www.ganarcasinos.es Open in urlscan Pro
2606:4700:3033::681c:8ee Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bit.ly/3oeAxTS
Effective URL:
https://www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/index.html
Submission: On October 29 via api (October 29th 2020, 3:22:55 pm UTC) from IE

Summary HTTP 23 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 4 domains to perform 23 HTTP transactions. The main IP is 2606:4700:3033::681c:8ee, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.ganarcasinos.es.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 17th 2020. Valid for: a year.

This is the only time www.ganarcasinos.es was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.11 67.199.248.11	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
11	2606:4700:303... 2606:4700:3033::681c:8ee	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	40.90.137.127 40.90.137.127	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
11	152.199.23.37 152.199.23.37	15133 (EDGECAST) (EDGECAST)
23	3

1 67.199.248.11 (United States) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:3033::681c:8ee (United States)

ASN13335 (CLOUDFLARENET, US)

www.ganarcasinos.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.90.137.127 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 152.199.23.37 (United States)

ASN15133 (EDGECAST, US)

aadcdn.msftauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	msftauth.net aadcdn.msftauth.net	158 KB
11	ganarcasinos.es www.ganarcasinos.es	77 KB
1	live.com login.live.com
1	bit.ly 1 redirects bit.ly	301 B
23	4

	Domain	Requested by
11	aadcdn.msftauth.net	www.ganarcasinos.es
11	www.ganarcasinos.es	www.ganarcasinos.es aadcdn.msftauth.net
1	login.live.com	www.ganarcasinos.es
1	bit.ly	1 redirects
23	4

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
privacy.microsoft.com
login.microsoftonline.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-17` - `2021-08-17`	a year	crt.sh
login.live.com DigiCert SHA2 Secure Server CA	`2020-10-07` - `2021-10-07`	a year	crt.sh
aadcdn.msftauth.net DigiCert SHA2 Secure Server CA	`2020-07-09` - `2021-07-09`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/index.html
Frame ID: 11AC7D779774D9E71B6E6BA85BD493BD
Requests: 22 HTTP requests in this frame

Frame: https://www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/Sign%20in%20to%20Outlook_files/prefetch.html
Frame ID: 6235A4552EB84CA9D893ECF1C3D8C477
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://bit.ly/3oeAxTS HTTP 301
https://www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/index.html Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

23
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

3
IPs

1
Countries

235 kB
Transfer

917 kB
Size

1
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.microsoft.com/en-US/servicesagreement/
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://privacy.microsoft.com/en-US/privacystatement
Title: Privacy & cookies

