a61c19ff20d81c0418fabd61d6deb6ac0c967da28761d6b895ff7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 10 Feb 2024 23:26:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: /wtHD+oYY7dZRzCx50GZrQ==
age: 60648
x-ms-lease-status: unlocked
last-modified: Tue, 17 May 2022 16:31:39 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: eeca4071-b01e-0048-0f72-2224b4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 85381e2df9e7ba9d-MXP

GET
H2 200 collect
www.google-analytics.com/ 35 B
132 B 25ms
25ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=1118712003&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.888casino.it%2Fofferta-speciale%2Fred-door.htm%3Futm_campaign%3D100138643_1842791_nodescription%26utm_content%3D100138643%26utm_medium%3Dcasap%26utm_source%3Daff&ul=en-us&de=UTF-8&dt=Gioca%20su%20888casino&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=undefined&ea=undefined&_u=aEDAAEABEAAAICAAIg~&cid=501879057.1707607595&tid=UA-183049889-3&_gid=1051256086.1707607595&gtm=45He4270n81PQ2ZJ7Jv832208706za200&cd1=1842791&cd6=0&cd7=anon&cd9=https%3A%2F%2Fwww.888casino.it%2Fofferta-speciale%2Fred-door.htm&cd10=0&cd11=false&cd12=0&cd13=Bingo%20CD%20-%20N%2FA&cd14=0&cd15=Bingo%20CD%20-%20N%2FA&cd17=0&cd18=0&cd19=0&cd20=Bingo%20CD%20-%20N%2FA&cd21=Bingo%20CD%20-%20N%2FA&cd26=0&cd27=GTM-PQ2ZJ7J&gcs=G101&gcd=13q3v3q3q5&dma_cps=-&dma=1&npa=1&z=165203646

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 13:33:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 35598
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 poweredBy_ot_logo.svg
cdn.cookielaw.org/logos/static/ 3 KB
2 KB 33ms
33ms Image
image/svg+xml 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 10 Feb 2024 23:26:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: LpuayL42jB78xRllx0vkOw==
age: 76453
x-ms-lease-status: unlocked
last-modified: Thu, 08 Feb 2024 07:31:37 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: da3c00a7-801e-0031-3625-5bd890000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 85381e2e3c695276-MXP

GET
H2 204 pageview
c.az.contentsquare.net/ 0
272 B 214ms
47ms Image
text/plain 51.104.148.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.az.contentsquare.net/pageview?ex=&pvt=n&cvars=%7B%221%22%3A%5B%22subBrandId%22%2C%2246%22%5D%7D&cvarp=%7B%221%22%3A%5B%22subBrandId%22%2C%2246%22%5D%7D&la=en-US&uc=1&url=https%3A%2F%2Fwww.888casino.it%2Fofferta-speciale%2Fred-door.htm%3Futm_campaign%3D100138643_1842791_nodescription%26utm_content%3D100138643%26utm_medium%3Dcasap%26utm_source%3Daff&dr=&dw=1600&dh=1517&ww=1600&wh=1200&sw=1600&sh=1200&uu=a2de0508-22d3-a530-d222-a5babad6deb4&sn=1&hd=1707607595&v=13.85.0&pid=70848&pn=1&r=953286
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.104.148.203 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 23:26:35 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
H2 204 dvar
c.az.contentsquare.net/ 0
19 B 207ms
47ms Image
text/plain 51.104.148.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.az.contentsquare.net/dvar?v=13.85.0&pid=70848&pn=1&sn=1&uu=a2de0508-22d3-a530-d222-a5babad6deb4&dv=H4sIAAAAAAAAAw2KOQ6AMAzA%2FpKZgQLi2hAzUx%2BAoragDk2qHgNC%2FJ1stuUXDmd9DbCCwYwRGtBck3ES8LpEdwwR%2FU0SVNuqfh6H%2FlTz0E2LOomtyyb5WDyTzDW7pAuWmmXfiOkJLPz99P1dH2cAAAA%3D&ct=2&r=133272
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.104.148.203 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 23:26:35 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

