p185689.myckdom.com Open in urlscan Pro
52.117.247.211 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.casinos.mn/cabaret-club-casino-arvostelu/
Effective URL:
https://p185689.myckdom.com/adServe/domainClick?ai=8t_YSst-khTvLqXqTCUONVUZl22rLbr1U46zJ0O_-GD-nhE1ILDbb6HqcP8ztjOFo17Oq_C2Y...
Submission: On July 28 via manual (July 28th 2023, 1:36:35 pm UTC) from US — Scanned from PT

Summary HTTP 47 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 10 domains to perform 47 HTTP transactions. The main IP is 52.117.247.211, located in and belongs to . The main domain is p185689.myckdom.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 20th 2023. Valid for: a year.

This is the only time p185689.myckdom.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	185.139.162.37 185.139.162.37	203298 (WINGTOP) (WINGTOP)
3	142.250.184.227 142.250.184.227	15169 (GOOGLE) (GOOGLE)
10	216.58.212.142 216.58.212.142	15169 (GOOGLE) (GOOGLE)
1 2	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	172.217.16.198 172.217.16.198	15169 (GOOGLE) (GOOGLE)
4	172.217.18.10 172.217.18.10	15169 (GOOGLE) (GOOGLE)
1	142.250.184.228 142.250.184.228	15169 (GOOGLE) (GOOGLE)
1	172.217.23.118 172.217.23.118	15169 (GOOGLE) (GOOGLE)
1	142.250.186.161 142.250.186.161	15169 (GOOGLE) (GOOGLE)
1	142.250.181.227 142.250.181.227	15169 (GOOGLE) (GOOGLE)
1 1	185.107.56.54 185.107.56.54	() ()
1 2	52.117.247.211 52.117.247.211	() ()
47	12

20 185.139.162.37 (Sweden)

ASN203298 (WINGTOP, SE)

www.casinos.mn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
casinos.mn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 216.58.212.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f14.1e100.net

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f6.1e100.net

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.10 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f10.1e100.net

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.118 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f22.1e100.net

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f1.1e100.net

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.107.56.54 (None, ) 1 redirects

ASN- ()

www.wow-robotics.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.117.247.211 (None, ) 1 redirects

ASN- ()

myckdom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p185689.myckdom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	casinos.mn www.casinos.mn casinos.mn	263 KB
10	youtube.com www.youtube.com — Cisco Umbrella Rank: 92 Failed	962 KB
4	googleapis.com jnn-pa.googleapis.com — Cisco Umbrella Rank: 277	31 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	51 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 static.doubleclick.net — Cisco Umbrella Rank: 322	1 KB
2	myckdom.com 1 redirects myckdom.com p185689.myckdom.com	741 B
1	wow-robotics.xyz 1 redirects www.wow-robotics.xyz	1 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 248	1 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 122	36 KB
1	google.com www.google.com — Cisco Umbrella Rank: 3	15 KB
47	10

	Domain	Requested by
17	www.casinos.mn	www.casinos.mn
10	www.youtube.com	www.casinos.mn www.youtube.com
4	jnn-pa.googleapis.com	www.youtube.com
3	fonts.gstatic.com	www.casinos.mn www.youtube.com
3	casinos.mn	www.casinos.mn
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
1	p185689.myckdom.com	www.casinos.mn
1	myckdom.com	1 redirects
1	www.wow-robotics.xyz	1 redirects
1	www.gstatic.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
47	14

This site contains no links.

Subject Issuer	Validity	Valid
*.gstatic.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.myckdom.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-20` - `2024-03-20`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://p185689.myckdom.com/adServe/domainClick?ai=8t_YSst-khTvLqXqTCUONVUZl22rLbr1U46zJ0O_-GD-nhE1ILDbb6HqcP8ztjOFo17Oq_C2YYrRRwpQIqQBs1xHBdfbyL_T8R3-Lf5i2Nw1RhEP6v1HQqlBf36KwrBMv73_L9KsAsUPdhGn3_C1PnzMxTSW33E-llpg4FhZfxSp-9E1ErW-wSHAqYiFAxRBh2YkvkGSXBrr2iPLc49PEYSqtsHB64WQjTg2hoIQsPvZIRkIcTbIs8VITNE5BIDx63V2gH-SXW02DI6RgW6gWVE_VEqSqib4vsB0iuJvaA4l_jIE1GWrF0-cSEhrDbOxEkcnN0O_o7n7N9RLydVTTh8VzEnRK1KGnazT_fgIBNS4dnN5JBOCTIW_9plALkDivgUM53Dzny0iZs55fPbhlVFjRcsj7Dbq1aOuLzwF6DpmidZ79W2X0diAbtp9NeTI&ui=tmxvfbadWlmQoFHyRsWD6FY37AsT2Aew6S7gT6OG4UMyDpLRzpxdY9FGRPu0-qZIK3fPymWpRQd0i5QO3eZs5Xw1EuhU59Ulk28RAZYmbFST5zS9ro7S6w&si=1&oref=fb3bef0beb1a7c8513abcc01253a4bd2&optunit=hY-uC7RfwEIK7ekdAQLwPmWSQsQHXjql&rb=Z-3VHHfg0Tk&rr=0&abtg=0
Frame ID: C4A63B07F5F7E0D58A4DF5BBE20C8EC6
Requests: 22 HTTP requests in this frame

Frame: https://www.youtube.com/embed/iWMOans7bqs
Frame ID: 833620190FD4D38BAE18EF32630F79C9
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/iWMOans7bqs
Frame ID: 14A683F9C42E66723B15C3393E6D5106
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.casinos.mn/cabaret-club-casino-arvostelu/ Page URL
https://www.wow-robotics.xyz/ HTTP 302
https://myckdom.com/aS/feedclick?s=tmxvfbadWlmQoFHyRsWD6K3dDnCBF-q5H1iTQpVoGyYgBfwrXRI2ZZ1B-kb1v... HTTP 302
https://p185689.myckdom.com/adServe/domainClick?ai=8t_YSst-khTvLqXqTCUONVUZl22rLbr1U46zJ0O_-GD-nhE1ILDbb... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