Search URL Search Domain Scan URL

URL: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&client-request-id=32a00b97-c962-48ee-997a-4a341c06e672&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=637365470913850890.c29e8aab-84c0-4f53-9f09-81e9370b93e4&state=DctBEoAgCEBRrOk4JAYKHEcd3bbs-rF4f_cTAJzhCIkioI2VWxUlL2yVzOmejy_rfaDJJJRdGX2To5XlrDScl6R4r_x-Pf8&sso_reload=true
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bit.ly/3oeAxTS HTTP 301
https://www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request index.html Show response www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/ Redirect Chain https://bit.ly/3oeAxTS https://www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/index.html	617 KB 68 KB	236ms 172ms	Document text/html	2606:4700:3033::681c:8ee CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681c:8ee , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5578596ce95396295cb835cfb4c45a3aceef2c156a2f2aa5eff1686bae3b2d37` Request headers :method GET :authority www.ganarcasinos.es :scheme https :path /wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/index.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Thu, 29 Oct 2020 15:22:38 GMT content-type text/html set-cookie __cfduid=d13b07bf980d38a66a9312211c465e2ec1603984958; expires=Sat, 28-Nov-20 15:22:38 GMT; path=/; domain=.ganarcasinos.es; HttpOnly; SameSite=Lax last-modified Sun, 27 Sep 2020 08:35:56 GMT vary Accept-Encoding expires Sat, 28 Nov 2020 15:22:38 GMT cache-control max-age=2592000 cf-cache-status DYNAMIC cf-request-id 06168d3a6f000016f2af8a7000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rW65N81twK%2FjVBlLR4mB7MEEwyKv6Ihy2j3scfo7sOZZ8AZWMZlscVjJ1Mi9UU6YOpBsiliRKivnNMEsyrVkuglf8eL5dt%2BEIGcIkQkFSBfeowBZx0v%2B0qz3ecQ3eikU"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 5e9de4a3e94a16f2-FRA content-encoding br Redirect headers status 301 server nginx date Thu, 29 Oct 2020 15:22:37 GMT content-type text/html; charset=utf-8 content-length 182 cache-control private, max-age=90 content-security-policy referrer always; location https://www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/index.html referrer-policy unsafe-url set-cookie _bit=k9tfmB-cb93847957790c35f6-00A; Domain=bit.ly; Expires=Tue, 27 Apr 2021 15:22:37 GMT via 1.1 google alt-svc clear
GET H2	200	Me.htm login.live.com/	0 0	359ms 119ms	Other text/html	40.90.137.127 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://login.live.com/Me.htm?v=3 Requested by Host: www.ganarcasinos.es URL: https://www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/index.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.90.137.127 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash Request headers Referer https://www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers
GET H2	404	OldConvergedLogin_PCore_kHhxXOwRKOBKL9wP7RdDrw2.js www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/Sign%20in%20to%20Outlook_files/	0 0	437ms 436ms	Script text/html	2606:4700:3033::681c:8ee CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/Sign%20in%20to%20Outlook_files/OldConvergedLogin_PCore_kHhxXOwRKOBKL9wP7RdDrw2.js Requested by Host: www.ganarcasinos.es URL: https://www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681c:8ee , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Origin https://www.ganarcasinos.es Referer https://www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 29 Oct 2020 15:22:38 GMT content-encoding br cf-cache-status EXPIRED nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eT2ClHb0ZPAb3ACTz3LBup9BDJdIRIHCkkZOdovdoEIOTHqXz6C7%2BdOiJZJGlJglWkNMie%2BHRN5kB53SIQABp%2BPlT8wBYoEva9Tczb3aXxBdNPWWnnlhRIASnLSMNQzo"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 status 404 cache-control max-age=14400 cf-ray 5e9de4a57d2616f2-FRA cf-request-id 06168d3b6b000016f2ad0cb000000001
