www.888casino.it Open in urlscan Pro
13.32.121.89 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://iplayer.website/
Effective URL:
https://www.888casino.it/offerta-speciale/red-door.htm?utm_campaign=100138643_1842791_nodescription&utm_content=100138643...
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On March 08 via api (March 8th 2024, 3:52:48 am UTC) from IT — Scanned from IT

Summary HTTP 142 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 30 IPs in 7 countries across 27 domains to perform 142 HTTP transactions. The main IP is 13.32.121.89, located in United States and belongs to AMAZON-02, US. The main domain is www.888casino.it.
TLS certificate: Issued by Amazon RSA 2048 M03 on December 11th 2023. Valid for: a year.

This is the only time www.888casino.it was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	95.47.161.64 95.47.161.64	12722 (RECONN) (RECONN)
1	192.0.78.26 192.0.78.26	2635 (AUTOMATTIC) (AUTOMATTIC)
1 1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
41	31.220.27.98 31.220.27.98	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2a02:b4a:1:7:... 2a02:b4a:1:7::5647:1	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
11	2606:4700:303... 2606:4700:3034::6815:42b7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	2a02:b4a:1:7:... 2a02:b4a:1:7::9165:1	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 2	139.45.196.64 139.45.196.64	9002 (RETN-AS) (RETN-AS)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	139.45.195.253 139.45.195.253	9002 (RETN-AS) (RETN-AS)
4	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
16	172.64.196.12 172.64.196.12	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	139.45.197.251 139.45.197.251	9002 (RETN-AS) (RETN-AS)
1 1	34.102.137.201 34.102.137.201	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	217.147.127.42 217.147.127.42	201071 (VISL-IE) (VISL-IE)
1 5	13.32.121.89 13.32.121.89	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82b::201b	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:a658	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2600:9000:223... 2600:9000:223e:d400:1d:fa70:cfc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:480... 2a02:26f0:480:5b0::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:235... 2600:9000:2359:5400:3:1e5:8ac0:93a1	16509 (AMAZON-02) (AMAZON-02)
8	2606:4700::68... 2606:4700::6812:83ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
1	18.244.18.112 18.244.18.112	16509 (AMAZON-02) (AMAZON-02)
2	35.201.112.186 35.201.112.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700:440... 2606:4700:4400::6812:2089	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
1	2600:9000:205... 2600:9000:2057:3000:1b:ed91:4680:93a1	16509 (AMAZON-02) (AMAZON-02)
1	216.239.38.21 216.239.38.21	15169 (GOOGLE) (GOOGLE)
2	51.104.148.203 51.104.148.203	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	4.208.65.156 4.208.65.156	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	34.111.140.246 34.111.140.246	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
142	30

1 95.47.161.64 (Donetsk, Ukraine) 1 redirects

ASN12722 (RECONN, RU)

iplayer.website	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.78.26 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

href.li	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

idygez.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 31.220.27.98 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

ryymie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
qno.ryymie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eb7.ryymie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
l8u.ryymie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
h18.ryymie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
xh5.ryymie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sdb.ryymie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6zm.ryymie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ujg.ryymie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
roh.ryymie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ceigix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:b4a:1:7::5647:1 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

mdakky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:3034::6815:42b7 (United States)

ASN13335 (CLOUDFLARENET, US)

himgta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:b4a:1:7::9165:1 (Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

wokoez.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.196.64 (United Kingdom) 1 redirects

ASN9002 (RETN-AS, GB)

mataoransolda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

cdntechone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.253 (United Kingdom)

ASN9002 (RETN-AS, GB)

datatechone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 172.64.196.12 (United States)

ASN13335 (CLOUDFLARENET, US)

worldfreshjournal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 139.45.197.251 (United Kingdom)

ASN9002 (RETN-AS, GB)

jouteetu.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.137.201 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 201.137.102.34.bc.googleusercontent.com

34.102.137.201	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.147.127.42 (Gibraltar) 1 redirects

ASN201071 (VISL-IE, GI)
PTR: www.aff-handler.com

ic.aff-handler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.32.121.89 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-89.fra60.r.cloudfront.net

www.888casino.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:a658 (United States)

ASN13335 (CLOUDFLARENET, US)

optimizely-edge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:223e:d400:1d:fa70:cfc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

images.images4us.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:5b0::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2359:5400:3:1e5:8ac0:93a1 (United States)

ASN16509 (AMAZON-02, US)

stage-casino-staticcontent.safe-iplay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6812:83ec (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.244.18.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-112.fra56.r.cloudfront.net

t.contentsquare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.112.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:3000:1b:ed91:4680:93a1 (United States)

ASN16509 (AMAZON-02, US)

csxd.contentsquare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.38.21 (United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2615.1e100.net

analytics.888casino.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.104.148.203 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.az.contentsquare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 4.208.65.156 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

srm.aa.contentsquare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.140.246 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 246.140.111.34.bc.googleusercontent.com

logx.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	ryymie.com ryymie.com qno.ryymie.com eb7.ryymie.com l8u.ryymie.com h18.ryymie.com xh5.ryymie.com sdb.ryymie.com 6zm.ryymie.com ujg.ryymie.com roh.ryymie.com	996 KB
16	worldfreshjournal.com worldfreshjournal.com	69 KB
11	jouteetu.net jouteetu.net — Cisco Umbrella Rank: 30771 Failed
11	himgta.com himgta.com — Cisco Umbrella Rank: 70033	51 KB
8	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 334	129 KB
8	images4us.com images.images4us.com — Cisco Umbrella Rank: 223003	426 KB
6	888casino.it 1 redirects www.888casino.it analytics.888casino.it	36 KB
5	contentsquare.net t.contentsquare.net — Cisco Umbrella Rank: 3542 csxd.contentsquare.net — Cisco Umbrella Rank: 11492 c.az.contentsquare.net — Cisco Umbrella Rank: 6640 srm.aa.contentsquare.net — Cisco Umbrella Rank: 32491	81 KB
4	googleapis.com storage.googleapis.com — Cisco Umbrella Rank: 303	114 KB
4	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 11818	2 KB
3	fullstory.com edge.fullstory.com — Cisco Umbrella Rank: 1215 rs.fullstory.com — Cisco Umbrella Rank: 1199	71 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	21 KB
3	wokoez.com 1 redirects wokoez.com — Cisco Umbrella Rank: 496931	628 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	211 KB
2	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 898 logx.optimizely.com — Cisco Umbrella Rank: 1580	83 KB
2	mataoransolda.com 1 redirects mataoransolda.com	3 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 541	317 B
1	safe-iplay.com stage-casino-staticcontent.safe-iplay.com — Cisco Umbrella Rank: 326775	17 KB
1	optimizely-edge.com optimizely-edge.com — Cisco Umbrella Rank: 119631	9 KB
1	aff-handler.com 1 redirects ic.aff-handler.com — Cisco Umbrella Rank: 295215	596 B
1	datatechone.com datatechone.com — Cisco Umbrella Rank: 37995	467 B
1	cdntechone.com cdntechone.com — Cisco Umbrella Rank: 168515	9 KB
1	ceigix.com ceigix.com — Cisco Umbrella Rank: 463372	12 KB
1	mdakky.com mdakky.com — Cisco Umbrella Rank: 38019	101 B
1	idygez.com 1 redirects idygez.com — Cisco Umbrella Rank: 397160	534 B
1	href.li href.li — Cisco Umbrella Rank: 103256	470 B
1	iplayer.website 1 redirects iplayer.website	302 B
142	27

	Domain	Requested by
16	worldfreshjournal.com	mataoransolda.com worldfreshjournal.com
11	jouteetu.net	worldfreshjournal.com
11	himgta.com	ryymie.com himgta.com qno.ryymie.com eb7.ryymie.com l8u.ryymie.com h18.ryymie.com xh5.ryymie.com sdb.ryymie.com 6zm.ryymie.com ujg.ryymie.com roh.ryymie.com
8	cdn.cookielaw.org	www.googletagmanager.com cdn.cookielaw.org href.li
8	images.images4us.com	www.888casino.it
5	www.888casino.it	1 redirects worldfreshjournal.com www.888casino.it
4	storage.googleapis.com	www.888casino.it
4	my.rtmark.net	mataoransolda.com worldfreshjournal.com
4	roh.ryymie.com	ujg.ryymie.com roh.ryymie.com
4	ujg.ryymie.com	6zm.ryymie.com ujg.ryymie.com
4	6zm.ryymie.com	sdb.ryymie.com 6zm.ryymie.com
4	sdb.ryymie.com	xh5.ryymie.com sdb.ryymie.com
4	xh5.ryymie.com	h18.ryymie.com xh5.ryymie.com
4	h18.ryymie.com	l8u.ryymie.com h18.ryymie.com
4	l8u.ryymie.com	eb7.ryymie.com l8u.ryymie.com
4	eb7.ryymie.com	qno.ryymie.com eb7.ryymie.com
4	qno.ryymie.com	ryymie.com qno.ryymie.com
4	ryymie.com	href.li ryymie.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	wokoez.com	1 redirects roh.ryymie.com ceigix.com
2	c.az.contentsquare.net
2	edge.fullstory.com	href.li edge.fullstory.com
2	www.googletagmanager.com	www.888casino.it www.googletagmanager.com
2	mataoransolda.com	1 redirects cdntechone.com
1	logx.optimizely.com	cdn.optimizely.com
1	srm.aa.contentsquare.net	href.li
1	analytics.888casino.it	www.googletagmanager.com
1	csxd.contentsquare.net	t.contentsquare.net
1	rs.fullstory.com	edge.fullstory.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	t.contentsquare.net	www.googletagmanager.com
1	stage-casino-staticcontent.safe-iplay.com	storage.googleapis.com
1	cdn.optimizely.com	optimizely-edge.com
1	optimizely-edge.com	www.888casino.it
1	ic.aff-handler.com	1 redirects
1	datatechone.com	cdntechone.com
1	cdntechone.com	ceigix.com
1	ceigix.com	roh.ryymie.com
1	mdakky.com	ryymie.com
1	idygez.com	1 redirects
1	href.li
1	iplayer.website	1 redirects
142	42

This site contains links to these domains. Also see Links.