47
Requests

49 %
HTTPS

0 %
IPv6

10
Domains

14
Subdomains

12
IPs

2
Countries

1360 kB
Transfer

4214 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.casinos.mn/cabaret-club-casino-arvostelu/ Page URL
https://www.wow-robotics.xyz/ HTTP 302
https://myckdom.com/aS/feedclick?s=tmxvfbadWlmQoFHyRsWD6K3dDnCBF-q5H1iTQpVoGyYgBfwrXRI2ZZ1B-kb1vwChg2RvEwrk2eqQ6BMJcmqdpP5PY7DAm2XxlGTWJnIp7dGzHX4g97662Pb5np8cxJs0YFos_XX7JtPGVWViaJip_hogB25Y-eBDEusi3xb2xwXJkx8-IBhMzoftXq9p2HNtxZPG8C8uik6GaTHa52gC7iA8mAa47e3K5pjr__48YcAy7q9IBW-QQPP4r_EqWEPQj2m61XtWou5WKkaMucQLk2HIMN7l_l_5TX1X-3MlfzuRzN1dCcoT_c-zzGQNxU307wOcvNA3cXfYIs1SmQwfsQrZc8EkmvQzZ2TSDMADTdCRAUk_Fxzjs84xBhuwRM5EA6dzAPCT6LGSOwvWUCIB3eebgYqXJhX6W4jsxzBhvFKkOUIfOHpWa_9SdS9vn6peXfTW7LG8VPf2CmnhhA-2SjV8rCzTmExbBZNHrlk_hwePS0NkmHZOrVAorylpCOGF5CBMxBsq4iNxFjW6eenYUt17pVqe9vvR_9EZs6XmXBV7rVQhisrbxUHCK4tSYsXO4CvWIAayZX_RAHbP59QKgcoLmIkrNohykhWW-ua4wtmJL5pGTB_CR8ALHJPZMYL6Q4b1vR6fZ-2hApL-3LplD2dF4ha8E1OIgSb9iQD94VL_FiJE5VNPMOGuLH0pwwmUFUFmHW-N2zbAxak9cXfoCRQZFvaYObi4D6b7_2pk7UpYe8hR1gxV1QY_-NbjvS4VDeJRLPN-Z7OuEj721hgIGWwLa8m6bpjbdFN7qNHvHF7WalHH9QBBXfsCEA8qKm9EoktBgCOuugiCBSo2_b3bvSrlaLYbElpUkjnwLt4PORPDdDpcyZV8NhfYYLGEuV-gTQzrHw3SZv-7r186QhErEEMMdQL726pWrtg5Yuugvl7nAA319rQT5Ud6a0Dn6eNJC2fnSXp7Np_xHf4t_mLY3DVGEQ_q_UdCqUF_forCsEwy5By3yS0DOASfel2cZKhCkdMDsrP1-j3iYqdNQvLa15CBN6w_2GHEYNEdYbi5ZYgJcbCgfywccgzFgxHCKxLJbhQpVcshSAOragiVpSF7j4l4po_srV7CCYXHFyN-XaNaNGUFq_Mhn055gZV-wDaTC3oCEBI89nStvnc-9i1SSYti_uAjrFnU5SD-abU_6WI4ESHntSL8EniIJnsgDQK_6dvks-IpfDVfRxZBBllIvgc4zdKtLAXgr-hX3J8NNQFhKdM9GLFYQt-_H-q4zbybOVviKU9uOjARbmHrb2YosLAPQY8jw8f1NgyOkYFuoFmaq9lh1Fx6s404NoaCELD7hgvZ3MvVwzb3QC4zB9LcAb1GVBAb_dBQYAVQXNWfJatXfZyBoTcdfZLOy8EfefpO-f_S7XznC2UD2l9U8IUbNExyG31_u-rOpHv1SsG4onV4iCZ7IA0Cv4arYQs297O6ZZJCxAdeOqU HTTP 302
https://p185689.myckdom.com/adServe/domainClick?ai=8t_YSst-khTvLqXqTCUONVUZl22rLbr1U46zJ0O_-GD-nhE1ILDbb6HqcP8ztjOFo17Oq_C2YYrRRwpQIqQBs1xHBdfbyL_T8R3-Lf5i2Nw1RhEP6v1HQqlBf36KwrBMv73_L9KsAsUPdhGn3_C1PnzMxTSW33E-llpg4FhZfxSp-9E1ErW-wSHAqYiFAxRBh2YkvkGSXBrr2iPLc49PEYSqtsHB64WQjTg2hoIQsPvZIRkIcTbIs8VITNE5BIDx63V2gH-SXW02DI6RgW6gWVE_VEqSqib4vsB0iuJvaA4l_jIE1GWrF0-cSEhrDbOxEkcnN0O_o7n7N9RLydVTTh8VzEnRK1KGnazT_fgIBNS4dnN5JBOCTIW_9plALkDivgUM53Dzny0iZs55fPbhlVFjRcsj7Dbq1aOuLzwF6DpmidZ79W2X0diAbtp9NeTI&ui=tmxvfbadWlmQoFHyRsWD6FY37AsT2Aew6S7gT6OG4UMyDpLRzpxdY9FGRPu0-qZIK3fPymWpRQd0i5QO3eZs5Xw1EuhU59Ulk28RAZYmbFST5zS9ro7S6w&si=1&oref=fb3bef0beb1a7c8513abcc01253a4bd2&optunit=hY-uC7RfwEIK7ekdAQLwPmWSQsQHXjql&rb=Z-3VHHfg0Tk&rr=0&abtg=0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

47 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
www.casinos.mn/cabaret-club-casino-arvostelu/ 156 KB
29 KB 11365ms
11320ms Document
text/html 185.139.162.37
WINGTOP

General

Check archive.org

Show headers Download Go to

Full URL

http://www.casinos.mn/cabaret-club-casino-arvostelu/

Protocol

HTTP/1.1

Server

185.139.162.37 , Sweden, ASN203298 (WINGTOP, SE),

Reverse DNS

Software

Apache /

Resource Hash

3924ce6678ecbcd0655d6806c7495c55bca3a4f01e6413fedb697ef26598271a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 29289
Content-Type: text/html; charset=UTF-8
Date: Fri, 28 Jul 2023 13:36:18 GMT
Keep-Alive: timeout=5, max=150
Link: <http://www.casinos.mn/wp-json/>; rel="https://api.w.org/", <http://www.casinos.mn/wp-json/wp/v2/posts/12>; rel="alternate"; type="application/json", <http://www.casinos.mn/?p=12>; rel=shortlink
Permissions-Policy: accelerometer=(self), autoplay=(self), camera=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), payment=(self), usb=(self)
Referrer-Policy: origin-when-cross-origin
Server: Apache
Strict-Transport-Security: max-age=2592000
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
X-XSS-Protection: 1

GET
H/1.1 200
OK style.min.css
www.casinos.mn/wp-includes/css/dist/block-library/ 95 KB
13 KB 219ms
175ms Stylesheet
text/css 185.139.162.37
WINGTOP