GET H2	200	53_8b36337037cff88c3df203bb73d58e41.png www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/AyuhgXvfhSjfjMSN_files/	5 KB 5 KB	469ms 469ms	Image image/png	2606:4700:3033::681c:8ee CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/AyuhgXvfhSjfjMSN_files/53_8b36337037cff88c3df203bb73d58e41.png Requested by Host: www.ganarcasinos.es URL: https://www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681c:8ee , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e4e1e65871749d18aea150643c07e0aab2057da057c6c57ec1c3c43580e1c898` Request headers Referer https://www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 29 Oct 2020 15:22:39 GMT cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} status 200 content-length 5139 cf-request-id 06168d3cd1000016f2b4bef000000001 last-modified Thu, 24 Sep 2020 06:25:20 GMT server cloudflare etag "5f6c3bd0-1413" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZdBLdcnfTWiPs%2BeM8wA3SqrDSWhM62K2QGWHVZxyYP819pz156B2gpm4smgBEYiYOKaBiFsWl42uMU2cXFdaefhK91j5AtmIKwFuuF9cgzpnvCh6Wo2nZ3bU5Byl13KC"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=2592000 accept-ranges bytes cf-ray 5e9de4a7bb3316f2-FRA expires Sat, 28 Nov 2020 14:30:27 GMT
GET H2	200	microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/AyuhgXvfhSjfjMSN_files/	4 KB 2 KB	424ms 424ms	Image image/svg+xml	2606:4700:3033::681c:8ee CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/AyuhgXvfhSjfjMSN_files/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg Requested by Host: www.ganarcasinos.es URL: https://www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681c:8ee , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a` Request headers Referer https://www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 29 Oct 2020 15:22:39 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} status 200 cf-request-id 06168d3d21000016f26e2d3000000001 last-modified Thu, 24 Sep 2020 06:25:20 GMT server cloudflare etag W/"5f6c3bd0-e43" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NEUCqAg9f%2FBttJ1B8SUwceDr66MUDfItE%2F6ULUIuGWEKTSeeQdyqR6W6%2F%2BFDIByk7vHQBRFJNm91h2OzDviqp2hi7MOU5nRQ7pVcwC5eyoMK71TSaxtxrHH3zeoewxK0"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=2592000 cf-ray 5e9de4a83c6e16f2-FRA expires Sat, 28 Nov 2020 14:30:27 GMT
GET H2	404	ellipsis_white_5ac590ee72bfe06a7cecfd75b588ad73.svg www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/Sign%20in%20to%20Outlook_files/	281 B 281 B	456ms 453ms	Image text/html	2606:4700:3033::681c:8ee CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/Sign%20in%20to%20Outlook_files/ellipsis_white_5ac590ee72bfe06a7cecfd75b588ad73.svg Requested by Host: www.ganarcasinos.es URL: https://www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681c:8ee , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `60c5c833f0add113a7812ef76fa6a5e176810453bf0e8d5c6bfd4dd3eb9eb148` Request headers Referer https://www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 29 Oct 2020 15:22:39 GMT content-encoding br cf-cache-status EXPIRED nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WUTxDPTH5VEnSID%2BzcAqwg%2B82elO%2BJ%2BwQm3tUiURHEg9piSDeHmJSQNCJ8fxOQgy12d8kHmPjdsbcONbuBa%2BPiZ9%2BSrVF%2F9TZseNxsrb6NONBwD1rQfmWPARmaNuZuTV"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 status 404 cache-control max-age=14400 cf-ray 5e9de4a84cac16f2-FRA cf-request-id 06168d3d2c000016f2d435b000000001
GET H2	404	OldConvergedLogin_PCore_kHhxXOwRKOBKL9wP7RdDrw2.js www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/Sign%20in%20to%20Outlook_files/	0 0	24ms 21ms	Script text/html	2606:4700:3033::681c:8ee CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/Sign%20in%20to%20Outlook_files/OldConvergedLogin_PCore_kHhxXOwRKOBKL9wP7RdDrw2.js Requested by Host: www.ganarcasinos.es URL: https://www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681c:8ee , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Origin https://www.ganarcasinos.es Referer https://www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 29 Oct 2020 15:22:38 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} server cloudflare age 0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bzowfFZDxcYlD6kODpYZgOyTEk15Mep6zLKBZeyPl5MD94YUQIuv90sQNgjjC7qBTK2YDCEXSkbtXX5Q72n4OaoEgDo7abgAvUHCcnIEZrfwc3XuQuOnLDu%2B0sRNQ2SV"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 status 404 cache-control max-age=14400 cf-ray 5e9de4a84cb116f2-FRA cf-request-id 06168d3d2c000016f28a0a4000000001