Verdicts & Comments Add Verdict or Comment

194 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
gengingairt.com/	1970-01-21 03:05:43	Name: OAID Value: 2fac9f39745588a5e88a327e76d53bff
gengingairt.com/	1970-01-21 03:05:43	Name: oaidts Value: 1707607593
my.rtmark.net/	1970-01-21 03:05:43	Name: ID Value: 812e6b4fc7b642bf915e1c418dafeeca
gengingairt.com/	1970-01-21 03:56:07	Name: syncedCookie Value: true
gengingairt.com/	1970-01-20 18:20:11	Name: reverse Value: OGcgv_8iAXAxf83Vk9GOmGXmqZfodClFJ_iReOarSh8
gengingairt.com/	1970-01-20 18:20:07	Name: prefetchAd_4662728 Value: true
ic.aff-handler.com/	1970-01-20 19:03:19	Name: uffiliate_click_48365_1842791_ Value: uffiliate_click_48365_1842791_
.888casino.it/	1970-01-20 18:20:08	Name: 888Attribution Value: 1
.888casino.it/	1970-01-20 18:30:12	Name: 888Cookie Value: isftd%3Dfalse%26isHybrid%3Dfalse%26isreal%3Dfalse%26lang%3Dit%26OSR%3D1842791
.888casino.it/	1970-01-20 18:30:12	Name: 888TestData Value: %7B%22queryserial%22%3A%221842791%22%2C%22mm_id%22%3A%2248365%22%2C%22utm_source%22%3A%22aff%22%2C%22utm_medium%22%3A%22casap%22%2C%22utm_content%22%3A%22100138643%22%2C%22utm_campaign%22%3A%22100138643_1842791_nodescription%22%2C%22orig-lp%22%3A%22https%3A%2F%2Fwww.888casino.it%2Fofferta-speciale%2Fred-door.htm%22%2C%22substrategy%22%3A%22CasapStrategy%22%2C%22currentvisittype%22%3A%22Paid%22%2C%22strategy%22%3A%22ValidSerialInQueryParam%22%2C%22strategysource%22%3A%22currentvisit%22%2C%22datecreated%22%3A%222024-02-10T23%3A26%3A34.601Z%22%2C%22expiredat%22%3A%22Sat%2C%2017%20Feb%202024%2023%3A26%3A00%20GMT%22%7D
.888casino.it/	1970-01-20 22:39:19	Name: optimizelyEndUserId Value: oeu1707607594621r0.2054049269364051
.888casino.it/	1970-01-20 18:21:33	Name: _gid Value: GA1.2.1051256086.1707607595
.888casino.it/	1970-01-21 03:56:07	Name: _ga_1YFG8LJ90F Value: GS1.1.1707607594.1.0.1707607594.0.0.0
.888casino.it/	1970-01-21 03:56:07	Name: _ga Value: GA1.2.501879057.1707607595
.888casino.it/	1970-01-21 03:41:43	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Sun+Feb+11+2024+00%3A26%3A35+GMT%2B0100+(Central+European+Standard+Time)&version=6.34.0&isIABGlobal=false&hosts=&consentId=68856f1f-fc10-4eac-a7de-68a0373e4d7d&interactionCount=0&landingPath=https%3A%2F%2Fwww.888casino.it%2Fofferta-speciale%2Fred-door.htm%3Futm_campaign%3D100138643_1842791_nodescription%26utm_content%3D100138643%26utm_medium%3Dcasap%26utm_source%3Daff&groups=C0001%3A1%2CC0002%3A1%2CC0003%3A1%2CC0004%3A0
.888casino.it/	1970-01-21 03:49:31	Name: _cs_c Value: 1
.888casino.it/	1970-01-21 03:49:31	Name: _cs_id Value: a2de0508-22d3-a530-d222-a5babad6deb4.1707607595.1.1707607595.1707607595.1707287576.1741771595277.1
.888casino.it/	1970-01-20 18:20:09	Name: _cs_s Value: 1.0.0.1707609395277
.csxd.contentsquare.net/	1970-01-21 03:49:31	Name: _cs_id___70848 Value: a2de0508-22d3-a530-d222-a5babad6deb4.1707607595.1.1707607595.1707607595.1707287576.1741771595277.1
.csxd.contentsquare.net/	1970-01-20 18:20:09	Name: _cs_s___70848 Value: 1.0.0.1707609395277
.888casino.it/	1970-01-21 03:56:07	Name: FPID Value: FPID2.2.bBXI1H9um7mcF5h7DQ0gehpWCH9WM2Ap3f9JVbTaZBc%3D.1707607595
.888casino.it/	1970-01-20 18:21:19	Name: FPLC Value: %2FKvVRYz1%2BOP5s4kdXIBo7FMA%2BXvi7TW4QlgbWTvQtoExDYr7klsXtEpfrUg%2FsphvgMb%2B6nxREep0cNI50hIT6Vthzufj6ibt7vmNxuTACat2hEK30FZA6mWimmYQ%2Fg%3D%3D