General

Check archive.org

Show headers Download Go to

Full URL: http://www.casinos.mn/wp-includes/css/dist/block-library/style.min.css?ver=3f978c7fa0ef6c431febbc38c9a612ae
Requested by: Host: www.casinos.mn
URL: http://www.casinos.mn/cabaret-club-casino-arvostelu/
Protocol: HTTP/1.1
Server: 185.139.162.37 , Sweden, ASN203298 (WINGTOP, SE),
Reverse DNS
Software: Apache /
Resource Hash: aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: http://www.casinos.mn/cabaret-club-casino-arvostelu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 28 Jul 2023 13:36:28 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Apr 2023 12:17:51 GMT
Server: Apache
ETag: "17ced-5f86d8c3734b0-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=150
Content-Length: 12736

GET
H/1.1 200
OK wpautoterms.css
www.casinos.mn/wp-content/plugins/auto-terms-of-service-and-privacy-policy/css/ 547 B
515 B 216ms
172ms Stylesheet
text/css 185.139.162.37
WINGTOP

General

Check archive.org

Show headers Download Go to

Full URL: http://www.casinos.mn/wp-content/plugins/auto-terms-of-service-and-privacy-policy/css/wpautoterms.css?ver=3f978c7fa0ef6c431febbc38c9a612ae
Requested by: Host: www.casinos.mn
URL: http://www.casinos.mn/cabaret-club-casino-arvostelu/
Protocol: HTTP/1.1
Server: 185.139.162.37 , Sweden, ASN203298 (WINGTOP, SE),
Reverse DNS
Software: Apache /
Resource Hash: 2721cb3be7704be75a403489d609671fab74269a881ca8b62f1b47f118c02a76

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: http://www.casinos.mn/cabaret-club-casino-arvostelu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 28 Jul 2023 13:36:28 GMT
Content-Encoding: gzip
Last-Modified: Sat, 26 Nov 2022 09:10:15 GMT
Server: Apache
ETag: "223-5ee5c01a05248-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=150
Content-Length: 195

GET
H/1.1 200
OK jquery.min.js Show response
www.casinos.mn/wp-includes/js/jquery/ 88 KB
31 KB 224ms
179ms Script
application/javascript 185.139.162.37
WINGTOP

General

Check archive.org

Show headers Download Go to

Full URL: http://www.casinos.mn/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
Requested by: Host: www.casinos.mn
URL: http://www.casinos.mn/cabaret-club-casino-arvostelu/
Protocol: HTTP/1.1
Server: 185.139.162.37 , Sweden, ASN203298 (WINGTOP, SE),
Reverse DNS
Software: Apache /
Resource Hash: afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: http://www.casinos.mn/cabaret-club-casino-arvostelu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 28 Jul 2023 13:36:28 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Apr 2023 12:17:50 GMT
Server: Apache
ETag: "15ed7-5f86d8c356f8e-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=150
Content-Length: 31049

GET
H/1.1 200
OK jquery-migrate.min.js Show response
www.casinos.mn/wp-includes/js/jquery/ 13 KB
5 KB 221ms
177ms Script
application/javascript 185.139.162.37
WINGTOP

General

Check archive.org

Show headers Download Go to

Full URL: http://www.casinos.mn/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by: Host: www.casinos.mn
URL: http://www.casinos.mn/cabaret-club-casino-arvostelu/
Protocol: HTTP/1.1
Server: 185.139.162.37 , Sweden, ASN203298 (WINGTOP, SE),
Reverse DNS
Software: Apache /
Resource Hash: 9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: http://www.casinos.mn/cabaret-club-casino-arvostelu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 28 Jul 2023 13:36:28 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Apr 2023 12:17:50 GMT
Server: Apache
ETag: "3470-5f86d8c35310e-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=150
Content-Length: 4795

GET
H/1.1 200
OK wp-polyfill-inert.min.js Show response
www.casinos.mn/wp-includes/js/dist/vendor/ 8 KB
3 KB 222ms
177ms Script
application/javascript 185.139.162.37
WINGTOP

General

Check archive.org

Show headers Download Go to

Full URL: http://www.casinos.mn/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
Requested by: Host: www.casinos.mn
URL: http://www.casinos.mn/cabaret-club-casino-arvostelu/
Protocol: HTTP/1.1
Server: 185.139.162.37 , Sweden, ASN203298 (WINGTOP, SE),
Reverse DNS
Software: Apache /
Resource Hash: c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: http://www.casinos.mn/cabaret-club-casino-arvostelu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 28 Jul 2023 13:36:28 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Apr 2023 12:17:51 GMT
Server: Apache
ETag: "1feb-5f86d8c360bce-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=150
Content-Length: 2484

GET
H/1.1 200
OK regenerator-runtime.min.js Show response
www.casinos.mn/wp-includes/js/dist/vendor/ 6 KB
3 KB 219ms
109ms Script
application/javascript 185.139.162.37
WINGTOP

General

Check archive.org

Show headers Download Go to

Full URL: http://www.casinos.mn/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.11
Requested by: Host: www.casinos.mn
URL: http://www.casinos.mn/cabaret-club-casino-arvostelu/
Protocol: HTTP/1.1
Server: 185.139.162.37 , Sweden, ASN203298 (WINGTOP, SE),
Reverse DNS
Software: Apache /
Resource Hash: 6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: http://www.casinos.mn/cabaret-club-casino-arvostelu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 28 Jul 2023 13:36:28 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Apr 2023 12:17:51 GMT
Server: Apache
ETag: "19cf-5f86d8c360bce-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=148
Content-Length: 2499

GET
H/1.1 200
OK wp-polyfill.min.js Show response
www.casinos.mn/wp-includes/js/dist/vendor/ 17 KB
7 KB 254ms
109ms Script
application/javascript 185.139.162.37
WINGTOP

General

Check archive.org

Show headers Download Go to

Full URL: http://www.casinos.mn/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: www.casinos.mn
URL: http://www.casinos.mn/cabaret-club-casino-arvostelu/
Protocol: HTTP/1.1
Server: 185.139.162.37 , Sweden, ASN203298 (WINGTOP, SE),
Reverse DNS
Software: Apache /
Resource Hash: 1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: http://www.casinos.mn/cabaret-club-casino-arvostelu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 28 Jul 2023 13:36:28 GMT
Content-Encoding: gzip
Last-Modified: Sat, 26 Nov 2022 09:32:53 GMT
Server: Apache
ETag: "459f-5ee5c528ecf4b-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=149
Content-Length: 6532