Domain
www.888.it
www.adm.gov.it
www.gamblingtherapy.org
www.onetrust.com

Subject Issuer	Validity	Valid
tls.automattic.com R3	`2024-03-05` - `2024-06-03`	3 months	crt.sh
ryymie.com R3	`2024-01-21` - `2024-04-20`	3 months	crt.sh
mdakky.com R3	`2024-02-08` - `2024-05-08`	3 months	crt.sh
himgta.com GTS CA 1P5	`2024-02-01` - `2024-05-01`	3 months	crt.sh
wokoez.com R3	`2024-02-05` - `2024-05-05`	3 months	crt.sh
ceigix.com R3	`2023-12-26` - `2024-03-25`	3 months	crt.sh
cdntechone.com GTS CA 1P5	`2024-02-23` - `2024-05-23`	3 months	crt.sh
datatechone.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-10` - `2024-12-23`	a year	crt.sh
mataoransolda.com R3	`2024-03-01` - `2024-05-30`	3 months	crt.sh
rtmark.net R3	`2024-03-02` - `2024-05-31`	3 months	crt.sh
worldfreshjournal.com GTS CA 1P5	`2024-01-16` - `2024-04-15`	3 months	crt.sh
jouteetu.net R3	`2024-02-24` - `2024-05-24`	3 months	crt.sh
*.888casino.com Amazon RSA 2048 M03	`2023-12-11` - `2025-01-08`	a year	crt.sh
storage.googleapis.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-06-19` - `2024-06-18`	a year	crt.sh
*.images4us.com Amazon RSA 2048 M02	`2023-05-30` - `2024-06-28`	a year	crt.sh
cdn.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-01` - `2024-09-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.safe-iplay.com Amazon RSA 2048 M02	`2023-11-26` - `2024-12-24`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2024-03-01` - `2024-12-31`	10 months	crt.sh
t.contentsquare.net Amazon RSA 2048 M01	`2023-09-13` - `2024-10-11`	a year	crt.sh
edge.fullstory.com GTS CA 1D4	`2024-03-07` - `2024-06-05`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
rs.fullstory.com GTS CA 1D4	`2024-03-05` - `2024-06-03`	3 months	crt.sh
csxd-02.contentsquare.net Amazon RSA 2048 M02	`2023-08-02` - `2024-08-30`	a year	crt.sh
analytics.888casino.it GTS CA 1D4	`2024-01-17` - `2024-04-16`	3 months	crt.sh
dep.aa.contentsquare.net R3	`2024-02-29` - `2024-05-29`	3 months	crt.sh
srm.aa.contentsquare.net R3	`2024-01-21` - `2024-04-20`	3 months	crt.sh
logx.optimizely.com GTS CA 1D4	`2024-02-08` - `2024-05-09`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.888casino.it/offerta-speciale/red-door.htm?utm_campaign=100138643_1842791_nodescription&utm_content=100138643&utm_medium=casap&utm_source=aff
Frame ID: DE63C08EBD2AEA0178BB3C428679194F
Requests: 143 HTTP requests in this frame

Frame: https://csxd.contentsquare.net/uxa/xdframe-single-domain-1.2.0.html?pid=70848
Frame ID: B8E8F62A0333CB036AA431611915502E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Gioca su 888casinoBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

http://iplayer.website/ HTTP 302
https://href.li/?https://idygez.com/gosl/InNpZCI6MTI3NjA3OCwic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQ... Page URL
https://idygez.com/gosl/InNpZCI6MTI3NjA3OCwic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwNjI0NjIs?si1=&si2= HTTP 302
https://ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6M... Page URL
https://qno.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6M... Page URL
https://eb7.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6M... Page URL
https://l8u.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6M... Page URL
https://h18.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6M... Page URL
https://xh5.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6M... Page URL
https://sdb.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6M... Page URL
https://6zm.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6M... Page URL
https://ujg.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6M... Page URL
https://roh.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6M... Page URL
https://wokoez.com/cuclc?aid=4632345480119864433&t=1709869962&s=1169027 HTTP 302
https://ceigix.com/fp.html?rid=4632345480119864433_2&sd=aHR0cHM6Ly93b2tvZXouY29t&ru=aHR0cHM6Ly9... Page URL
https://mataoransolda.com/link?z=6849336&var=a489832&ymid=a2_4632345480119864433_489832_2_0 HTTP 302
https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=6849336&axcusid1=a4... Page URL
http://mataoransolda.com/link?z=6849336&var=a489832&ymid=a2_4632345480119864433_489832_2_0&acb=proxy-... HTTP 307
https://mataoransolda.com/link?z=6849336&var=a489832&ymid=a2_4632345480119864433_489832_2_0&acb=proxy-... Page URL
https://worldfreshjournal.com/?s=789814473669222655&ssk=b5f26fa7cc263afb2e6daf1191689d5e&svar=1709869963&z... Page URL
https://worldfreshjournal.com/?s=789814473669222655&ssk=b5f26fa7cc263afb2e6daf1191689d5e&svar=1709869963&z... Page URL
http://34.102.137.201/2/PU_IT_PA_CS_DT_888?source=4662728&geo=IT&device_type=desktop&browser_type=... HTTP 302
https://ic.aff-handler.com/c/48365?sr=1842791 HTTP 302
https://www.888casino.it/offerta-speciale/red-door.htm?sr=1842791&mm_id=48365&utm_source=aff&utm_medi... HTTP 301
https://www.888casino.it/offerta-speciale/red-door.htm?utm_campaign=100138643_1842791_nodescription&u... Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

142
Requests

94 %
HTTPS

45 %
IPv6

27
Domains

42
Subdomains

30
IPs

7
Countries

2339 kB
Transfer

4620 kB
Size

29
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.888.it/gioco-responsabile.htm
Title: Gioco Responsabile

Search URL Search Domain Scan URL

URL: https://www.888.it/sicurezza-e-privacy/informativa-sulla-privacy.htm
Title: Informativa sulla Privacy

Search URL Search Domain Scan URL

URL: https://www.888.it/sicurezza-e-privacy/accordo-con-utente-real.htm
Title: Accordo Utente

Search URL Search Domain Scan URL

URL: https://www.888.it/contattaci.htm
Title: Contattaci

Search URL Search Domain Scan URL

URL: https://www.adm.gov.it/portale/
Title: Agenziadogane Monopoli

Search URL Search Domain Scan URL

URL: https://www.gamblingtherapy.org/it/
Title: Gt

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://iplayer.website/ HTTP 302
https://href.li/?https://idygez.com/gosl/InNpZCI6MTI3NjA3OCwic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwNjI0NjIs?si1=&si2= Page URL
https://idygez.com/gosl/InNpZCI6MTI3NjA3OCwic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwNjI0NjIs?si1=&si2= HTTP 302
https://ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&si1=&si2= Page URL
https://qno.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=1 Page URL
https://eb7.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=2 Page URL
https://l8u.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=3 Page URL
https://h18.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=4 Page URL
https://xh5.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=5 Page URL
https://sdb.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=6 Page URL
https://6zm.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=7 Page URL
https://ujg.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=8 Page URL
https://roh.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=9 Page URL
https://wokoez.com/cuclc?aid=4632345480119864433&t=1709869962&s=1169027 HTTP 302
https://ceigix.com/fp.html?rid=4632345480119864433_2&sd=aHR0cHM6Ly93b2tvZXouY29t&ru=aHR0cHM6Ly9tYXRhb3JhbnNvbGRhLmNvbS9saW5rP3o9Njg0OTMzNiZ2YXI9YTQ4OTgzMiZ5bWlkPWEyXzQ2MzIzNDU0ODAxMTk4NjQ0MzNfNDg5ODMyXzJfMA== Page URL
https://mataoransolda.com/link?z=6849336&var=a489832&ymid=a2_4632345480119864433_489832_2_0 HTTP 302
https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=6849336&axcusid1=a489832&clid={ymid}&r=http%3A%2F%2Fmataoransolda.com%2Flink%3Fz%3D6849336%26var%3Da489832%26ymid%3Da2_4632345480119864433_489832_2_0%26acb%3Dproxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=10505 Page URL
http://mataoransolda.com/link?z=6849336&var=a489832&ymid=a2_4632345480119864433_489832_2_0&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=10505 HTTP 307
https://mataoransolda.com/link?z=6849336&var=a489832&ymid=a2_4632345480119864433_489832_2_0&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=10505 Page URL
https://worldfreshjournal.com/?s=789814473669222655&ssk=b5f26fa7cc263afb2e6daf1191689d5e&svar=1709869963&z=6849338&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto= Page URL
https://worldfreshjournal.com/?s=789814473669222655&ssk=b5f26fa7cc263afb2e6daf1191689d5e&svar=1709869963&z=6849338&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2 Page URL
http://34.102.137.201/2/PU_IT_PA_CS_DT_888?source=4662728&geo=IT&device_type=desktop&browser_type=chrome&os=windows&region=ce&useragent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/122.0.6261.111%20Safari/537.36&language=it&connection_type=broadband&internet_provider=fastweb%20spa&carrier=?&oaid=d52d5df177f4bbca4be5525870b74140 HTTP 302
https://ic.aff-handler.com/c/48365?sr=1842791 HTTP 302
https://www.888casino.it/offerta-speciale/red-door.htm?sr=1842791&mm_id=48365&utm_source=aff&utm_medium=casap&utm_content=100138643&utm_campaign=100138643_1842791_nodescription HTTP 301
https://www.888casino.it/offerta-speciale/red-door.htm?utm_campaign=100138643_1842791_nodescription&utm_content=100138643&utm_medium=casap&utm_source=aff Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://iplayer.website/ HTTP 302
https://href.li/?https://idygez.com/gosl/InNpZCI6MTI3NjA3OCwic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwNjI0NjIs?si1=&si2=

Request Chain 1

https://idygez.com/gosl/InNpZCI6MTI3NjA3OCwic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwNjI0NjIs?si1=&si2= HTTP 302
https://ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&si1=&si2=

Request Chain 54

https://wokoez.com/cuclc?aid=4632345480119864433&t=1709869962&s=1169027 HTTP 302
https://ceigix.com/fp.html?rid=4632345480119864433_2&sd=aHR0cHM6Ly93b2tvZXouY29t&ru=aHR0cHM6Ly9tYXRhb3JhbnNvbGRhLmNvbS9saW5rP3o9Njg0OTMzNiZ2YXI9YTQ4OTgzMiZ5bWlkPWEyXzQ2MzIzNDU0ODAxMTk4NjQ0MzNfNDg5ODMyXzJfMA==

Request Chain 56

https://mataoransolda.com/link?z=6849336&var=a489832&ymid=a2_4632345480119864433_489832_2_0 HTTP 302
https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=6849336&axcusid1=a489832&clid={ymid}&r=http%3A%2F%2Fmataoransolda.com%2Flink%3Fz%3D6849336%26var%3Da489832%26ymid%3Da2_4632345480119864433_489832_2_0%26acb%3Dproxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=10505

Request Chain 58

http://mataoransolda.com/link?z=6849336&var=a489832&ymid=a2_4632345480119864433_489832_2_0&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=10505 HTTP 307
https://mataoransolda.com/link?z=6849336&var=a489832&ymid=a2_4632345480119864433_489832_2_0&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=10505

142 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/
href.li/
Redirect Chain

http://iplayer.website/
https://href.li/?https://idygez.com/gosl/InNpZCI6MTI3NjA3OCwic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwNjI0NjIs?si1=&si2=

746 B
470 B

156ms
116ms

Document
text/html

192.0.78.26
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://href.li/?https://idygez.com/gosl/InNpZCI6MTI3NjA3OCwic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwNjI0NjIs?si1=&si2=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.26 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 08 Mar 2024 03:52:40 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-ac: 3.mxp _dca MISS