GET H2	200	watsonsupport.min_3z194vh3l5oibjd0ejgm-q2.js Show response aadcdn.msftauth.net/ests/2.1/content/cdnbundles/	109 KB 38 KB	110ms 27ms	Script application/x-javascript	152.199.23.37 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/watsonsupport.min_3z194vh3l5oibjd0ejgm-q2.js Requested by Host: www.ganarcasinos.es URL: https://www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.23.37 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (ska/F796) / Resource Hash `1a74f847d2f4d5a110b3e530b8b5ecf3e2e83f54dabc51f969a9a5066d66770f` Request headers Origin https://www.ganarcasinos.es Referer https://www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 29 Oct 2020 15:22:38 GMT content-encoding gzip content-md5 brVxodcwJD/zDpCOZlq9qA== age 20178697 x-cache HIT status 200 content-length 38881 x-ms-lease-status unlocked last-modified Fri, 26 Apr 2019 02:53:39 GMT server ECAcc (ska/F796) etag 0x8D6C9F26275A345 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id b8617674-501e-0005-4681-f6cb24000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	converged.v2.login.min_wixdbz3ubznoegxpcgkfog2.css aadcdn.msftauth.net/ests/2.1/content/cdnbundles/	0 20 KB	127ms 44ms	Other text/css	152.199.23.37 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_wixdbz3ubznoegxpcgkfog2.css Requested by Host: www.ganarcasinos.es URL: https://www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.23.37 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (ska/F734) / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 29 Oct 2020 15:22:38 GMT content-encoding gzip content-md5 /7H4IR1YAHBHDqgAZw2T1Q== age 6130239 x-cache HIT status 200 content-length 19750 x-ms-lease-status unlocked last-modified Tue, 18 Aug 2020 21:44:03 GMT server ECAcc (ska/F734) etag 0x8D843BFD37E3E8A vary Accept-Encoding content-type text/css access-control-allow-origin * x-ms-request-id 42fd321f-f01e-009e-3a46-765806000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	ux.converged.login.strings-en.min_yruqtyo0qslo70l4a-_ung2.js aadcdn.msftauth.net/ests/2.1/content/cdnbundles/	0 11 KB	135ms 52ms	Other application/x-javascript	152.199.23.37 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_yruqtyo0qslo70l4a-_ung2.js Requested by Host: www.ganarcasinos.es URL: https://www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.23.37 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (ska/F74F) / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 29 Oct 2020 15:22:38 GMT content-encoding gzip content-md5 5Zw7HraGKmMzSIoAiA15xA== age 6730557 x-cache HIT status 200 content-length 11322 x-ms-lease-status unlocked last-modified Wed, 12 Aug 2020 03:06:16 GMT server ECAcc (ska/F74F) etag 0x8D83E6CAD740F66 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id 359ca818-b01e-0053-28d0-706e6f000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	404	prefetch.html Show response www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/Sign%20in%20to%20Outlook_files/ Frame 6235	281 B 626 B	467ms 466ms	Document text/html	2606:4700:3033::681c:8ee CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/Sign%20in%20to%20Outlook_files/prefetch.html Requested by Host: www.ganarcasinos.es URL: https://www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681c:8ee , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `60c5c833f0add113a7812ef76fa6a5e176810453bf0e8d5c6bfd4dd3eb9eb148` Request headers :method GET :authority www.ganarcasinos.es :scheme https :path /wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/Sign%20in%20to%20Outlook_files/prefetch.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-origin sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/index.html accept-encoding gzip, deflate, br accept-language en-US cookie __cfduid=d13b07bf980d38a66a9312211c465e2ec1603984958 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/index.html Response headers status 404 date Thu, 29 Oct 2020 15:22:39 GMT content-type text/html; charset=iso-8859-1 vary Accept-Encoding cf-cache-status DYNAMIC cf-request-id 06168d3d2d000016f2a4078000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JHjoZwmxaYz5bIpPj7zOntY7rRCN5v4aDUZc56EzHcMaeJol5%2BhhMzJsmwOhtB91cBo7HOT8z5v%2Br3Wq6J8c5eJjjQse%2FLM5KpNNUK%2BiqyIpdrVa0lVNa8IR1OpBh7JE"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 5e9de4a84cb416f2-FRA content-encoding br