GET
H/1.1 200
OK dom-ready.min.js Show response
www.casinos.mn/wp-includes/js/dist/ 498 B
665 B 301ms
109ms Script
application/javascript 185.139.162.37
WINGTOP

General

Check archive.org

Show headers Download Go to

Full URL: http://www.casinos.mn/wp-includes/js/dist/dom-ready.min.js?ver=392bdd43726760d1f3ca
Requested by: Host: www.casinos.mn
URL: http://www.casinos.mn/cabaret-club-casino-arvostelu/
Protocol: HTTP/1.1
Server: 185.139.162.37 , Sweden, ASN203298 (WINGTOP, SE),
Reverse DNS
Software: Apache /
Resource Hash: 166c7c3bb5f76f977a9f2a5490589b3466374eb2b3f064802e56f08bad71fbf0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: http://www.casinos.mn/cabaret-club-casino-arvostelu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 28 Jul 2023 13:36:28 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Jul 2022 05:12:39 GMT
Server: Apache
ETag: "1f2-5e2b76f676b76-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=149
Content-Length: 331

GET
H/1.1 200
OK base.js Show response
www.casinos.mn/wp-content/plugins/auto-terms-of-service-and-privacy-policy/js/ 720 B
621 B 339ms
114ms Script
application/javascript 185.139.162.37
WINGTOP

General

Check archive.org

Show headers Download Go to

Full URL: http://www.casinos.mn/wp-content/plugins/auto-terms-of-service-and-privacy-policy/js/base.js?ver=2.5.0
Requested by: Host: www.casinos.mn
URL: http://www.casinos.mn/cabaret-club-casino-arvostelu/
Protocol: HTTP/1.1
Server: 185.139.162.37 , Sweden, ASN203298 (WINGTOP, SE),
Reverse DNS
Software: Apache /
Resource Hash: f58e30ab562e4d580aa3af24b123c2c296906742de518a749215e13d6bd2f0db

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: http://www.casinos.mn/cabaret-club-casino-arvostelu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 28 Jul 2023 13:36:28 GMT
Content-Encoding: gzip
Last-Modified: Sat, 26 Nov 2022 09:10:15 GMT
Server: Apache
ETag: "2d0-5ee5c019f3906-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=147
Content-Length: 287

GET
H/1.1 200
OK et-divi-customizer-global.min.css
www.casinos.mn/wp-content/et-cache/global/ 3 KB
1 KB 110ms
109ms Stylesheet
text/css 185.139.162.37
WINGTOP

General

Check archive.org

Show headers Download Go to

Full URL: http://www.casinos.mn/wp-content/et-cache/global/et-divi-customizer-global.min.css?ver=1683628369
Requested by: Host: www.casinos.mn
URL: http://www.casinos.mn/cabaret-club-casino-arvostelu/
Protocol: HTTP/1.1
Server: 185.139.162.37 , Sweden, ASN203298 (WINGTOP, SE),
Reverse DNS
Software: Apache /
Resource Hash: 2832ead8f13ea927b717cf8d1060d57926e0b9de9892c2647032427970d01e8e

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: http://www.casinos.mn/cabaret-club-casino-arvostelu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 28 Jul 2023 13:36:28 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 May 2023 10:32:49 GMT
Server: Apache
ETag: "b02-5fb4046e55726-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=149
Content-Length: 795

GET
H/1.1 200
OK Capture.png
casinos.mn/wp-content/uploads/2016/10/ 4 KB
4 KB 217ms
172ms Image
image/png 185.139.162.37
WINGTOP

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://casinos.mn/wp-content/uploads/2016/10/Capture.png
Requested by: Host: www.casinos.mn
URL: http://www.casinos.mn/cabaret-club-casino-arvostelu/
Protocol: HTTP/1.1
Server: 185.139.162.37 , Sweden, ASN203298 (WINGTOP, SE),
Reverse DNS
Software: Apache /
Resource Hash: 0c99479310af9481a2ce38b18a46223d189e702dda2a9afc4ea9cf2150b14e84

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: http://www.casinos.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 28 Jul 2023 13:36:29 GMT
Last-Modified: Thu, 20 Oct 2016 05:11:41 GMT
Server: Apache
ETag: "ec2-53f44f5fedd40"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=150
Content-Length: 3778

GET
H/1.1 200
OK cabaret-club-casino-1.jpg
www.casinos.mn/wp-content/uploads/2016/10/ 63 KB
63 KB 110ms
109ms Image
image/jpeg 185.139.162.37
WINGTOP

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.casinos.mn/wp-content/uploads/2016/10/cabaret-club-casino-1.jpg
Requested by: Host: www.casinos.mn
URL: http://www.casinos.mn/cabaret-club-casino-arvostelu/
Protocol: HTTP/1.1
Server: 185.139.162.37 , Sweden, ASN203298 (WINGTOP, SE),
Reverse DNS
Software: Apache /
Resource Hash: 6bbc0524430f4927ac6edd2ba81ac3b5d33a077300081246e20f5d8f768190a0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: http://www.casinos.mn/cabaret-club-casino-arvostelu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 28 Jul 2023 13:36:28 GMT
Last-Modified: Sun, 12 Jul 2020 04:18:30 GMT
Server: Apache
ETag: "fc6e-5aa36ddd5ec53"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=148
Content-Length: 64622

GET
H/1.1 200
OK images-150x140.jpg
casinos.mn/wp-content/uploads/2016/10/ 8 KB
8 KB 224ms
173ms Image
image/jpeg 185.139.162.37
WINGTOP

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://casinos.mn/wp-content/uploads/2016/10/images-150x140.jpg
Requested by: Host: www.casinos.mn
URL: http://www.casinos.mn/cabaret-club-casino-arvostelu/
Protocol: HTTP/1.1
Server: 185.139.162.37 , Sweden, ASN203298 (WINGTOP, SE),
Reverse DNS
Software: Apache /
Resource Hash: 579ee53c1f69fff5f57d7551cf0500b9233a0092e541c3282e093cd2a1515338

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: http://www.casinos.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 28 Jul 2023 13:36:29 GMT
Last-Modified: Wed, 19 Oct 2016 09:29:00 GMT
Server: Apache
ETag: "2027-53f347063ef00"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=150
Content-Length: 8231

GET
H/1.1 200
OK scripts.min.js Show response
www.casinos.mn/wp-content/themes/Divi/js/ 268 KB
69 KB 121ms
118ms Script
application/javascript 185.139.162.37
WINGTOP