Redirect headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/html
Date: Fri, 08 Mar 2024 03:52:40 GMT
Location: https://href.li/?https://idygez.com/gosl/InNpZCI6MTI3NjA3OCwic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwNjI0NjIs?si1=&si2=
Server: nginx/1.20.2
X-Powered-By: PHP/5.4.16

GET
H2

200

bot-captcha Show response
ryymie.com/
Redirect Chain

https://idygez.com/gosl/InNpZCI6MTI3NjA3OCwic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwNjI0NjIs?si1=&si2=
https://ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&si1=&si2=

25 KB
13 KB

128ms
43ms

Document
text/html

31.220.27.98
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&si1=&si2=
Requested by: Host: href.li
URL: https://href.li/?https://idygez.com/gosl/InNpZCI6MTI3NjA3OCwic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwNjI0NjIs?si1=&si2=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.25.0 /
Resource Hash: 7ac32cac8cbe79a28748898ad0e5aee51f2f4e0d82e94ebe2ca369938d0212d6

Request headers

Referer: https://href.li/?https://idygez.com/gosl/InNpZCI6MTI3NjA3OCwic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwNjI0NjIs?si1=&si2=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 08 Mar 2024 03:52:40 GMT
server: nginx/1.25.0
vary: Accept-Encoding
x-zone: eu3

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 860fdfb3ef150e59-MXP
content-type: text/html; charset=UTF-8
date: Fri, 08 Mar 2024 03:52:40 GMT
location: https://ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&si1=&si2=
max-age: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UjMt8vAwzg54Vh4fg92rLVOkMpyC0xHYBOc8S%2BMWc%2B%2BomJehgFdZYo7uwgpwq62FVqvnNJ6XpDZ3l4z28ngX3JcVVFH4%2FiS%2BCo2Hw0boyyYO6Evj0WRTpUwntVTNfYdhqi2M%2FCn1VVyr"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-zone: eu

GET
H2 200 img2.png
ryymie.com/images/bot-captcha/ 7 KB
7 KB 40ms
40ms Image
image/png 31.220.27.98
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ryymie.com/images/bot-captcha/img2.png
Requested by: Host: ryymie.com
URL: https://ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&si1=&si2=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.25.0 /
Resource Hash: 425c631201d7d64c4f5a934c39e7857279d9cf148900cb1f79c39ed29eb8d04c

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&si1=&si2=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:40 GMT
last-modified: Fri, 02 Feb 2024 10:17:33 GMT
server: nginx/1.25.0
etag: "65bcc13d-1a99"
content-type: image/png
accept-ranges: bytes
x-zone: eu4
content-length: 6809

GET
H2 200 img3.png
ryymie.com/images/bot-captcha/ 12 KB
12 KB 48ms
48ms Image
image/png 31.220.27.98
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ryymie.com/images/bot-captcha/img3.png
Requested by: Host: ryymie.com
URL: https://ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&si1=&si2=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.25.0 /
Resource Hash: 4a18771cdff256e1f2575bae3a68f5b3ddac3660c37cdbfcecf1254c5927f43c

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&si1=&si2=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:40 GMT
last-modified: Fri, 02 Feb 2024 10:17:33 GMT
server: nginx/1.25.0
etag: "65bcc13d-3038"
content-type: image/png
accept-ranges: bytes
x-zone: eu
content-length: 12344

GET
H2 200 img1.png
ryymie.com/images/bot-captcha/ 68 KB
68 KB 68ms
68ms Image
image/png 31.220.27.98
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ryymie.com/images/bot-captcha/img1.png
Requested by: Host: ryymie.com
URL: https://ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&si1=&si2=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.25.0 /
Resource Hash: 9dc15e2892ca9f3acda5aa7987586f4511deb6279067615285c049e6986ae0a8

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&si1=&si2=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:40 GMT
last-modified: Fri, 02 Feb 2024 10:17:33 GMT
server: nginx/1.25.0
etag: "65bcc13d-10f6e"
content-type: image/png
accept-ranges: bytes
x-zone: eu3
content-length: 69486

GET
H2 200 rpe Show response
mdakky.com/ 0
101 B 115ms
37ms XHR
text/plain 2a02:b4a:1:7::5647:1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mdakky.com/rpe?a=1&s=1&act=17&src=2&p=1062462&st=1276078&wd=489832&d=ryymie.com&tpl=7&rnd=0.8205828337443339&sbid=&sbid2=
Requested by: Host: ryymie.com
URL: https://ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&si1=&si2=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a02:b4a:1:7::5647:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ryymie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 08 Mar 2024 03:52:40 GMT
accept-ch: Sec-CH-UA-Platform-Version
server: nginx/1.18.0
content-length: 0

GET
H2 200 sdk.js Show response
himgta.com/v1/ 13 KB
5 KB 98ms
53ms Script
application/javascript 2606:4700:3034::6815:42b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://himgta.com/v1/sdk.js?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6MiwicG0iOjJ9eyJ&d=ryymie.com&tpl=7&pbd=iOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNpMSI6IiIsInNpMiI6IiJ9eyJwaWQ
Requested by: Host: ryymie.com
URL: https://ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&si1=&si2=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:42b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6f1d853408b6f2048851e30279a946a17a9799e1ac1ad7113035ed52d54a817

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ryymie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:40 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3S2pXxtb5ES6836/9GKdmpYozpM"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S7fZRfU3hStAOpwBkG0ZeGItuYNdaugl5U2P3Am9B27w8wOcKHRF2nHf9TTk%2BbTwh8%2Byh53uuuwQMdPXlTPaOgjX8r9dcVhHqnwPvkKq87IqqZNNkqvBDO%2F1%2F5z64nFoT%2BDw8uBvNT4V"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://ryymie.com
cache-control: public, max-age=14400
x-zone: eu
cf-ray: 860fdfb59f66bb26-MXP
alt-svc: h3=":443"; ma=86400

GET
H2 200 fp.js Show response
himgta.com/ 1 KB
882 B 54ms
54ms Script
application/javascript 2606:4700:3034::6815:42b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://himgta.com/fp.js?d=ryymie.com
Requested by: Host: himgta.com
URL: https://himgta.com/v1/sdk.js?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6MiwicG0iOjJ9eyJ&d=ryymie.com&tpl=7&pbd=iOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNpMSI6IiIsInNpMiI6IiJ9eyJwaWQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:42b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da6c5ae398b9177de5f2363c507f1a93c9706c032f1d63a676db4e54ba445548

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ryymie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:40 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Fri, 08 Mar 2024 03:52:38 GMT
max-age: 0
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TuKh%2Fs2zgvpIYQPxZEe8Ka9RoMaCR5qKhTbjm%2FJDuaeKweuBw%2FQUk5uIOdFXfOAGCHx14I5ZfsQ4cNEQFu%2FnHa4Qt8ciLwuVC4ZIoqNmK4FzJOA0E%2FhsIzJQP6sdQ0%2BA%2BBaG0oNILp%2Bj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://ryymie.com
cache-control: max-age=14400
x-zone: eu
cf-ray: 860fdfb5ef8ebb26-MXP
alt-svc: h3=":443"; ma=86400

GET
H2 200 bot-captcha Show response
qno.ryymie.com/ 25 KB
12 KB 63ms
47ms Document
text/html 31.220.27.98
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://qno.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=1
Requested by: Host: ryymie.com
URL: https://ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&si1=&si2=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.25.0 /
Resource Hash: ed31555e2535e8c7c4d50a926caa89aa7ccf90c70939eb449d7416b77260feb2

Request headers

Referer: https://ryymie.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 08 Mar 2024 03:52:40 GMT
server: nginx/1.25.0
vary: Accept-Encoding
x-zone: eu3

GET
H2 200 img2.png
qno.ryymie.com/images/bot-captcha/ 7 KB
7 KB 39ms
39ms Image
image/png 31.220.27.98
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qno.ryymie.com/images/bot-captcha/img2.png
Requested by: Host: qno.ryymie.com
URL: https://qno.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.25.0 /
Resource Hash: 425c631201d7d64c4f5a934c39e7857279d9cf148900cb1f79c39ed29eb8d04c

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://qno.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:40 GMT
last-modified: Fri, 02 Feb 2024 10:17:33 GMT
server: nginx/1.25.0
etag: "65bcc13d-1a99"
content-type: image/png
accept-ranges: bytes
x-zone: eu4
content-length: 6809

GET
H2 200 img3.png
qno.ryymie.com/images/bot-captcha/ 12 KB
12 KB 41ms
41ms Image
image/png 31.220.27.98
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qno.ryymie.com/images/bot-captcha/img3.png
Requested by: Host: qno.ryymie.com
URL: https://qno.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.25.0 /
Resource Hash: 4a18771cdff256e1f2575bae3a68f5b3ddac3660c37cdbfcecf1254c5927f43c

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://qno.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:40 GMT
last-modified: Fri, 02 Feb 2024 10:17:33 GMT
server: nginx/1.25.0
etag: "65bcc13d-3038"
content-type: image/png
accept-ranges: bytes
x-zone: eu
content-length: 12344

GET
H2 200 img1.png
qno.ryymie.com/images/bot-captcha/ 68 KB
68 KB 42ms
41ms Image
image/png 31.220.27.98
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qno.ryymie.com/images/bot-captcha/img1.png
Requested by: Host: qno.ryymie.com
URL: https://qno.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.25.0 /
Resource Hash: 9dc15e2892ca9f3acda5aa7987586f4511deb6279067615285c049e6986ae0a8

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://qno.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:40 GMT
last-modified: Fri, 02 Feb 2024 10:17:33 GMT
server: nginx/1.25.0
etag: "65bcc13d-10f6e"
content-type: image/png
accept-ranges: bytes
x-zone: eu3
content-length: 69486

GET
H3 200 sdk.js Show response
himgta.com/v1/ 13 KB
5 KB 72ms
71ms Script
application/javascript 2606:4700:3034::6815:42b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://himgta.com/v1/sdk.js?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6MiwicG0iOjJ9eyJ&d=ryymie.com&tpl=7&pbd=iOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsImkiOiIxIn0=eyJwaWQ
Requested by: Host: qno.ryymie.com
URL: https://qno.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:42b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b032651a0a4199cbba44d9213ec84926d868774d240e87b50070b471cb93fdd

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://qno.ryymie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:40 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"fOhjPzlj/xjYSji7dqrcolxfZQA"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S9bU3WrcHwieYKLDsW%2F2JxnHhim4Ai9rpHSHs0QgS6G1b1%2FCYtCqhAy%2FVnOW0bRhxcht1hgxjcrgoa85th3zVn%2BG57QAjTw3H1dgLK4NqGwFAab4JRTdqeuPkiyapPqpuIqxoFQJOgIi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://ryymie.com
cache-control: public, max-age=14400
x-zone: eu
cf-ray: 860fdfb70ab30d61-MXP
alt-svc: h3=":443"; ma=86400

GET
H2 200 bot-captcha Show response
eb7.ryymie.com/ 25 KB
12 KB 57ms
43ms Document
text/html 31.220.27.98
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eb7.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=2
Requested by: Host: qno.ryymie.com
URL: https://qno.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.25.0 /
Resource Hash: 309ec8e35c84525cf1ee3daac74a22dcec61aa596c73057eb5fde00097ab882e