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://gengingairt.com/?s=780278157952692846&ssk=4da7a5496ac4f5356e893a5aacfa08de&svar=1707596328&z=6757935&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Rome&bto=-60 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gengingairt.com/?s=780278157952692846&ssk=4da7a5496ac4f5356e893a5aacfa08de&svar=1707596328&z=6757935&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Rome&bto=-60 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gengingairt.com/?s=780278157952692846&ssk=4da7a5496ac4f5356e893a5aacfa08de&svar=1707596328&z=6757935&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Rome&bto=-60&rdc=2 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gengingairt.com/?s=780278157952692846&ssk=4da7a5496ac4f5356e893a5aacfa08de&svar=1707596328&z=6757935&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Rome&bto=-60&rdc=2 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.888casino.it/offerta-speciale/red-door.htm?utm_campaign=100138643_1842791_nodescription&utm_content=100138643&utm_medium=casap&utm_source=aff Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.888casino.it/offerta-speciale/red-door.htm?utm_campaign=100138643_1842791_nodescription&utm_content=100138643&utm_medium=casap&utm_source=aff Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.888casino.it
c.az.contentsquare.net
cdn.cookielaw.org
cdn.optimizely.com
csxd.contentsquare.net
edge.fullstory.com
gengingairt.com
geolocation.onetrust.com
ic.aff-handler.com
images.images4us.com
jouteetu.net
my.rtmark.net
optimizely-edge.com
rs.fullstory.com
stage-casino-staticcontent.safe-iplay.com
storage.googleapis.com
t.contentsquare.net
www.888casino.it
www.google-analytics.com
www.googletagmanager.com
108.138.36.13
139.45.195.8
139.45.197.251
172.64.134.23
216.239.38.21
217.147.127.42
2600:9000:20c3:9600:1d:fa70:cfc0:93a1
2600:9000:237d:8200:1b:ed91:4680:93a1
2600:9000:26db:a800:3:1e5:8ac0:93a1
2606:4700:4400::ac40:9b77
2606:4700::6812:82ec
2606:4700::6812:a658
2a00:1450:4001:803::201b
2a00:1450:4001:80b::200e
2a00:1450:4001:811::2008
2a02:26f0:3500:889::13b8
34.102.137.201
35.186.194.58
35.201.112.186
51.104.148.203
99.84.88.99
09b5c454afe402d5402cfcd8870d51b1c688ae218ac2ca737aa9e7c84dc42eec
0f5103d82f2fe4fbee1718d1d0b3691c91d4dcb2200d1ca122fe0d21132b5171
1bbc5774cc98b6dc2fd1aeb5da63f94d07fccc2415f0b82e4593ccac15a1993c
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d959f985f144d73bf7e483dc5b5027417eb785966a53fb8b1378979c43d6f90
273cce10d4a84f96bd90b67a53707554eae4414acd08319040a69413d2aec50e
2ee4003ed948bb9824a2cd35fc32c76191d20e488f1420e5554360b8ba2d2468
3a732d688e5ac8731d92b6e5a1e6410f4832c3916769366c4fc89c1778c20669
3d2bc7aaa49060a6767829051bf6b0b7bda6b866abe650a4e56f878d2c0e1f05
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
4ce5af480456e2978b8d22739996e6e5851c78707c298e39b74298d957f7300c
535feb1335a0a42ed2cd06f68cb63002dbda9d385ecd00fbbc0697ae98c6b32f