General

Check archive.org

Show headers Download Go to

Full URL: http://www.casinos.mn/wp-content/themes/Divi/js/scripts.min.js?ver=4.21.1
Requested by: Host: www.casinos.mn
URL: http://www.casinos.mn/cabaret-club-casino-arvostelu/
Protocol: HTTP/1.1
Server: 185.139.162.37 , Sweden, ASN203298 (WINGTOP, SE),
Reverse DNS
Software: Apache /
Resource Hash: ce0fba73135b78cdb43aaf2b57313570e3b98caadc21d30dcad5cc7211b839c4

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: http://www.casinos.mn/cabaret-club-casino-arvostelu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 28 Jul 2023 13:36:28 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Jul 2023 05:41:43 GMT
Server: Apache
ETag: "42f72-6013511c6628f-gzip"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=149

GET
H/1.1 200
OK jquery.fitvids.js Show response
www.casinos.mn/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/ 3 KB
2 KB 113ms
113ms Script
application/javascript 185.139.162.37
WINGTOP

General

Check archive.org

Show headers Download Go to

Full URL: http://www.casinos.mn/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.fitvids.js?ver=4.21.0
Requested by: Host: www.casinos.mn
URL: http://www.casinos.mn/cabaret-club-casino-arvostelu/
Protocol: HTTP/1.1
Server: 185.139.162.37 , Sweden, ASN203298 (WINGTOP, SE),
Reverse DNS
Software: Apache /
Resource Hash: 462747422c6af30aa81a0373fa1cfd736455cef52bdbb816f67be9531d84eace

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: http://www.casinos.mn/cabaret-club-casino-arvostelu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 28 Jul 2023 13:36:28 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Jul 2023 05:41:44 GMT
Server: Apache
ETag: "d15-6013511d0557f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=146
Content-Length: 1341

GET
H/1.1 200
OK common.js Show response
www.casinos.mn/wp-content/themes/Divi/core/admin/js/ 1 KB
900 B 111ms
111ms Script
application/javascript 185.139.162.37
WINGTOP

General

Check archive.org

Show headers Download Go to

Full URL: http://www.casinos.mn/wp-content/themes/Divi/core/admin/js/common.js?ver=4.21.0
Requested by: Host: www.casinos.mn
URL: http://www.casinos.mn/cabaret-club-casino-arvostelu/
Protocol: HTTP/1.1
Server: 185.139.162.37 , Sweden, ASN203298 (WINGTOP, SE),
Reverse DNS
Software: Apache /
Resource Hash: 1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: http://www.casinos.mn/cabaret-club-casino-arvostelu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 28 Jul 2023 13:36:28 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Jul 2023 05:41:43 GMT
Server: Apache
ETag: "53f-6013511c4300b-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=148
Content-Length: 566

GET
H2 200 esDR31xSG-6AGleN2tukkA.woff2
fonts.gstatic.com/s/abeezee/v22/ 17 KB
18 KB 249ms
79ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/abeezee/v22/esDR31xSG-6AGleN2tukkA.woff2

Requested by

Host: www.casinos.mn
URL: http://www.casinos.mn/cabaret-club-casino-arvostelu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

cc0770f5a2d562ea5334bed0b1bc9b487903997c8087e9690c2ba132ff219987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.casinos.mn/
Origin: http://www.casinos.mn
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 21:30:19 GMT
x-content-type-options: nosniff
age: 489970
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17860
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:45:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Jul 2024 21:30:19 GMT

GET
H/1.1 200
OK modules.woff
www.casinos.mn/wp-content/themes/Divi/core/admin/fonts/modules/base/ 6 KB
6 KB 126ms
125ms Font
application/font-woff 185.139.162.37
WINGTOP

General

Check archive.org

Show headers Download Go to

Full URL: http://www.casinos.mn/wp-content/themes/Divi/core/admin/fonts/modules/base/modules.woff
Requested by: Host: www.casinos.mn
URL: http://www.casinos.mn/cabaret-club-casino-arvostelu/
Protocol: HTTP/1.1
Server: 185.139.162.37 , Sweden, ASN203298 (WINGTOP, SE),
Reverse DNS
Software: Apache /
Resource Hash: 4c8864d71ebc87c2fbb4c3a2f74693f7b4869575aae806b90e5c8fe0dc0cea7f

Request headers

Referer: http://www.casinos.mn/cabaret-club-casino-arvostelu/
Origin: http://www.casinos.mn
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 28 Jul 2023 13:36:29 GMT
Last-Modified: Mon, 24 Jul 2023 05:41:43 GMT
Server: Apache
ETag: "18a0-6013511c558ed"
Content-Type: application/font-woff
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=149
Content-Length: 6304

GET iWMOans7bqs
www.youtube.com/embed/ Frame 8336 0
0

GET
H/1.1 200
OK download-300x132.jpg
www.casinos.mn/wp-content/uploads/2016/10/ 12 KB
12 KB 112ms
112ms Image
image/jpeg 185.139.162.37
WINGTOP

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.casinos.mn/wp-content/uploads/2016/10/download-300x132.jpg
Requested by: Host: www.casinos.mn
URL: http://www.casinos.mn/cabaret-club-casino-arvostelu/
Protocol: HTTP/1.1
Server: 185.139.162.37 , Sweden, ASN203298 (WINGTOP, SE),
Reverse DNS
Software: Apache /
Resource Hash: 6f70b60c7e654e679670fb2ee7515a958dc528a9f7ad4b36fbb36cb5423df18f

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: http://www.casinos.mn/cabaret-club-casino-arvostelu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 28 Jul 2023 13:36:29 GMT
Last-Modified: Wed, 19 Oct 2016 09:28:58 GMT
Server: Apache
ETag: "30e0-53f3470456a80"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=149
Content-Length: 12512

GET
H2 200 iWMOans7bqs Show response
www.youtube.com/embed/ Frame 14A6 78 KB
33 KB 233ms
233ms Document
text/html 216.58.212.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/iWMOans7bqs

Requested by

Host: www.casinos.mn
URL: http://www.casinos.mn/wp-includes/js/jquery/jquery.min.js?ver=3.6.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f14.1e100.net

Software

ESF /

Resource Hash

314d62b81542c2cdd90285ba1b16040a3581f78ce64833e667f9981965de4bab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.casinos.mn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy-report-only: base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';script-src 'report-sample' 'nonce--jo_3rOCq_xi39iTIzUctA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline';report-uri /cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 13:36:29 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=pt-PT for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 www-player.css
www.youtube.com/s/player/0e6aaa83/ Frame 14A6 378 KB
47 KB 85ms
84ms Stylesheet
text/css 216.58.212.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0e6aaa83/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/iWMOans7bqs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f14.1e100.net