Request headers

Referer: https://qno.ryymie.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 08 Mar 2024 03:52:40 GMT
server: nginx/1.25.0
vary: Accept-Encoding
x-zone: eu

GET
H2 200 img2.png
eb7.ryymie.com/images/bot-captcha/ 7 KB
7 KB 39ms
39ms Image
image/png 31.220.27.98
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb7.ryymie.com/images/bot-captcha/img2.png
Requested by: Host: eb7.ryymie.com
URL: https://eb7.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.25.0 /
Resource Hash: 425c631201d7d64c4f5a934c39e7857279d9cf148900cb1f79c39ed29eb8d04c

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://eb7.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:41 GMT
last-modified: Fri, 02 Feb 2024 10:17:33 GMT
server: nginx/1.25.0
etag: "65bcc13d-1a99"
content-type: image/png
accept-ranges: bytes
x-zone: eu4
content-length: 6809

GET
H2 200 img3.png
eb7.ryymie.com/images/bot-captcha/ 12 KB
12 KB 47ms
47ms Image
image/png 31.220.27.98
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb7.ryymie.com/images/bot-captcha/img3.png
Requested by: Host: eb7.ryymie.com
URL: https://eb7.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.25.0 /
Resource Hash: 4a18771cdff256e1f2575bae3a68f5b3ddac3660c37cdbfcecf1254c5927f43c

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://eb7.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:41 GMT
last-modified: Fri, 02 Feb 2024 10:17:33 GMT
server: nginx/1.25.0
etag: "65bcc13d-3038"
content-type: image/png
accept-ranges: bytes
x-zone: eu
content-length: 12344

GET
H2 200 img1.png
eb7.ryymie.com/images/bot-captcha/ 68 KB
68 KB 47ms
47ms Image
image/png 31.220.27.98
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb7.ryymie.com/images/bot-captcha/img1.png
Requested by: Host: eb7.ryymie.com
URL: https://eb7.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.25.0 /
Resource Hash: 9dc15e2892ca9f3acda5aa7987586f4511deb6279067615285c049e6986ae0a8

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://eb7.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:41 GMT
last-modified: Fri, 02 Feb 2024 10:17:33 GMT
server: nginx/1.25.0
etag: "65bcc13d-10f6e"
content-type: image/png
accept-ranges: bytes
x-zone: eu3
content-length: 69486

GET
H3 200 sdk.js Show response
himgta.com/v1/ 13 KB
5 KB 131ms
131ms Script
application/javascript 2606:4700:3034::6815:42b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://himgta.com/v1/sdk.js?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6MiwicG0iOjJ9eyJ&d=ryymie.com&tpl=7&pbd=iOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsImkiOiIyIn0=eyJwaWQ
Requested by: Host: eb7.ryymie.com
URL: https://eb7.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:42b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7c122afdfb398ce3494c80d3b03aa8c7d100e5f529aa0c483bbd3dfc01817d1

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://eb7.ryymie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:41 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"h3S5e8XAylxUe6N78oJSjaavyQY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9bd%2Bt5kjGNeKYJdQN%2Bk9nSlJpi3C%2BbmI0ecffCjf9nVT%2BXO5duaW52NS3yqtqB7gEZHPhHUA94uAaQEs4v9SeLGdm4%2B19doIdF%2BCsmefhwb5%2FVPi45D3U9SPz1YtQ%2BbLQD6wlaBJx6jK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://ryymie.com
cache-control: public, max-age=14400
x-zone: eu
cf-ray: 860fdfb83b450d61-MXP
alt-svc: h3=":443"; ma=86400

GET
H2 200 bot-captcha Show response
l8u.ryymie.com/ 25 KB
12 KB 53ms
42ms Document
text/html 31.220.27.98
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://l8u.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=3
Requested by: Host: eb7.ryymie.com
URL: https://eb7.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.25.0 /
Resource Hash: e0d227f2350ae6b49b5cc9dc6d81b0ad10528e074873710e20b67c151acaa8c8

Request headers

Referer: https://eb7.ryymie.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 08 Mar 2024 03:52:41 GMT
server: nginx/1.25.0
vary: Accept-Encoding
x-zone: eu

GET
H2 200 img2.png
l8u.ryymie.com/images/bot-captcha/ 7 KB
7 KB 38ms
38ms Image
image/png 31.220.27.98
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l8u.ryymie.com/images/bot-captcha/img2.png
Requested by: Host: l8u.ryymie.com
URL: https://l8u.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.25.0 /
Resource Hash: 425c631201d7d64c4f5a934c39e7857279d9cf148900cb1f79c39ed29eb8d04c

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://l8u.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:41 GMT
last-modified: Fri, 02 Feb 2024 10:17:33 GMT
server: nginx/1.25.0
etag: "65bcc13d-1a99"
content-type: image/png
accept-ranges: bytes
x-zone: eu4
content-length: 6809

GET
H2 200 img3.png
l8u.ryymie.com/images/bot-captcha/ 12 KB
12 KB 42ms
42ms Image
image/png 31.220.27.98
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l8u.ryymie.com/images/bot-captcha/img3.png
Requested by: Host: l8u.ryymie.com
URL: https://l8u.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.25.0 /
Resource Hash: 4a18771cdff256e1f2575bae3a68f5b3ddac3660c37cdbfcecf1254c5927f43c

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://l8u.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:41 GMT
last-modified: Fri, 02 Feb 2024 10:17:33 GMT
server: nginx/1.25.0
etag: "65bcc13d-3038"
content-type: image/png
accept-ranges: bytes
x-zone: eu
content-length: 12344

GET
H2 200 img1.png
l8u.ryymie.com/images/bot-captcha/ 68 KB
68 KB 44ms
44ms Image
image/png 31.220.27.98
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l8u.ryymie.com/images/bot-captcha/img1.png
Requested by: Host: l8u.ryymie.com
URL: https://l8u.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.25.0 /
Resource Hash: 9dc15e2892ca9f3acda5aa7987586f4511deb6279067615285c049e6986ae0a8

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://l8u.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:41 GMT
last-modified: Fri, 02 Feb 2024 10:17:33 GMT
server: nginx/1.25.0
etag: "65bcc13d-10f6e"
content-type: image/png
accept-ranges: bytes
x-zone: eu3
content-length: 69486

GET
H3 200 sdk.js Show response
himgta.com/v1/ 13 KB
5 KB 130ms
130ms Script
application/javascript 2606:4700:3034::6815:42b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://himgta.com/v1/sdk.js?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6MiwicG0iOjJ9eyJ&d=ryymie.com&tpl=7&pbd=iOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsImkiOiIzIn0=eyJwaWQ
Requested by: Host: l8u.ryymie.com
URL: https://l8u.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:42b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee0f88e6b4de01f11bc95ee59e6d31ef0fcb43f3e55f3a77b537bc27f5f9399c

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://l8u.ryymie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:41 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"xDFz7OU1q/orUrF0FeEEkwUmG1M"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KoJnYB%2BXmvT7o3hS5OLzUgI9cB4TOhw%2FwGhZO5XmpZlr7TEzlUH0KwIDLz524P2SXpA1OqMPYexGc%2BC6ebUrGlZ23RGXVAFPwUjxx0HXVFybQUmFiY1wc55hw5GjH451jwiwqwEtUlcd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://ryymie.com
cache-control: public, max-age=14400
x-zone: eu
cf-ray: 860fdfb9dbec0d61-MXP
alt-svc: h3=":443"; ma=86400

GET
H2 200 bot-captcha Show response
h18.ryymie.com/ 25 KB
12 KB 56ms
43ms Document
text/html 31.220.27.98
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://h18.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=4
Requested by: Host: l8u.ryymie.com
URL: https://l8u.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.25.0 /
Resource Hash: 4845324802598b0a06d6ce48cbf395b85f43f9b4701afc7d32cd1fdeddd196dd

Request headers

Referer: https://l8u.ryymie.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 08 Mar 2024 03:52:41 GMT
server: nginx/1.25.0
vary: Accept-Encoding
x-zone: eu

GET
H2 200 img2.png
h18.ryymie.com/images/bot-captcha/ 7 KB
7 KB 39ms
39ms Image
image/png 31.220.27.98
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h18.ryymie.com/images/bot-captcha/img2.png
Requested by: Host: h18.ryymie.com
URL: https://h18.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.25.0 /
Resource Hash: 425c631201d7d64c4f5a934c39e7857279d9cf148900cb1f79c39ed29eb8d04c

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://h18.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:41 GMT
last-modified: Fri, 02 Feb 2024 10:17:33 GMT
server: nginx/1.25.0
etag: "65bcc13d-1a99"
content-type: image/png
accept-ranges: bytes
x-zone: eu4
content-length: 6809

GET
H2 200 img3.png
h18.ryymie.com/images/bot-captcha/ 12 KB
12 KB 44ms
44ms Image
image/png 31.220.27.98
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h18.ryymie.com/images/bot-captcha/img3.png
Requested by: Host: h18.ryymie.com
URL: https://h18.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.25.0 /
Resource Hash: 4a18771cdff256e1f2575bae3a68f5b3ddac3660c37cdbfcecf1254c5927f43c

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://h18.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:41 GMT
last-modified: Fri, 02 Feb 2024 10:17:33 GMT
server: nginx/1.25.0
etag: "65bcc13d-3038"
content-type: image/png
accept-ranges: bytes
x-zone: eu
content-length: 12344

GET
H2 200 img1.png
h18.ryymie.com/images/bot-captcha/ 68 KB
68 KB 50ms
49ms Image
image/png 31.220.27.98
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h18.ryymie.com/images/bot-captcha/img1.png
Requested by: Host: h18.ryymie.com
URL: https://h18.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.25.0 /
Resource Hash: 9dc15e2892ca9f3acda5aa7987586f4511deb6279067615285c049e6986ae0a8

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://h18.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:41 GMT
last-modified: Fri, 02 Feb 2024 10:17:33 GMT
server: nginx/1.25.0
etag: "65bcc13d-10f6e"
content-type: image/png
accept-ranges: bytes
x-zone: eu3
content-length: 69486

GET
H3 200 sdk.js Show response
himgta.com/v1/ 13 KB
5 KB 59ms
59ms Script
application/javascript 2606:4700:3034::6815:42b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://himgta.com/v1/sdk.js?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6MiwicG0iOjJ9eyJ&d=ryymie.com&tpl=7&pbd=iOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsImkiOiI0In0=eyJwaWQ
Requested by: Host: h18.ryymie.com
URL: https://h18.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:42b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba6167c770fda9c25d16e8f09faeb8e4b1e59234bd5d543ae004e66d95753229

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://h18.ryymie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:41 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"SniZXedqWz1r4uXAjfxuXok3H38"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GUIVMHcEhoBKcfhCzwcxMnb8ZZkhz3hypa3E4qRR2XoUGDKi5QUE0MLsGZg5fWwg%2BGuK0dEN8i%2Baj5XkxS0Zs6upkZ9fTgYPVMER6lBW%2BNkQyuc6O6MDmYuvZEu0KM6O2rZLJWhILKmn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://ryymie.com
cache-control: public, max-age=14400
x-zone: eu
cf-ray: 860fdfbb6ca40d61-MXP
alt-svc: h3=":443"; ma=86400