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc
578b1c088a7fc405c93cb177a00a8c9a325cc1b4ee85e663dd1a9dc46808645e
59c03690d9953d678c6dd6be59f077ed8d97a35f68782255fb5d8ceedf53a206
5be2dfa172d505acb197760b55c4731347cc239a7a046013c251948bb8214dbc
5c044369ca8856f06581f763d01a0394980980a470cfb7a284d4bba62d8463d2
5cff5adf94024a5e101b3793aaf73bddf85416835e2eede9346400453d6f9389
614a7ecd8cb6d55bac91e6f303401707c74632ac69a562e06695d2af4a99a8b5
62a65c9790fa457c7cd2a6c8e3c8ee015be0b0a26586321db2a463d8e297959d
63f5683ffd8a00abe5ffec5d8eea77e76fda44f30973b7a2d2c947691e3eac90
69309f5bc8031790d203c2f734d27b9d7bd1641d429ec3a44cdbc1998bd727fd
6964d03a8ab5896300c3dd5cb3fc6fa302ef3d1b5453d2021282038af12e5679
6b2a793c91a6b4893ca1934faa1738d3fea531ba0f7bfbb4180c0abc7ccb6930
74c39b5ec5a61c19ff20d81c0418fabd61d6deb6ac0c967da28761d6b895ff7d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a32df32f80914320eb97da78b55e3e219882d7f88f489e62d21b5855d7fa4b3
8d73920a12fff53e1984710d9cd686113e97c8c94e27d73934c42b1705852366
92cfd7867f7de91319906d35b9f6a13497f415a38daf17974256bc5f6404a55c
9e074330ccdd9b155912ea4bea675df2283c8514e33db05edd0ba4f5ae9baf3a
9e8b3363afcd612a7506f936cef4d01befe5055bd08eea10d3fa10afb92d6cf2
a4ae2ca870f291908824e0219901f52db08880fa6911e1acb234fd2dd6bae36f
b23530a4d5c362f622fa45bd5cb727b04ba6a969d3de2ecac4fe494d2bae87a6
b33ecf2f63bc06a6a1a3821ae8442db4501469a36052773edbb1dc62f8f50f72
b3cc520b32db55dce4fc3c1da2431c2180fbbb2196b62f4f7c1cccd90a79294b
b3f97bdfa28d959d0230309b44783e6717212e102a8c5c4d44c91578c25862fd
b67caf22a35e8b7e31c5532f83eb8eb21f4530aa87f2d1d18e899f90229a7f28
beb5d5c355e3e579230fc9fe80f1358048351b58bab6e66a7a857d368c40793d
bf997a14e70bb530fbb1a61bf1b28af8913406c6ae4c30d48d569386e7b6462c
c43a4b513b502f760edfc6f05c0c6c08803b38f32e0aebfe47d076535b0e7bee
c9a4406ced5bdf6c486444220af580dd9f8e937d7e5cb6628d864178c349c4bc
ced7e277aebb0f282b15005b6ce447ab5ac586e15aca88ab825d29983993b402
d1b491c8a5f8ee06d20b8e484f5d574ee73cf503a7f00dba13892df4a846e7ae
d79bafaa63c3bd4315a6541c4b286d595656af88798efdd2a3b50a3e7e9f7bfd
dd1437bb9ae563f601761d698b964b1c40b0a3d98c02d14cffad52623d516f61
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
e88dafe889a514ea8b9b07747f53d08b66a473b7caa78645b4aa2167563651e7
fa2a533259add5c6153cd3812130ed56ccecf82d5e0c3b44ad661e3722a3ad16
fc209a18e38dfb9fe76b0c508c0531323238f159feaf6d5d2dacec439c1a3d05

www.888casino.it Open in urlscan Pro 108.138.36.13 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

79 Requests

99 %HTTPS

48 %IPv6

16 Domains

20 Subdomains

20 IPs

5 Countries

1255 kBTransfer

3282 kBSize

22 Cookies

7 Outgoing links

Page URL History

Redirected requests

79 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.888casino.it Open in urlscan Pro
108.138.36.13 Public Scan

Screenshot
Live screenshot

Full Image

79
Requests

99 %
HTTPS

48 %
IPv6

16
Domains

20
Subdomains

20
IPs

5
Countries

1255 kB
Transfer

3282 kB
Size

22
Cookies

79 HTTP transactions
2 data transactions