GET H2	200	49-small_e58aafc980614a9cd7796bea7b5ea8f0.jpg aadcdn.msftauth.net/shared/1.0/content/images/appbackgrounds/	987 B 1 KB	105ms 27ms	Image image/jpeg	152.199.23.37 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://aadcdn.msftauth.net/shared/1.0/content/images/appbackgrounds/49-small_e58aafc980614a9cd7796bea7b5ea8f0.jpg Requested by Host: www.ganarcasinos.es URL: https://www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.23.37 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (ska/F737) / Resource Hash `8b34a475187302935336bf43a2bf2a4e0adb9a1e87953ea51f6fcf0ef52a4a1d` Request headers Referer https://www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 29 Oct 2020 15:22:38 GMT content-md5 5YqvyYBhSpzXeWvqe16o8A== age 13367858 x-cache HIT status 200 content-length 987 x-ms-lease-status unlocked last-modified Fri, 27 Mar 2020 19:42:36 GMT server ECAcc (ska/F737) etag 0x8D7D287001BC861 content-type image/jpeg access-control-allow-origin * x-ms-request-id ef901097-601e-001b-5172-34b5e2000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	49_7916a894ebde7d29c2cc29b267f1299f.jpg aadcdn.msftauth.net/shared/1.0/content/images/appbackgrounds/	17 KB 17 KB	106ms 28ms	Image image/jpeg	152.199.23.37 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://aadcdn.msftauth.net/shared/1.0/content/images/appbackgrounds/49_7916a894ebde7d29c2cc29b267f1299f.jpg Requested by Host: www.ganarcasinos.es URL: https://www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.23.37 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (ska/F690) / Resource Hash `d8f5ab3e00202fd3b45be1acd95d677b137064001e171bc79b06826d98f1e1d3` Request headers Referer https://www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 29 Oct 2020 15:22:38 GMT content-md5 eRaolOvefSnCzCmyZ/Epnw== age 13367858 x-cache HIT status 200 content-length 17453 x-ms-lease-status unlocked last-modified Fri, 27 Mar 2020 19:42:36 GMT server ECAcc (ska/F690) etag 0x8D7D2870015D3DE content-type image/jpeg access-control-allow-origin * x-ms-request-id d3284268-f01e-0070-3472-34e35e000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	404	OldConvergedLogin_PCore_kHhxXOwRKOBKL9wP7RdDrw2.js www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/Sign%20in%20to%20Outlook_files/	0 0	19ms 19ms	Script text/html	2606:4700:3033::681c:8ee CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/Sign%20in%20to%20Outlook_files/OldConvergedLogin_PCore_kHhxXOwRKOBKL9wP7RdDrw2.js Requested by Host: www.ganarcasinos.es URL: https://www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681c:8ee , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Origin https://www.ganarcasinos.es Referer https://www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 29 Oct 2020 15:22:39 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} server cloudflare age 1 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ckzyzNCNq8jokWH0UT5P9iGPvGZMMw9BpjsSuwU83RAf5aL2XSI4C98o7c8RNsxrQFCwvLy2GYDZNT%2B8Rm%2BrLAH4Bq%2FrBJHGE2i2it8btStTc4watIlkkM3yH%2BxpLHe2"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 status 404 cache-control max-age=14400 cf-ray 5e9de4aafbc616f2-FRA cf-request-id 06168d3edd000016f2ac868000000001
GET H2	200	frameworksupport.min_zhg7it_lri4wqwee0pmhtg2.js Show response aadcdn.msftauth.net/ests/2.1/content/cdnbundles/	12 KB 5 KB	48ms 47ms	Script application/x-javascript	152.199.23.37 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/frameworksupport.min_zhg7it_lri4wqwee0pmhtg2.js Requested by Host: www.ganarcasinos.es URL: https://www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.23.37 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (ska/F741) / Resource Hash `97c9ce1db41c74ae578a94da7837631acb177319dcf31ae4224497a007421701` Request headers Origin https://www.ganarcasinos.es Referer https://www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 29 Oct 2020 15:22:39 GMT content-encoding gzip content-md5 8W9sps2zd/R0DoZY03Uung== age 21386605 x-cache HIT status 200 content-length 4906 x-ms-lease-status unlocked last-modified Wed, 24 Jul 2019 17:18:48 GMT server ECAcc (ska/F741) etag 0x8D7105AFDB9FC01 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id 7167f82c-401e-004a-2584-eb0865000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	watson.min_v4uqqpbimbulmncaz2jdxw2.js Show response aadcdn.msftauth.net/ests/2.1/content/cdnbundles/	9 KB 4 KB	27ms 27ms	Script application/x-javascript	152.199.23.37 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/watson.min_v4uqqpbimbulmncaz2jdxw2.js Requested by Host: www.ganarcasinos.es URL: https://www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.23.37 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (ska/F6D8) / Resource Hash `d6a0ec54e4153231f075e023abefa3f72440e9f0c9857bcb238d559bb4bbd62d` Request headers Origin https://www.ganarcasinos.es Referer https://www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 29 Oct 2020 15:22:39 GMT content-encoding gzip content-md5 Gu6e2lhy/qbjt/JIwWSZQg== age 6292540 x-cache HIT status 200 