GET
H2 200 bot-captcha Show response
xh5.ryymie.com/ 25 KB
12 KB 52ms
41ms Document
text/html 31.220.27.98
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://xh5.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=5
Requested by: Host: h18.ryymie.com
URL: https://h18.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.25.0 /
Resource Hash: bee06d27f31bb80bc088523ea15be7cf7c39a16dec1330f83f1907b478d9db4e

Request headers

Referer: https://h18.ryymie.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 08 Mar 2024 03:52:41 GMT
server: nginx/1.25.0
vary: Accept-Encoding
x-zone: eu3

GET
H2 200 img2.png
xh5.ryymie.com/images/bot-captcha/ 7 KB
7 KB 49ms
48ms Image
image/png 31.220.27.98
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xh5.ryymie.com/images/bot-captcha/img2.png
Requested by: Host: xh5.ryymie.com
URL: https://xh5.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.25.0 /
Resource Hash: 425c631201d7d64c4f5a934c39e7857279d9cf148900cb1f79c39ed29eb8d04c

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://xh5.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:41 GMT
last-modified: Fri, 02 Feb 2024 10:17:33 GMT
server: nginx/1.25.0
etag: "65bcc13d-1a99"
content-type: image/png
accept-ranges: bytes
x-zone: eu4
content-length: 6809

GET
H2 200 img3.png
xh5.ryymie.com/images/bot-captcha/ 12 KB
12 KB 52ms
52ms Image
image/png 31.220.27.98
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xh5.ryymie.com/images/bot-captcha/img3.png
Requested by: Host: xh5.ryymie.com
URL: https://xh5.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.25.0 /
Resource Hash: 4a18771cdff256e1f2575bae3a68f5b3ddac3660c37cdbfcecf1254c5927f43c

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://xh5.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:41 GMT
last-modified: Fri, 02 Feb 2024 10:17:33 GMT
server: nginx/1.25.0
etag: "65bcc13d-3038"
content-type: image/png
accept-ranges: bytes
x-zone: eu
content-length: 12344

GET
H2 200 img1.png
xh5.ryymie.com/images/bot-captcha/ 68 KB
68 KB 56ms
56ms Image
image/png 31.220.27.98
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xh5.ryymie.com/images/bot-captcha/img1.png
Requested by: Host: xh5.ryymie.com
URL: https://xh5.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.25.0 /
Resource Hash: 9dc15e2892ca9f3acda5aa7987586f4511deb6279067615285c049e6986ae0a8

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://xh5.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:41 GMT
last-modified: Fri, 02 Feb 2024 10:17:33 GMT
server: nginx/1.25.0
etag: "65bcc13d-10f6e"
content-type: image/png
accept-ranges: bytes
x-zone: eu3
content-length: 69486

GET
H3 200 sdk.js Show response
himgta.com/v1/ 13 KB
5 KB 59ms
59ms Script
application/javascript 2606:4700:3034::6815:42b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://himgta.com/v1/sdk.js?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6MiwicG0iOjJ9eyJ&d=ryymie.com&tpl=7&pbd=iOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsImkiOiI1In0=eyJwaWQ
Requested by: Host: xh5.ryymie.com
URL: https://xh5.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:42b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5071e0e67d26df6e91e0a1d5e89b9dd904db03c3965a0743fe2c72cd077ef812

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://xh5.ryymie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:41 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"4ClY4zfAnrrLszUOHJWtMF+9LWw"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DtajJwqaZ1W8r1wh9R1wTSPIh79XFd%2FK3Vwx0KtxIMdSYrch8gzz1mALQs%2BmXpx7Inl4bAJa1yXxIXM6lUaqzr6NvwHfre7bxlyCFbjhkNaXrZe3nFW50vR%2FTo3p%2FLRqzvhSqnQSFPup"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://ryymie.com
cache-control: public, max-age=14400
x-zone: eu
cf-ray: 860fdfbc7d180d61-MXP
alt-svc: h3=":443"; ma=86400

GET
H2 200 bot-captcha Show response
sdb.ryymie.com/ 25 KB
12 KB 60ms
42ms Document
text/html 31.220.27.98
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sdb.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=6
Requested by: Host: xh5.ryymie.com
URL: https://xh5.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.25.0 /
Resource Hash: af275f7873f170840c84eb5c22d58814e687ab5f0c68c30c3ddff845d876f61a

Request headers

Referer: https://xh5.ryymie.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 08 Mar 2024 03:52:41 GMT
server: nginx/1.25.0
vary: Accept-Encoding
x-zone: eu4

GET
H2 200 img2.png
sdb.ryymie.com/images/bot-captcha/ 7 KB
7 KB 40ms
40ms Image
image/png 31.220.27.98
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sdb.ryymie.com/images/bot-captcha/img2.png
Requested by: Host: sdb.ryymie.com
URL: https://sdb.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.25.0 /
Resource Hash: 425c631201d7d64c4f5a934c39e7857279d9cf148900cb1f79c39ed29eb8d04c

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://sdb.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:41 GMT
last-modified: Fri, 02 Feb 2024 10:17:33 GMT
server: nginx/1.25.0
etag: "65bcc13d-1a99"
content-type: image/png
accept-ranges: bytes
x-zone: eu4
content-length: 6809

GET
H2 200 img3.png
sdb.ryymie.com/images/bot-captcha/ 12 KB
12 KB 44ms
44ms Image
image/png 31.220.27.98
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sdb.ryymie.com/images/bot-captcha/img3.png
Requested by: Host: sdb.ryymie.com
URL: https://sdb.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.25.0 /
Resource Hash: 4a18771cdff256e1f2575bae3a68f5b3ddac3660c37cdbfcecf1254c5927f43c

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://sdb.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:41 GMT
last-modified: Fri, 02 Feb 2024 10:17:33 GMT
server: nginx/1.25.0
etag: "65bcc13d-3038"
content-type: image/png
accept-ranges: bytes
x-zone: eu
content-length: 12344

GET
H2 200 img1.png
sdb.ryymie.com/images/bot-captcha/ 68 KB
68 KB 47ms
46ms Image
image/png 31.220.27.98
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sdb.ryymie.com/images/bot-captcha/img1.png
Requested by: Host: sdb.ryymie.com
URL: https://sdb.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.25.0 /
Resource Hash: 9dc15e2892ca9f3acda5aa7987586f4511deb6279067615285c049e6986ae0a8

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://sdb.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:41 GMT
last-modified: Fri, 02 Feb 2024 10:17:33 GMT
server: nginx/1.25.0
etag: "65bcc13d-10f6e"
content-type: image/png
accept-ranges: bytes
x-zone: eu3
content-length: 69486

GET
H3 200 sdk.js Show response
himgta.com/v1/ 13 KB
5 KB 67ms
67ms Script
application/javascript 2606:4700:3034::6815:42b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://himgta.com/v1/sdk.js?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6MiwicG0iOjJ9eyJ&d=ryymie.com&tpl=7&pbd=iOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsImkiOiI2In0=eyJwaWQ
Requested by: Host: sdb.ryymie.com
URL: https://sdb.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:42b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d5745f638eeaefbcca623c2080ea77cc8598dd02bfacc8ee229d2fc8c25539b

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://sdb.ryymie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:41 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"Y9PtCE1bOhAD2Q9MH409IX5e8qA"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=or9Vj5ld3o3O254i6d2TBuS5om0rnZVv00V%2BvdlPZ2D7yjU4gl9BFhSLSlqK7NspqNG8WqT7NcWVlUL5lBCFHWoFkf47%2BEo76jXz8qQ2CtoCBvjiqUKHjCiyNUWZdmN5jWGQVrHC317N"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://ryymie.com
cache-control: public, max-age=14400
x-zone: eu
cf-ray: 860fdfbdada10d61-MXP
alt-svc: h3=":443"; ma=86400

GET
H2 200 bot-captcha Show response
6zm.ryymie.com/ 25 KB
12 KB 60ms
47ms Document
text/html 31.220.27.98
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://6zm.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=7
Requested by: Host: sdb.ryymie.com
URL: https://sdb.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.25.0 /
Resource Hash: 7d3c4904e44ea0e4f89e47895404ca4067a4fb48f7eb155fd7a67b81583f7175

Request headers

Referer: https://sdb.ryymie.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 08 Mar 2024 03:52:42 GMT
server: nginx/1.25.0
vary: Accept-Encoding
x-zone: eu3

GET
H2 200 img2.png
6zm.ryymie.com/images/bot-captcha/ 7 KB
7 KB 38ms
38ms Image
image/png 31.220.27.98
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6zm.ryymie.com/images/bot-captcha/img2.png
Requested by: Host: 6zm.ryymie.com
URL: https://6zm.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.25.0 /
Resource Hash: 425c631201d7d64c4f5a934c39e7857279d9cf148900cb1f79c39ed29eb8d04c

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://6zm.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:42 GMT
last-modified: Fri, 02 Feb 2024 10:17:33 GMT
server: nginx/1.25.0
etag: "65bcc13d-1a99"
content-type: image/png
accept-ranges: bytes
x-zone: eu4
content-length: 6809

GET
H2 200 img3.png
6zm.ryymie.com/images/bot-captcha/ 12 KB
12 KB 47ms
46ms Image
image/png 31.220.27.98
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6zm.ryymie.com/images/bot-captcha/img3.png
Requested by: Host: 6zm.ryymie.com
URL: https://6zm.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.25.0 /
Resource Hash: 4a18771cdff256e1f2575bae3a68f5b3ddac3660c37cdbfcecf1254c5927f43c

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://6zm.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:42 GMT
last-modified: Fri, 02 Feb 2024 10:17:33 GMT
server: nginx/1.25.0
etag: "65bcc13d-3038"
content-type: image/png
accept-ranges: bytes
x-zone: eu
content-length: 12344

GET
H2 200 img1.png
6zm.ryymie.com/images/bot-captcha/ 68 KB
68 KB 54ms
53ms Image
image/png 31.220.27.98
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6zm.ryymie.com/images/bot-captcha/img1.png
Requested by: Host: 6zm.ryymie.com
URL: https://6zm.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.25.0 /
Resource Hash: 9dc15e2892ca9f3acda5aa7987586f4511deb6279067615285c049e6986ae0a8

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://6zm.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:42 GMT
last-modified: Fri, 02 Feb 2024 10:17:33 GMT
server: nginx/1.25.0
etag: "65bcc13d-10f6e"
content-type: image/png
accept-ranges: bytes
x-zone: eu3
content-length: 69486