Software

sffe /

Resource Hash

1e661ba04912a7c8b856cc3326eec59d54402e18872a3cc73a86fd6d4b86cf31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.youtube.com/embed/iWMOans7bqs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:46:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21022
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48028
x-xss-protection: 0
last-modified: Tue, 25 Jul 2023 23:37:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 27 Jul 2024 07:46:07 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 14A6 15 KB
15 KB 90ms
89ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/iWMOans7bqs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 09:40:06 GMT
x-content-type-options: nosniff
age: 186983
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Jul 2024 09:40:06 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 14A6 15 KB
15 KB 83ms
83ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/iWMOans7bqs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:23:37 GMT
x-content-type-options: nosniff
age: 234772
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Jul 2024 20:23:37 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/0e6aaa83/www-embed-player.vflset/ Frame 14A6 311 KB
93 KB 83ms
82ms Script
text/javascript 216.58.212.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0e6aaa83/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/iWMOans7bqs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f14.1e100.net

Software

sffe /

Resource Hash

66c1d81678b55bce491d7ec9fc67db808459b3eaa5aa8339170295fa921cbd88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.youtube.com/embed/iWMOans7bqs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 13:23:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 795
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95340
x-xss-protection: 0
last-modified: Tue, 25 Jul 2023 23:37:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 27 Jul 2024 13:23:14 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/0e6aaa83/player_ias.vflset/pt_PT/ Frame 14A6 2 MB
745 KB 129ms
129ms Script
text/javascript 216.58.212.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0e6aaa83/player_ias.vflset/pt_PT/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/iWMOans7bqs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f14.1e100.net

Software

sffe /

Resource Hash

7158fafc2e760fffb06de90f3257c9958e879ed89fbcbc7806e3c58effacc610

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.youtube.com/embed/iWMOans7bqs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 03:37:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122313
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 762190
x-xss-protection: 0
last-modified: Tue, 25 Jul 2023 23:37:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 26 Jul 2024 03:37:56 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/0e6aaa83/fetch-polyfill.vflset/ Frame 14A6 9 KB
3 KB 128ms
128ms Script
text/javascript 216.58.212.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0e6aaa83/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/iWMOans7bqs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f14.1e100.net

Software

sffe /

Resource Hash

ac8177161c3038b07597ec544de3c00f46e1a0aa6b4b4c045ff0495553cc5069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.youtube.com/embed/iWMOans7bqs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 10:45:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10232
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2625
x-xss-protection: 0
last-modified: Tue, 25 Jul 2023 23:37:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 27 Jul 2024 10:45:57 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 14A6
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

91ms
89ms

XHR
application/json

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/iWMOans7bqs

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

5fe7dacb7da23e0120c288ce71ced5bf23e9abd94fb3dead213eaad72cf02a1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 13:36:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 28 Jul 2023 13:36:30 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 14A6 29 B
495 B 272ms
98ms Script
text/javascript 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0e6aaa83/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f6.1e100.net

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 13:27:57 GMT
x-content-type-options: nosniff
age: 513
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 28 Jul 2023 13:42:57 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 273ms
90ms Preflight
text/html 172.217.18.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f10.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 28 Jul 2023 13:36:30 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 14A6 68 KB
31 KB 99ms
98ms XHR
application/json+protobuf 172.217.18.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0e6aaa83/player_ias.vflset/pt_PT/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f10.1e100.net

Software

ESF /

Resource Hash

0dd9b41c2811853938e372acd9d11070d6d9c9cf928c98c53edf2158aea93163

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 28 Jul 2023 13:36:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31812
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/0e6aaa83/player_ias.vflset/pt_PT/ Frame 14A6 116 KB
33 KB 82ms
82ms Script
text/javascript 216.58.212.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0e6aaa83/player_ias.vflset/pt_PT/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0e6aaa83/player_ias.vflset/pt_PT/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f14.1e100.net

Software

sffe /

Resource Hash

aba10ed5403f0a0cd5bf738e70a348a60c947532c3baac91e4f202caadc38913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.youtube.com/embed/iWMOans7bqs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 03:47:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 208120
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33636
x-xss-protection: 0
last-modified: Tue, 25 Jul 2023 23:37:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 25 Jul 2024 03:47:49 GMT

GET
H2 200 8BnCbiliH-guui2Vq9aW8FXO5FubzhIHYOs_9ZPSwW0.js Show response
www.google.com/js/th/ Frame 14A6 37 KB
15 KB 291ms
81ms Script
text/javascript 142.250.184.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/8BnCbiliH-guui2Vq9aW8FXO5FubzhIHYOs_9ZPSwW0.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0e6aaa83/player_ias.vflset/pt_PT/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f4.1e100.net

Software

sffe /

Resource Hash

f019c26e29621fe82eba2d95abd696f055cee45b9bce120760eb3ff593d2c16d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 06:30:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 457549
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14611
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 22 Jul 2024 06:30:41 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/iWMOans7bqs/ Frame 14A6 35 KB
36 KB 346ms
159ms Image
image/jpeg 172.217.23.118
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/iWMOans7bqs/sddefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/iWMOans7bqs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.118 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f22.1e100.net

Software

sffe /

Resource Hash

7c693e91bdc7ce6998538ff78ecf7eae9278d72d5eaadf6503711bc1802dd60f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 13:36:30 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36041
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 28 Jul 2023 15:36:30 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/0e6aaa83/player_ias.vflset/pt_PT/ Frame 14A6 28 KB
8 KB 81ms
81ms Script
text/javascript 216.58.212.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0e6aaa83/player_ias.vflset/pt_PT/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0e6aaa83/player_ias.vflset/pt_PT/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f14.1e100.net

Software

sffe /

Resource Hash

2b5fbfc6e0dc12c29abcc582a38c579882d496d97215c971959b427bf6c65f80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.youtube.com/embed/iWMOans7bqs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:06:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9027
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8134
x-xss-protection: 0
last-modified: Tue, 25 Jul 2023 23:37:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 27 Jul 2024 11:06:02 GMT