content-length 3901 x-ms-lease-status unlocked last-modified Wed, 14 Aug 2019 17:02:10 GMT server ECAcc (ska/F6D8) etag 0x8D720D9253034A4 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id 18384dcb-f01e-0076-30cc-74059f000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	converged.v2.login.min_wixdbz3ubznoegxpcgkfog2.css aadcdn.msftauth.net/ests/2.1/content/cdnbundles/	0 19 KB	29ms 28ms	Other text/css	152.199.23.37 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_wixdbz3ubznoegxpcgkfog2.css Requested by Host: www.ganarcasinos.es URL: https://www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.23.37 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (ska/F734) / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 29 Oct 2020 15:22:39 GMT content-encoding gzip content-md5 /7H4IR1YAHBHDqgAZw2T1Q== age 6130240 x-cache HIT status 200 content-length 19750 x-ms-lease-status unlocked last-modified Tue, 18 Aug 2020 21:44:03 GMT server ECAcc (ska/F734) etag 0x8D843BFD37E3E8A vary Accept-Encoding content-type text/css access-control-allow-origin * x-ms-request-id 42fd321f-f01e-009e-3a46-765806000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	ux.converged.login.strings-en.min_yruqtyo0qslo70l4a-_ung2.js aadcdn.msftauth.net/ests/2.1/content/cdnbundles/	0 11 KB	33ms 32ms	Other application/x-javascript	152.199.23.37 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_yruqtyo0qslo70l4a-_ung2.js Requested by Host: www.ganarcasinos.es URL: https://www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.23.37 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (ska/F74F) / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 29 Oct 2020 15:22:39 GMT content-encoding gzip content-md5 5Zw7HraGKmMzSIoAiA15xA== age 6730558 x-cache HIT status 200 content-length 11322 x-ms-lease-status unlocked last-modified Wed, 12 Aug 2020 03:06:16 GMT server ECAcc (ska/F74F) etag 0x8D83E6CAD740F66 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id 359ca818-b01e-0053-28d0-706e6f000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
POST H2	404	watson Show response www.ganarcasinos.es/common/handlers/	281 B 504 B	124ms 124ms	XHR text/html	2606:4700:3033::681c:8ee CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ganarcasinos.es/common/handlers/watson Requested by Host: aadcdn.msftauth.net URL: https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/watsonsupport.min_3z194vh3l5oibjd0ejgm-q2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681c:8ee , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `60c5c833f0add113a7812ef76fa6a5e176810453bf0e8d5c6bfd4dd3eb9eb148` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 client-request-id 32a00b97-c962-48ee-997a-4a341c06e672 canary AQABAAAAAAB2UyzwtQEKR7-rWbgdcBZIr8SZXrRWHZ-NUKR_jSSxKSXGogWd1Tl5sEGMJ3SyGg5jDG1D2bS4D2PoIQkHq1wd4xjJN-dIb0_18L7GILExoN6_i9QbyJASHPH_GISPyNwpJQi7GFqQlDZNuOi0fi4QywrHCXSqkGpJY84Zx1ZuIoWeIHF6v1gqGNrvlttrYz-JhJLUmE-ygrI_Lhc8WHrFxMPr-d1YFzqBS0IYLEI7JSAA Content-Type application/json; charset=UTF-8 hpgid 1104 Accept application/json Referer https://www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/index.html X-Requested-With XMLHttpRequest hpgact 1800 Response headers date Thu, 29 Oct 2020 15:22:39 GMT content-encoding br cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=R%2Fs9dKWuifgJ9HR6g7GVvCK10B70XyUzX3WDt07ZJbvPpR1I%2FX299VtvUVWXzurjeCVLPUzuspiu0DBCcWIgq2YqOkQJlOIaTeYlm1xMCNb6ZwPP87rs6qgUaAq6ViLN"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 status 404 cf-ray 5e9de4abad7216f2-FRA cf-request-id 06168d3f4c000016f2e81c5000000001
POST H2	404	watson Show response www.ganarcasinos.es/common/handlers/	281 B 483 B	448ms 448ms	XHR text/html	2606:4700:3033::681c:8ee CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ganarcasinos.es/common/handlers/watson Requested by Host: aadcdn.msftauth.net URL: https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/watsonsupport.min_3z194vh3l5oibjd0ejgm-q2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681c:8ee , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `60c5c833f0add113a7812ef76fa6a5e176810453bf0e8d5c6bfd4dd3eb9eb148` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 client-request-id 32a00b97-c962-48ee-997a-4a341c06e672 canary AQABAAAAAAB2UyzwtQEKR7-rWbgdcBZIr8SZXrRWHZ-NUKR_jSSxKSXGogWd1Tl5sEGMJ3SyGg5jDG1D2bS4D2PoIQkHq1wd4xjJN-dIb0_18L7GILExoN6_i9QbyJASHPH_GISPyNwpJQi7GFqQlDZNuOi0fi4QywrHCXSqkGpJY84Zx1ZuIoWeIHF6v1gqGNrvlttrYz-JhJLUmE-ygrI_Lhc8WHrFxMPr-d1YFzqBS0IYLEI7JSAA