GET
H3 200 sdk.js Show response
himgta.com/v1/ 13 KB
5 KB 55ms
55ms Script
application/javascript 2606:4700:3034::6815:42b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://himgta.com/v1/sdk.js?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6MiwicG0iOjJ9eyJ&d=ryymie.com&tpl=7&pbd=iOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsImkiOiI3In0=eyJwaWQ
Requested by: Host: 6zm.ryymie.com
URL: https://6zm.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:42b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75deecba21b76ca7e73ae35cf6f571a7520227cf666e6f6610fb99a39cb0eea8

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://6zm.ryymie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:42 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5lYlVN3cqW4pHQ5dJrx7U/L21Cg"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dGGl7wrm3AzkHhgt1ueGWuLXXxxd6330qoAZS1NIwhSoVFi9G56v%2BywgFIATnqZZKqcL9QUBtqNGTBhF6uvqk7s3iJfiwWJmhPU6eidLXtcZrP5FOIbTXzucFmR4mXWyLhUG53NoGZyH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://ryymie.com
cache-control: public, max-age=14400
x-zone: eu
cf-ray: 860fdfbede1e0d61-MXP
alt-svc: h3=":443"; ma=86400

GET
H2 200 bot-captcha Show response
ujg.ryymie.com/ 25 KB
12 KB 60ms
43ms Document
text/html 31.220.27.98
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ujg.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=8
Requested by: Host: 6zm.ryymie.com
URL: https://6zm.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.25.0 /
Resource Hash: 22d681d737dd950077e4a2a383d676572307078cb2ce219b677f439af717eabd

Request headers

Referer: https://6zm.ryymie.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 08 Mar 2024 03:52:42 GMT
server: nginx/1.25.0
vary: Accept-Encoding
x-zone: eu

GET
H2 200 img2.png
ujg.ryymie.com/images/bot-captcha/ 7 KB
7 KB 37ms
37ms Image
image/png 31.220.27.98
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ujg.ryymie.com/images/bot-captcha/img2.png
Requested by: Host: ujg.ryymie.com
URL: https://ujg.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.25.0 /
Resource Hash: 425c631201d7d64c4f5a934c39e7857279d9cf148900cb1f79c39ed29eb8d04c

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ujg.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:42 GMT
last-modified: Fri, 02 Feb 2024 10:17:33 GMT
server: nginx/1.25.0
etag: "65bcc13d-1a99"
content-type: image/png
accept-ranges: bytes
x-zone: eu4
content-length: 6809

GET
H2 200 img3.png
ujg.ryymie.com/images/bot-captcha/ 12 KB
12 KB 43ms
42ms Image
image/png 31.220.27.98
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ujg.ryymie.com/images/bot-captcha/img3.png
Requested by: Host: ujg.ryymie.com
URL: https://ujg.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.25.0 /
Resource Hash: 4a18771cdff256e1f2575bae3a68f5b3ddac3660c37cdbfcecf1254c5927f43c

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ujg.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:42 GMT
last-modified: Fri, 02 Feb 2024 10:17:33 GMT
server: nginx/1.25.0
etag: "65bcc13d-3038"
content-type: image/png
accept-ranges: bytes
x-zone: eu
content-length: 12344

GET
H2 200 img1.png
ujg.ryymie.com/images/bot-captcha/ 68 KB
68 KB 48ms
47ms Image
image/png 31.220.27.98
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ujg.ryymie.com/images/bot-captcha/img1.png
Requested by: Host: ujg.ryymie.com
URL: https://ujg.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.25.0 /
Resource Hash: 9dc15e2892ca9f3acda5aa7987586f4511deb6279067615285c049e6986ae0a8

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ujg.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:42 GMT
last-modified: Fri, 02 Feb 2024 10:17:33 GMT
server: nginx/1.25.0
etag: "65bcc13d-10f6e"
content-type: image/png
accept-ranges: bytes
x-zone: eu3
content-length: 69486

GET
H3 200 sdk.js Show response
himgta.com/v1/ 13 KB
5 KB 56ms
55ms Script
application/javascript 2606:4700:3034::6815:42b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://himgta.com/v1/sdk.js?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6MiwicG0iOjJ9eyJ&d=ryymie.com&tpl=7&pbd=iOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsImkiOiI4In0=eyJwaWQ
Requested by: Host: ujg.ryymie.com
URL: https://ujg.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:42b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 216cede34d915ac7819447d27a9fcd25953b17a03e7c608b91bfb8133c556556

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ujg.ryymie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:42 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"ZJOOOsAbXjdIT8hgwff09kigaTw"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2B6Gf6FDUZ1M2yUTn%2Fn602varawGGlrYWdpGOVhYXV%2Bn5USYiQEFNgMDjj16bd7UTNK4On2zFJKuAfCKa8FcQG25hzhRRBfIlK%2FHtCr8uqhoUKayXmK%2Fk4Sm79NFZnrZxlqDhND5xipG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://ryymie.com
cache-control: public, max-age=14400
x-zone: eu
cf-ray: 860fdfbffe900d61-MXP
alt-svc: h3=":443"; ma=86400

GET
H2 200 bot-captcha Show response
roh.ryymie.com/ 25 KB
12 KB 67ms
42ms Document
text/html 31.220.27.98
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://roh.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=9
Requested by: Host: ujg.ryymie.com
URL: https://ujg.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.25.0 /
Resource Hash: 700f7c7e4b6f7240c2e9cf8d275642d32b494991c78be5ae92388a0ae675f3db

Request headers

Referer: https://ujg.ryymie.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 08 Mar 2024 03:52:42 GMT
server: nginx/1.25.0
vary: Accept-Encoding
x-zone: eu

GET
H2 200 img2.png
roh.ryymie.com/images/bot-captcha/ 7 KB
7 KB 37ms
37ms Image
image/png 31.220.27.98
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://roh.ryymie.com/images/bot-captcha/img2.png
Requested by: Host: roh.ryymie.com
URL: https://roh.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.25.0 /
Resource Hash: 425c631201d7d64c4f5a934c39e7857279d9cf148900cb1f79c39ed29eb8d04c

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://roh.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:42 GMT
last-modified: Fri, 02 Feb 2024 10:17:33 GMT
server: nginx/1.25.0
etag: "65bcc13d-1a99"
content-type: image/png
accept-ranges: bytes
x-zone: eu4
content-length: 6809

GET
H2 200 img3.png
roh.ryymie.com/images/bot-captcha/ 12 KB
12 KB 42ms
42ms Image
image/png 31.220.27.98
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://roh.ryymie.com/images/bot-captcha/img3.png
Requested by: Host: roh.ryymie.com
URL: https://roh.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.25.0 /
Resource Hash: 4a18771cdff256e1f2575bae3a68f5b3ddac3660c37cdbfcecf1254c5927f43c

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://roh.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:42 GMT
last-modified: Fri, 02 Feb 2024 10:17:33 GMT
server: nginx/1.25.0
etag: "65bcc13d-3038"
content-type: image/png
accept-ranges: bytes
x-zone: eu
content-length: 12344

GET
H2 200 img1.png
roh.ryymie.com/images/bot-captcha/ 68 KB
68 KB 45ms
45ms Image
image/png 31.220.27.98
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://roh.ryymie.com/images/bot-captcha/img1.png
Requested by: Host: roh.ryymie.com
URL: https://roh.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.25.0 /
Resource Hash: 9dc15e2892ca9f3acda5aa7987586f4511deb6279067615285c049e6986ae0a8

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://roh.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:42 GMT
last-modified: Fri, 02 Feb 2024 10:17:33 GMT
server: nginx/1.25.0
etag: "65bcc13d-10f6e"
content-type: image/png
accept-ranges: bytes
x-zone: eu3
content-length: 69486

GET
H3 200 sdk.js Show response
himgta.com/v1/ 13 KB
5 KB 57ms
57ms Script
application/javascript 2606:4700:3034::6815:42b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://himgta.com/v1/sdk.js?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6MiwicG0iOjJ9eyJ&d=ryymie.com&tpl=7&pbd=iOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsImkiOiI5In0=eyJwaWQ
Requested by: Host: roh.ryymie.com
URL: https://roh.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:42b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4ffa81baaad370e0818cbfcd8017d97f21aa0915c7e2474a4275e4b8721035c

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://roh.ryymie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:42 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"nYJO6XGoiph9S5OPhcKAloSxed8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BUo1YQb8HhhyUAWUXt11ghpbkkFZW6a2amnXqf8Du%2BMKsSiOQb%2BWQF%2FGkrrayzNE%2BpRTTni78UB1SHOSAPtNnVS%2FTti%2FJzBLQ%2FuibV%2F8WX%2FMrW2JdFO35B3KKF3dBocpTs%2BmzVj39BZD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://ryymie.com
cache-control: public, max-age=14400
x-zone: eu
cf-ray: 860fdfc12f190d61-MXP
alt-svc: h3=":443"; ma=86400

GET
H2 200 phtbload Show response
wokoez.com/ 150 B
307 B 118ms
37ms Fetch
application/javascript 2a02:b4a:1:7::9165:1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wokoez.com/phtbload?a=1&e=aeyJwaWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzJ9
Requested by: Host: roh.ryymie.com
URL: https://roh.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a02:b4a:1:7::9165:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 9d3fc0a3f3ebfbf5c57b425981294139b697dba5fe0179e9bfc812f29db5644d

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://roh.ryymie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 08 Mar 2024 03:52:42 GMT
content-encoding: gzip
server: nginx/1.18.0
accept-ch: Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2

200

fp.html Show response
ceigix.com/
Redirect Chain

https://wokoez.com/cuclc?aid=4632345480119864433&t=1709869962&s=1169027
https://ceigix.com/fp.html?rid=4632345480119864433_2&sd=aHR0cHM6Ly93b2tvZXouY29t&ru=aHR0cHM6Ly9tYXRhb3JhbnNvbGRhLmNvbS9saW5rP3o9Njg0OTMzNiZ2YXI9YTQ4OTgzMiZ5bWlkPWEyXzQ2MzIzNDU0ODAxMTk4NjQ0MzNfNDg5O...