GET
DATA 200
OK truncated
/ Frame 14A6 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AOPolaTDGqJZiBvI4mhxzu-G1u9tvAIrMSaKLbqG7w=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 14A6 1 KB
1 KB 2910ms
2733ms Image
image/jpeg 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AOPolaTDGqJZiBvI4mhxzu-G1u9tvAIrMSaKLbqG7w=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/iWMOans7bqs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

fife /

Resource Hash

90c4cc12d93ff8c775faef7190d52061028b01dd8c8d58441e6d8f8749f6a805

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 13:36:32 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1104
x-xss-protection: 0
expires: Sat, 29 Jul 2023 13:36:32 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 14A6 4 KB
2 KB 333ms
127ms Script
text/javascript 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0e6aaa83/player_ias.vflset/pt_PT/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 13:36:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Jul 2023 13:36:30 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 14A6 0
10 B 87ms
87ms Image
text/plain 216.58.212.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?caFUnQ
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/iWMOans7bqs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.212.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s46-in-f14.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.youtube.com/embed/iWMOans7bqs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 13:36:30 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 88ms
88ms Preflight
text/html 172.217.18.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f10.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 28 Jul 2023 13:36:30 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 14A6 94 B
138 B 92ms
92ms XHR
application/json+protobuf 172.217.18.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0e6aaa83/player_ias.vflset/pt_PT/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f10.1e100.net

Software

ESF /

Resource Hash

8731791890a48d0f92889e7721a0a1ccefe3997d6d0617e86ffc8a34afddcbfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 28 Jul 2023 13:36:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 114
x-xss-protection: 0

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 14A6 28 B
54 B 99ms
95ms XHR
application/json 216.58.212.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0e6aaa83/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f14.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Goog-Request-Time: 1690551391801
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/iWMOans7bqs
X-YouTube-Client-Version: 1.20230723.00.01
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtnMFgzSWtiR0RpRSjdiI-mBg%3D%3D
X-YouTube-Ad-Signals: dt=1690551389578&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C795%2C447&vis=1&wgl=true&ca_type=image

Response headers

date: Fri, 28 Jul 2023 13:36:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Fri, 28 Jul 2023 13:36:31 GMT

GET
H2

200

Primary Request domainClick
p185689.myckdom.com/adServe/
Redirect Chain

https://www.wow-robotics.xyz/
https://myckdom.com/aS/feedclick?s=tmxvfbadWlmQoFHyRsWD6K3dDnCBF-q5H1iTQpVoGyYgBfwrXRI2ZZ1B-kb1vwChg2RvEwrk2eqQ6BMJcmqdpP5PY7DAm2XxlGTWJnIp7dGzHX4g97662Pb5np8cxJs0YFos_XX7JtPGVWViaJip_hogB25Y-eBDEu...
https://p185689.myckdom.com/adServe/domainClick?ai=8t_YSst-khTvLqXqTCUONVUZl22rLbr1U46zJ0O_-GD-nhE1ILDbb6HqcP8ztjOFo17Oq_C2YYrRRwpQIqQBs1xHBdfbyL_T8R3-Lf5i2Nw1RhEP6v1HQqlBf36KwrBMv73_L9KsAsUPdhGn3_...

289 B
0

199ms
192ms

Document
text/html

52.117.247.211

General

Check archive.org

Show headers Download Go to

Full URL: https://p185689.myckdom.com/adServe/domainClick?ai=8t_YSst-khTvLqXqTCUONVUZl22rLbr1U46zJ0O_-GD-nhE1ILDbb6HqcP8ztjOFo17Oq_C2YYrRRwpQIqQBs1xHBdfbyL_T8R3-Lf5i2Nw1RhEP6v1HQqlBf36KwrBMv73_L9KsAsUPdhGn3_C1PnzMxTSW33E-llpg4FhZfxSp-9E1ErW-wSHAqYiFAxRBh2YkvkGSXBrr2iPLc49PEYSqtsHB64WQjTg2hoIQsPvZIRkIcTbIs8VITNE5BIDx63V2gH-SXW02DI6RgW6gWVE_VEqSqib4vsB0iuJvaA4l_jIE1GWrF0-cSEhrDbOxEkcnN0O_o7n7N9RLydVTTh8VzEnRK1KGnazT_fgIBNS4dnN5JBOCTIW_9plALkDivgUM53Dzny0iZs55fPbhlVFjRcsj7Dbq1aOuLzwF6DpmidZ79W2X0diAbtp9NeTI&ui=tmxvfbadWlmQoFHyRsWD6FY37AsT2Aew6S7gT6OG4UMyDpLRzpxdY9FGRPu0-qZIK3fPymWpRQd0i5QO3eZs5Xw1EuhU59Ulk28RAZYmbFST5zS9ro7S6w&si=1&oref=fb3bef0beb1a7c8513abcc01253a4bd2&optunit=hY-uC7RfwEIK7ekdAQLwPmWSQsQHXjql&rb=Z-3VHHfg0Tk&rr=0&abtg=0
Requested by: Host: www.casinos.mn
URL: http://www.casinos.mn/cabaret-club-casino-arvostelu/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.117.247.211 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: http://www.casinos.mn/cabaret-club-casino-arvostelu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Fri, 28 Jul 2023 13:36:35 GMT
server: nginx
vary: Accept-Encoding

Redirect headers

content-length: 0
date: Fri, 28 Jul 2023 13:36:35 GMT
location: https://p185689.myckdom.com/adServe/domainClick?ai=8t_YSst-khTvLqXqTCUONVUZl22rLbr1U46zJ0O_-GD-nhE1ILDbb6HqcP8ztjOFo17Oq_C2YYrRRwpQIqQBs1xHBdfbyL_T8R3-Lf5i2Nw1RhEP6v1HQqlBf36KwrBMv73_L9KsAsUPdhGn3_C1PnzMxTSW33E-llpg4FhZfxSp-9E1ErW-wSHAqYiFAxRBh2YkvkGSXBrr2iPLc49PEYSqtsHB64WQjTg2hoIQsPvZIRkIcTbIs8VITNE5BIDx63V2gH-SXW02DI6RgW6gWVE_VEqSqib4vsB0iuJvaA4l_jIE1GWrF0-cSEhrDbOxEkcnN0O_o7n7N9RLydVTTh8VzEnRK1KGnazT_fgIBNS4dnN5JBOCTIW_9plALkDivgUM53Dzny0iZs55fPbhlVFjRcsj7Dbq1aOuLzwF6DpmidZ79W2X0diAbtp9NeTI&ui=tmxvfbadWlmQoFHyRsWD6FY37AsT2Aew6S7gT6OG4UMyDpLRzpxdY9FGRPu0-qZIK3fPymWpRQd0i5QO3eZs5Xw1EuhU59Ulk28RAZYmbFST5zS9ro7S6w&si=1&oref=fb3bef0beb1a7c8513abcc01253a4bd2&optunit=hY-uC7RfwEIK7ekdAQLwPmWSQsQHXjql&rb=Z-3VHHfg0Tk&rr=0&abtg=0
server: nginx