Content-Type application/json; charset=UTF-8 hpgid 1104 Accept application/json Referer https://www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/index.html X-Requested-With XMLHttpRequest hpgact 1800 Response headers date Thu, 29 Oct 2020 15:22:39 GMT content-encoding br cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SgypQZWoRMbLDTeAjVhQBg7u3GjuLsKvycnbvmyNB4IylSWlMCXnaDEMXgZZY5I%2Bh0zbllDd9YJPwWRvDqR9sRQXn0gwIqWFqmIqKbN9dn7cJ4LIgUnfmBiPSPDpLQ5G"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 status 404 cf-ray 5e9de4abbd8a16f2-FRA cf-request-id 06168d3f52000016f27c211000000001
POST H2	404	watson Show response www.ganarcasinos.es/common/handlers/	281 B 485 B	120ms 120ms	XHR text/html	2606:4700:3033::681c:8ee CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ganarcasinos.es/common/handlers/watson Requested by Host: aadcdn.msftauth.net URL: https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/watsonsupport.min_3z194vh3l5oibjd0ejgm-q2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681c:8ee , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `60c5c833f0add113a7812ef76fa6a5e176810453bf0e8d5c6bfd4dd3eb9eb148` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 client-request-id 32a00b97-c962-48ee-997a-4a341c06e672 canary AQABAAAAAAB2UyzwtQEKR7-rWbgdcBZIr8SZXrRWHZ-NUKR_jSSxKSXGogWd1Tl5sEGMJ3SyGg5jDG1D2bS4D2PoIQkHq1wd4xjJN-dIb0_18L7GILExoN6_i9QbyJASHPH_GISPyNwpJQi7GFqQlDZNuOi0fi4QywrHCXSqkGpJY84Zx1ZuIoWeIHF6v1gqGNrvlttrYz-JhJLUmE-ygrI_Lhc8WHrFxMPr-d1YFzqBS0IYLEI7JSAA Content-Type application/json; charset=UTF-8 hpgid 1104 Accept application/json Referer https://www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/index.html X-Requested-With XMLHttpRequest hpgact 1800 Response headers date Thu, 29 Oct 2020 15:22:39 GMT content-encoding br cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AkGCyvHXr8tRZ%2BzFqXA5TVuajpiZ1jlLF7la7OF5quC08f5UUvrK%2FrwqXHcxLwBOA8ycq7vVk9Dbhg8JwKiBRGOZcNyFs9kL6odenBBDS7EW3MV9cVS%2FdoFdwnBMIhzm"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 status 404 cf-ray 5e9de4abbd9e16f2-FRA cf-request-id 06168d3f58000016f2d5315000000001
GET H2	200	converged.v2.login.min_wixdbz3ubznoegxpcgkfog2.css Show response aadcdn.msftauth.net/ests/2.1/content/cdnbundles/	106 KB 19 KB	27ms 27ms	Fetch text/css	152.199.23.37 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_wixdbz3ubznoegxpcgkfog2.css Requested by Host: www.ganarcasinos.es URL: https://www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.23.37 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (ska/F734) / Resource Hash `a96b2b12489a80eafe62cc4bcc04cb367e2b54efc3039e484211c7deec12c0b8` Request headers Referer https://www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 29 Oct 2020 15:22:44 GMT content-encoding gzip content-md5 /7H4IR1YAHBHDqgAZw2T1Q== age 6130245 x-cache HIT status 200 content-length 19750 x-ms-lease-status unlocked last-modified Tue, 18 Aug 2020 21:44:03 GMT server ECAcc (ska/F734) etag 0x8D843BFD37E3E8A vary Accept-Encoding content-type text/css access-control-allow-origin * x-ms-request-id 42fd321f-f01e-009e-3a46-765806000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	ux.converged.login.strings-en.min_yruqtyo0qslo70l4a-_ung2.js Show response aadcdn.msftauth.net/ests/2.1/content/cdnbundles/	37 KB 11 KB	31ms 31ms	Fetch application/x-javascript	152.199.23.37 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_yruqtyo0qslo70l4a-_ung2.js Requested by Host: www.ganarcasinos.es URL: https://www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.23.37 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (ska/F74F) / Resource Hash `fff0b1c545c2119a2855b9028567640f4145c079eff9b48da0ddf66dc8d92f6c` Request headers Referer https://www.ganarcasinos.es/wp-includes/blocks/classic/xxx000000CHdjksU000ooooIl1MSN/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 29 Oct 2020 15:22:44 GMT content-encoding gzip content-md5 5Zw7HraGKmMzSIoAiA15xA== age 6730563 x-cache HIT status 200 content-length 11322 x-ms-lease-status unlocked last-modified Wed, 12 Aug 2020 03:06:16 GMT server ECAcc (ska/F74F) etag 0x8D83E6CAD740F66 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id 359ca818-b01e-0053-28d0-706e6f000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.ganarcasinos.es/	1970-01-19 14:16:16	Name: __cfduid Value: d13b07bf980d38a66a9312211c465e2ec1603984958