30 KB
12 KB

126ms
43ms

Document
text/html

31.220.27.98
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ceigix.com/fp.html?rid=4632345480119864433_2&sd=aHR0cHM6Ly93b2tvZXouY29t&ru=aHR0cHM6Ly9tYXRhb3JhbnNvbGRhLmNvbS9saW5rP3o9Njg0OTMzNiZ2YXI9YTQ4OTgzMiZ5bWlkPWEyXzQ2MzIzNDU0ODAxMTk4NjQ0MzNfNDg5ODMyXzJfMA==
Requested by: Host: roh.ryymie.com
URL: https://roh.ryymie.com/bot-captcha?h=waWQiOjEwNjI0NjIsInNpZCI6MTI3NjA3OCwid2lkIjo0ODk4MzIsInNyYyI6Mn0=eyJ&i=9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.25.0 /
Resource Hash: e5f14041768342aa780a55e702a30d939563af64fb2c19e37568bfa049a5694a

Request headers

Referer: https://roh.ryymie.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 08 Mar 2024 03:52:42 GMT
server: nginx/1.25.0
vary: Accept-Encoding
x-zone: eu4

Redirect headers

content-length: 330
content-type: text/html; charset=utf-8
date: Fri, 08 Mar 2024 03:52:42 GMT
location: https://ceigix.com/fp.html?rid=4632345480119864433_2&sd=aHR0cHM6Ly93b2tvZXouY29t&ru=aHR0cHM6Ly9tYXRhb3JhbnNvbGRhLmNvbS9saW5rP3o9Njg0OTMzNiZ2YXI9YTQ4OTgzMiZ5bWlkPWEyXzQ2MzIzNDU0ODAxMTk4NjQ0MzNfNDg5ODMyXzJfMA==
server: nginx/1.18.0

GET
H2 200 sfd
wokoez.com/ 0
71 B 34ms
34ms XHR
text/plain 2a02:b4a:1:7::9165:1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wokoez.com/sfd?a=1&fp=4adc8899b8aa2c1e75b14a7c2312e10d&rid=4632345480119864433_2&dw=1600&dh=1200&tz=1&ult=2024-03-08%2004:52:42&so=landscape-primary&if=0&bt=100
Requested by: Host: ceigix.com
URL: https://ceigix.com/fp.html?rid=4632345480119864433_2&sd=aHR0cHM6Ly93b2tvZXouY29t&ru=aHR0cHM6Ly9tYXRhb3JhbnNvbGRhLmNvbS9saW5rP3o9Njg0OTMzNiZ2YXI9YTQ4OTgzMiZ5bWlkPWEyXzQ2MzIzNDU0ODAxMTk4NjQ0MzNfNDg5ODMyXzJfMA==
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a02:b4a:1:7::9165:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ceigix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 08 Mar 2024 03:52:42 GMT
server: nginx/1.18.0
content-length: 0

GET
H2

200

r.html Show response
cdntechone.com/
Redirect Chain

https://mataoransolda.com/link?z=6849336&var=a489832&ymid=a2_4632345480119864433_489832_2_0
https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=6849336&axcusid1=a489832&clid={ymid}&r=http%3A%2F%2Fmataoransolda.com%2Flink%3Fz%3D6849336%26var%3Da489832%26ymid%3Da...

22 KB
9 KB

106ms
57ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=6849336&axcusid1=a489832&clid={ymid}&r=http%3A%2F%2Fmataoransolda.com%2Flink%3Fz%3D6849336%26var%3Da489832%26ymid%3Da2_4632345480119864433_489832_2_0%26acb%3Dproxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=10505
Requested by: Host: ceigix.com
URL: https://ceigix.com/fp.html?rid=4632345480119864433_2&sd=aHR0cHM6Ly93b2tvZXouY29t&ru=aHR0cHM6Ly9tYXRhb3JhbnNvbGRhLmNvbS9saW5rP3o9Njg0OTMzNiZ2YXI9YTQ4OTgzMiZ5bWlkPWEyXzQ2MzIzNDU0ODAxMTk4NjQ0MzNfNDg5ODMyXzJfMA==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 785c9ae55eb9710019f4b32060731514e6bf11d2fb96e0c5bc5dec7d2bfc9319

Request headers

Referer: https://ceigix.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 860fdfc60f2fbab1-MXP
content-encoding: br
content-type: text/html
date: Fri, 08 Mar 2024 03:52:43 GMT
last-modified: Wed, 07 Feb 2024 12:51:04 GMT
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zdYpU3llcPtk8YqeuGi3dxU8pIwWC5MmGZoIVZrKt5azUQpF5T8rCTZoZ3wMTRBTOkssSmwxbuDznVDo%2F%2FC1VvkwM%2BdSTJbZhhIQKM3YimOx5tvD4LZvtFaLo%2B17Beu681XUCYDRuxxqfIW52Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
cache-control: no-store, no-cache, must-revalidate, max-age=0
content-length: 0
date: Fri, 08 Mar 2024 03:52:43 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://cdntechone.com>; rel="dns-prefetch preconnect"
location: https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=6849336&axcusid1=a489832&clid={ymid}&r=http%3A%2F%2Fmataoransolda.com%2Flink%3Fz%3D6849336%26var%3Da489832%26ymid%3Da2_4632345480119864433_489832_2_0%26acb%3Dproxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=10505
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: *
x-content-type-options: nosniff

POST
H/1.1 200
OK add
datatechone.com/log/ 2 B
467 B 121ms
34ms XHR
text/plain 139.45.195.253
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://datatechone.com/log/add?cid=e7ddf874-40d2-43d7-b8fd-56541bff0853&ruid=3204b7c6-f7d2-4f51-b42a-b0cf3e952323
Requested by: Host: cdntechone.com
URL: https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=6849336&axcusid1=a489832&clid={ymid}&r=http%3A%2F%2Fmataoransolda.com%2Flink%3Fz%3D6849336%26var%3Da489832%26ymid%3Da2_4632345480119864433_489832_2_0%26acb%3Dproxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=10505
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash

Request headers

Referer: https://cdntechone.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 08 Mar 2024 03:52:43 GMT
Server: nginx/1.19.10
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://cdntechone.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 2

GET
H2

200

link
mataoransolda.com/
Redirect Chain

http://mataoransolda.com/link?z=6849336&var=a489832&ymid=a2_4632345480119864433_489832_2_0&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=10505
https://mataoransolda.com/link?z=6849336&var=a489832&ymid=a2_4632345480119864433_489832_2_0&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=10505

2 KB
2 KB

43ms
43ms

Document
text/html

139.45.196.64
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mataoransolda.com/link?z=6849336&var=a489832&ymid=a2_4632345480119864433_489832_2_0&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=10505

Requested by

Host: cdntechone.com
URL: https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=6849336&axcusid1=a489832&clid={ymid}&r=http%3A%2F%2Fmataoransolda.com%2Flink%3Fz%3D6849336%26var%3Da489832%26ymid%3Da2_4632345480119864433_489832_2_0%26acb%3Dproxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=10505

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.196.64 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=6849336&axcusid1=a489832&clid={ymid}&r=http%3A%2F%2Fmataoransolda.com%2Flink%3Fz%3D6849336%26var%3Da489832%26ymid%3Da2_4632345480119864433_489832_2_0%26acb%3Dproxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=10505
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf8
date: Fri, 08 Mar 2024 03:52:43 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch" <https://worldfreshjournal.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff
x-trace-id: 384126d6ce34cfaba2600cd0c7d199fe

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://mataoransolda.com/link?z=6849336&var=a489832&ymid=a2_4632345480119864433_489832_2_0&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=10505
Non-Authoritative-Reason: HSTS

POST
H2 200 img.gif
my.rtmark.net/ 43 B
508 B 123ms
47ms Ping
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=0480198604c94e6de57713d1d17972a7

Requested by

Host: mataoransolda.com
URL: https://mataoransolda.com/link?z=6849336&var=a489832&ymid=a2_4632345480119864433_489832_2_0&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=10505

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:43 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: https://mataoransolda.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

GET
H2 200 / Show response
worldfreshjournal.com/ 42 KB
14 KB 158ms
87ms Document
text/html 172.64.196.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://worldfreshjournal.com/?s=789814473669222655&ssk=b5f26fa7cc263afb2e6daf1191689d5e&svar=1709869963&z=6849338&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Requested by: Host: mataoransolda.com
URL: https://mataoransolda.com/link?z=6849336&var=a489832&ymid=a2_4632345480119864433_489832_2_0&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=10505
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.196.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: c143e6d84c9d1bcca5d221a8430b357e02a438178d2a58e473c0505aabbff7be

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 860fdfc849b52c26-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 08 Mar 2024 03:52:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y3TQuR4uTBbHTMCibuCY4YMjYvxv4vdqLiiUFH95x45W1A5eB9PJGJ0VcyLbPiQnodxqutOtGGFY%2B1Qxvjh1JMHQkGzGMjnE1Bp2jqJ8DWxyxq0d1Uhz6b7YB%2BIVNW9vNFgypzGjsKY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
547 B 44ms
44ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?userId=d52d5df177f4bbca4be5525870b74140

Requested by

Host: worldfreshjournal.com
URL: https://worldfreshjournal.com/?s=789814473669222655&ssk=b5f26fa7cc263afb2e6daf1191689d5e&svar=1709869963&z=6849338&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

119023b23b71daaac29297729dddbf24f88960a4c310d8227e3badf81a776e01

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://worldfreshjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:43 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://worldfreshjournal.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 micro.tag.min.js Show response
worldfreshjournal.com/pfe/current/ 35 KB
13 KB 56ms
56ms Script
application/javascript 172.64.196.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://worldfreshjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=789814473669222655&var=6849338&sw=/sw-check-permissions/4662709&uhd=1
Requested by: Host: worldfreshjournal.com
URL: https://worldfreshjournal.com/?s=789814473669222655&ssk=b5f26fa7cc263afb2e6daf1191689d5e&svar=1709869963&z=6849338&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.196.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76d2557eeb69b8934253e2892c6a80cf8f27ecb31ca33605d798007a9b73d541

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://worldfreshjournal.com/?s=789814473669222655&ssk=b5f26fa7cc263afb2e6daf1191689d5e&svar=1709869963&z=6849338&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Mar 2024 03:52:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 05 Mar 2024 15:56:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65e740c4-8a1a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fYBTMMBqbKeLZAje3ACm6sFtQ5kCsidMzvxYXygBGvjPeH77RUbgeBtFmT%2BlK0OB225CFdv2TDZx%2BhN0WI9FETuuJautnXunWlC9VlLP1mkqRL63jovAutyxOirrIOJsrI5WZGuDh9Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 860fdfc8da032c26-FRA
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 327 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 / Show response
worldfreshjournal.com/19/4662728/ 3 KB
2 KB 50ms
50ms XHR
application/json 172.64.196.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://worldfreshjournal.com/19/4662728/?abt_opts=1&var=6849338&var3=789814473669222655&ymid=&rhd=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.196.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f06f8af82e74d695787c8c3edb56d9ff7193ad3d6e9b42deb3ec9472314d579

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://worldfreshjournal.com/?s=789814473669222655&ssk=b5f26fa7cc263afb2e6daf1191689d5e&svar=1709869963&z=6849338&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:43 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: d5cd4fc7a6753126bb879715adef81e2
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hbfK62w9Iq5OHhlahSgDOPEREfLTLF23bfVm7RHesN3BFsZUrlMylIW%2FY0dQy9Mz9bNtDnHgQ%2Fp7QOdkW33IDWBLycSIRAO8N2jE6KgUqJHK2tIIoAW%2FjOhdsZ4Xp62Oorn1P1Dyec0%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 860fdfc8da092c26-FRA
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H2 200 / Show response
worldfreshjournal.com/ 2 B
414 B 60ms
60ms XHR
application/json 172.64.196.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://worldfreshjournal.com/?s=789814473669222655&ssk=b5f26fa7cc263afb2e6daf1191689d5e&svar=1709869963&z=6849338&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&mprtr=1
Requested by: Host: worldfreshjournal.com
URL: https://worldfreshjournal.com/?s=789814473669222655&ssk=b5f26fa7cc263afb2e6daf1191689d5e&svar=1709869963&z=6849338&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.196.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://worldfreshjournal.com/?s=789814473669222655&ssk=b5f26fa7cc263afb2e6daf1191689d5e&svar=1709869963&z=6849338&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:43 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L4IE%2FcpKhOqt10mpsTgLX3XDpLZ8DWZviDL41mOsZmqCIYVi14eNRdAl1ZEV16uhw6nj3ECoDlMlf2jH34KDBxC9nVM9OMYrlA9kUaoYmfI8jS2VmlQ%2FP7ar9CxiNa5uR7XHXhlfoX4%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 860fdfc8da0b2c26-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=86400