POST
H3 200 log_event
www.youtube.com/youtubei/v1/ Frame 14A6 28 B
54 B 95ms
94ms XHR
application/json 216.58.212.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0e6aaa83/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f14.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Goog-Request-Time: 1690551392873
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/iWMOans7bqs
X-YouTube-Client-Version: 1.20230723.00.01
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtnMFgzSWtiR0RpRSjdiI-mBg%3D%3D
X-YouTube-Ad-Signals: dt=1690551389578&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C795%2C447&vis=1&wgl=true&ca_type=image

Response headers

date: Fri, 28 Jul 2023 13:36:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Fri, 28 Jul 2023 13:36:32 GMT

GET
H/1.1 200
OK Capture.png
casinos.mn/wp-content/uploads/2016/10/ 4 KB
4 KB 113ms
113ms Image
image/png 185.139.162.37
WINGTOP

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://casinos.mn/wp-content/uploads/2016/10/Capture.png
Protocol: HTTP/1.1
Server: 185.139.162.37 , Sweden, ASN203298 (WINGTOP, SE),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: http://www.casinos.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 28 Jul 2023 13:36:32 GMT
Last-Modified: Thu, 20 Oct 2016 05:11:41 GMT
Server: Apache
ETag: "ec2-53f44f5fedd40"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=149
Content-Length: 3778

POST atr
www.youtube.com/api/stats/ Frame 14A6 0
0

POST log_event
www.youtube.com/youtubei/v1/ Frame 14A6 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.youtube.com
URL: https://www.youtube.com/embed/iWMOans7bqs

Domain: www.youtube.com
URL: https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=6gm5Jk6BlQkEiqM6&ver=2&cmt=0&fs=0&rt=0&euri=http%3A%2F%2Fwww.casinos.mn%2F&lact=5858&cl=551026372&mos=0&volume=100&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20230723.00.01&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&epm=1&hl=pt_PT&cr=GB&len=196&fexp=23858057%2C23983296%2C24004644%2C24007246%2C24080738%2C24135310%2C24208765%2C24366065%2C24373977%2C24380193%2C24380264%2C24415864%2C24439361%2C24488210%2C24528734%2C24543041%2C24543667%2C24543669%2C24544702%2C24559327%2C51000316&muted=0&docid=iWMOans7bqs

Domain: www.youtube.com
URL: https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 7R2RAbgboE8
.youtube.com/	1970-01-20 17:55:03	Name: VISITOR_INFO1_LIVE Value: g0X3IkbGDiE
www.casinos.mn/	1970-01-20 22:21:27	Name: ppkcookie Value: un

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

casinos.mn
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
myckdom.com
p185689.myckdom.com
static.doubleclick.net
www.casinos.mn
www.google.com
www.gstatic.com
www.wow-robotics.xyz
www.youtube.com
yt3.ggpht.com
www.youtube.com
142.250.181.227
142.250.184.227
142.250.184.228
142.250.185.66
142.250.186.161
172.217.16.198
172.217.18.10
172.217.23.118
185.107.56.54
185.139.162.37
216.58.212.142
52.117.247.211
0c99479310af9481a2ce38b18a46223d189e702dda2a9afc4ea9cf2150b14e84
0dd9b41c2811853938e372acd9d11070d6d9c9cf928c98c53edf2158aea93163
166c7c3bb5f76f977a9f2a5490589b3466374eb2b3f064802e56f08bad71fbf0
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b
1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea
1e661ba04912a7c8b856cc3326eec59d54402e18872a3cc73a86fd6d4b86cf31
2721cb3be7704be75a403489d609671fab74269a881ca8b62f1b47f118c02a76
2832ead8f13ea927b717cf8d1060d57926e0b9de9892c2647032427970d01e8e
2b5fbfc6e0dc12c29abcc582a38c579882d496d97215c971959b427bf6c65f80
314d62b81542c2cdd90285ba1b16040a3581f78ce64833e667f9981965de4bab
3924ce6678ecbcd0655d6806c7495c55bca3a4f01e6413fedb697ef26598271a
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
462747422c6af30aa81a0373fa1cfd736455cef52bdbb816f67be9531d84eace
4c8864d71ebc87c2fbb4c3a2f74693f7b4869575aae806b90e5c8fe0dc0cea7f
579ee53c1f69fff5f57d7551cf0500b9233a0092e541c3282e093cd2a1515338
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5fe7dacb7da23e0120c288ce71ced5bf23e9abd94fb3dead213eaad72cf02a1c
66c1d81678b55bce491d7ec9fc67db808459b3eaa5aa8339170295fa921cbd88
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6
6bbc0524430f4927ac6edd2ba81ac3b5d33a077300081246e20f5d8f768190a0
6f70b60c7e654e679670fb2ee7515a958dc528a9f7ad4b36fbb36cb5423df18f
7158fafc2e760fffb06de90f3257c9958e879ed89fbcbc7806e3c58effacc610
7c693e91bdc7ce6998538ff78ecf7eae9278d72d5eaadf6503711bc1802dd60f
8731791890a48d0f92889e7721a0a1ccefe3997d6d0617e86ffc8a34afddcbfb
90c4cc12d93ff8c775faef7190d52061028b01dd8c8d58441e6d8f8749f6a805
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
aba10ed5403f0a0cd5bf738e70a348a60c947532c3baac91e4f202caadc38913
ac8177161c3038b07597ec544de3c00f46e1a0aa6b4b4c045ff0495553cc5069
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
cc0770f5a2d562ea5334bed0b1bc9b487903997c8087e9690c2ba132ff219987
ce0fba73135b78cdb43aaf2b57313570e3b98caadc21d30dcad5cc7211b839c4
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f019c26e29621fe82eba2d95abd696f055cee45b9bce120760eb3ff593d2c16d
f58e30ab562e4d580aa3af24b123c2c296906742de518a749215e13d6bd2f0db

p185689.myckdom.com Open in urlscan Pro 52.117.247.211 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

47 Requests

49 %HTTPS

0 %IPv6

10 Domains

14 Subdomains

12 IPs

2 Countries

1360 kBTransfer

4214 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

p185689.myckdom.com Open in urlscan Pro
52.117.247.211 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

49 %
HTTPS

0 %
IPv6

10
Domains

14
Subdomains

12
IPs

2
Countries

1360 kB
Transfer

4214 kB
Size

3
Cookies

47 HTTP transactions
1 data transactions