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msftauth.net
bit.ly
login.live.com
www.ganarcasinos.es
152.199.23.37
2606:4700:3033::681c:8ee
40.90.137.127
67.199.248.11
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
1a74f847d2f4d5a110b3e530b8b5ecf3e2e83f54dabc51f969a9a5066d66770f
5578596ce95396295cb835cfb4c45a3aceef2c156a2f2aa5eff1686bae3b2d37
60c5c833f0add113a7812ef76fa6a5e176810453bf0e8d5c6bfd4dd3eb9eb148
8b34a475187302935336bf43a2bf2a4e0adb9a1e87953ea51f6fcf0ef52a4a1d
97c9ce1db41c74ae578a94da7837631acb177319dcf31ae4224497a007421701
a96b2b12489a80eafe62cc4bcc04cb367e2b54efc3039e484211c7deec12c0b8
d6a0ec54e4153231f075e023abefa3f72440e9f0c9857bcb238d559bb4bbd62d
d8f5ab3e00202fd3b45be1acd95d677b137064001e171bc79b06826d98f1e1d3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e1e65871749d18aea150643c07e0aab2057da057c6c57ec1c3c43580e1c898
fff0b1c545c2119a2855b9028567640f4145c079eff9b48da0ddf66dc8d92f6c

www.ganarcasinos.es Open in urlscan Pro 2606:4700:3033::681c:8ee Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

23 Requests

100 %HTTPS

25 %IPv6

4 Domains

4 Subdomains

3 IPs

1 Countries

235 kBTransfer

917 kBSize

1 Cookies

3 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

22 JavaScript Global Variables

1 Cookies

Indicators

www.ganarcasinos.es Open in urlscan Pro
2606:4700:3033::681c:8ee Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

3
IPs

1
Countries

235 kB
Transfer

917 kB
Size

1
Cookies

23 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!