GET rhd
worldfreshjournal.com/ 0
0

POST custom
jouteetu.net/ 0
0

GET
H2 200 4662709
worldfreshjournal.com/sw-check-permissions/ 0
976 B 49ms
49ms Other
application/javascript 172.64.196.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://worldfreshjournal.com/sw-check-permissions/4662709?var=6849338&ymid=789814473669222655&uhd=1&zoneId=4662709
Requested by: Host: worldfreshjournal.com
URL: https://worldfreshjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=789814473669222655&var=6849338&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.196.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://worldfreshjournal.com/?s=789814473669222655&ssk=b5f26fa7cc263afb2e6daf1191689d5e&svar=1709869963&z=6849338&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:43 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tKDOyb6yBtclIgDDRbunbE3lS4aPO6kV9UQ7ERiDsKefJRmdcHUgcTpAK%2FID2ZdOwwIbtMl4dDe2pKKJfaQZT7YsAfgf5sxkxC%2BuoSdKuUN1HgmglQF21nqiY8wuA%2BRQSzxuoA4Itxs%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray: 860fdfc94a442c26-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400

POST
H2 200 custom
jouteetu.net/ 0
0 113ms
37ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: worldfreshjournal.com
URL: https://worldfreshjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=789814473669222655&var=6849338&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://worldfreshjournal.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 zone
worldfreshjournal.com/ 0
357 B 53ms
52ms Ping
text/plain 172.64.196.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://worldfreshjournal.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=worldfreshjournal.com&var=6849338&ymid=789814473669222655&var_3=&var_4=&dsig=&tg=1&sw=3.1.495&trace_id=856ebc63-f44c-46f0-bf97-934fb7eb1f03&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=

Requested by

Host: worldfreshjournal.com
URL: https://worldfreshjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=789814473669222655&var=6849338&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.196.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://worldfreshjournal.com/?s=789814473669222655&ssk=b5f26fa7cc263afb2e6daf1191689d5e&svar=1709869963&z=6849338&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-trace-id: fad5da3b5c5f971622279ca0db42a129
date: Fri, 08 Mar 2024 03:52:43 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mnGP9vS1qIrZ6BLEdwV7BFLhnp3CEUltOqhcjD6kG7aQ3nhrfuUO2wKkVtSVwdA%2BGNRp0B7yqMlluOJp66uPwcA0fWlTEE1WTI1QHs1De7OTFJfTBFtxROlWC1b%2BDvGXjXo7vz9xEhk%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://worldfreshjournal.com
access-control-allow-credentials: true
cf-ray: 860fdfc94a472c26-FRA
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 0
alt-svc: h3=":443"; ma=86400

POST
H2 200 custom
jouteetu.net/ 0
0 114ms
38ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: worldfreshjournal.com
URL: https://worldfreshjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=789814473669222655&var=6849338&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://worldfreshjournal.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST custom
jouteetu.net/ 0
0

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
547 B 38ms
37ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=789814473669222655&var=6849338

Requested by

Host: worldfreshjournal.com
URL: https://worldfreshjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=789814473669222655&var=6849338&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

119023b23b71daaac29297729dddbf24f88960a4c310d8227e3badf81a776e01

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://worldfreshjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:43 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://worldfreshjournal.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

POST custom
jouteetu.net/ 0
0

GET
H3 200 zone
worldfreshjournal.com/ 798 B
1 KB 46ms
45ms Fetch
application/json 172.64.196.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://worldfreshjournal.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=worldfreshjournal.com&var=6849338&ymid=789814473669222655&var_3=&var_4=&dsig=&tg=1&sw=3.1.495&trace_id=856ebc63-f44c-46f0-bf97-934fb7eb1f03&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=

Requested by

Host: worldfreshjournal.com
URL: https://worldfreshjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=789814473669222655&var=6849338&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.196.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://worldfreshjournal.com/?s=789814473669222655&ssk=b5f26fa7cc263afb2e6daf1191689d5e&svar=1709869963&z=6849338&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:43 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-trace-id: d6be3dff5fdd2a526a449160492ceb27
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QZUGV33ETGtU645AOVzpbqnJRsucy7YXf%2FMZ4lLGaN5fce2zKtGV3Z2m7ZWZ9zAB%2FJBx8q9FGQhfr0VR%2BuwjLQaU8y7CKKQ%2FbDze6DXdw20ApHEgBB24nOQVOQgFEnNVsh9uj93Imag%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 860fdfc95fd03720-FRA
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept

POST custom
jouteetu.net/ 0
0

GET
H3 200 / Show response
worldfreshjournal.com/ 42 KB
14 KB 73ms
73ms Document
text/html 172.64.196.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://worldfreshjournal.com/?s=789814473669222655&ssk=b5f26fa7cc263afb2e6daf1191689d5e&svar=1709869963&z=6849338&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Requested by: Host: worldfreshjournal.com
URL: https://worldfreshjournal.com/?s=789814473669222655&ssk=b5f26fa7cc263afb2e6daf1191689d5e&svar=1709869963&z=6849338&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.196.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: f6c10f3a1cb50d433d2c7940b8e70a9c7f5e3d1d4dc4432bc887c92fed7150d3

Request headers

Referer: https://worldfreshjournal.com/?s=789814473669222655&ssk=b5f26fa7cc263afb2e6daf1191689d5e&svar=1709869963&z=6849338&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 860fdfc98fea3720-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 08 Mar 2024 03:52:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qe0CyZbKc9NKfDRlJwRy%2F1wzvxeMLWerylhxPWMtUpnV48KROupMWnZ41MnX7tbzD37oA3kzaDlQjW1ZQ5WENMxnbkMI2j6eXKIwBO6Un8I2RD82tKaYVKKPpDS14fGrrRDyOC5g5N0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

POST custom
jouteetu.net/ 0
0

GET
H3 200 micro.tag.min.js Show response
worldfreshjournal.com/pfe/current/ 35 KB
13 KB 51ms
51ms Script
application/javascript 172.64.196.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://worldfreshjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=789814473669222655&var=6849338&sw=/sw-check-permissions/4662709&uhd=1
Requested by: Host: worldfreshjournal.com
URL: https://worldfreshjournal.com/?s=789814473669222655&ssk=b5f26fa7cc263afb2e6daf1191689d5e&svar=1709869963&z=6849338&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.196.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76d2557eeb69b8934253e2892c6a80cf8f27ecb31ca33605d798007a9b73d541

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://worldfreshjournal.com/?s=789814473669222655&ssk=b5f26fa7cc263afb2e6daf1191689d5e&svar=1709869963&z=6849338&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Mar 2024 03:52:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 05 Mar 2024 15:56:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65e740c4-8a1a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T6T56yPF%2Fp7Q0GxJsQUSnnEb12Nwh1BQJ8DklQQ8uNyvnnCa%2Bqz8VhG0YH2GXWpLOKGJoak6nBDjEPQUsOcdlIhqnHduMnqtsr9hWZlQbPlQj%2BRuGj%2FniN8nHj8dtDmLtytpohDMLWY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 860fdfca08383720-FRA
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 327 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 / Show response
worldfreshjournal.com/19/4662728/ 3 KB
2 KB 43ms
43ms XHR
application/json 172.64.196.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://worldfreshjournal.com/19/4662728/?abt_opts=1&var=6849338&var3=789814473669222655&ymid=&rhd=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.196.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c90a2fc7531b67cce6c4de6252a1677a1780dfc333de7b35f4648b2466c6d43

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://worldfreshjournal.com/?s=789814473669222655&ssk=b5f26fa7cc263afb2e6daf1191689d5e&svar=1709869963&z=6849338&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:43 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: 5435bbdd87bf61bc97b91d1f0859575c
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ht6RwkbuQkBtAi4m8ifA2OgNkMW6SgnzftYLe0GDch2et5qGpXCnM7kFpWn%2Bj1idKS5mprjuy5h9w%2BzYZNBBicq3saaIVUc%2FuJocAT6xg6YSvGi%2Fe5dkKWvGt1k5VRg%2F5KNmCcMqgK0%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 860fdfca08393720-FRA
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H3 200 / Show response
worldfreshjournal.com/ 2 B
539 B 51ms
51ms XHR
application/json 172.64.196.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://worldfreshjournal.com/?s=789814473669222655&ssk=b5f26fa7cc263afb2e6daf1191689d5e&svar=1709869963&z=6849338&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2&mprtr=1
Requested by: Host: worldfreshjournal.com
URL: https://worldfreshjournal.com/?s=789814473669222655&ssk=b5f26fa7cc263afb2e6daf1191689d5e&svar=1709869963&z=6849338&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.196.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://worldfreshjournal.com/?s=789814473669222655&ssk=b5f26fa7cc263afb2e6daf1191689d5e&svar=1709869963&z=6849338&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:43 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8t6jKi%2FYQ0Pk4mbj%2F0NxU9L%2Fr7ys8fW3a1a9m%2BxhrDKk8qGeiR6QJVq%2FKGSg0dKDSAStvQUXL0p6psX9zkWuI4k%2F7Bf6OuzB3KJGgzWSC66kKcPv%2BcM3dml3UYVOirOnvkRDTmd407A%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 860fdfca28473720-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=86400

GET
H3 200 rhd Show response
worldfreshjournal.com/ 3 KB
3 KB 168ms
168ms Fetch
application/json 172.64.196.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://worldfreshjournal.com/rhd?rb=EJK6sFLEIiGKW41dqShDd1iTmicxpzNMRXjDEptm27G9TK8cmdi8_uklxJ53EOX6cCLj8n6R3zcN1dTTlaqxFs9r0pkcIvEVGoIqp2CYNQXghpKeFzQHoEhjrfm_HhsHq6c5BZqz3RWnJK0QEf2fGrxtkSaDXEfNRqqjV_joyPL7jpxQJaJtZNMh4E-KOyqa72xyTFtaJNBxZM7MOlhKzes8F1v5lJxCG_en18pBNt2vtKvtouh4I62DkiwmwySGfzJ1J066cGK2v1BBVUk8Zb3pFNOOcnfhIogcdWmocGxOjy2RSWrk-vkRTRibHlLnHDUr8X2S5VIp15BIiiCmB9dUU6b6swLr-Dxg8XwwHEpUSi469pgmUTM8Zxp8JtPXfdfXtF1MOdTth26iYzEHC0rI9h0lpEHMHXlO-REK8kcPRQbLENg_7LnNdkvWYZINmLmWIUhqXjV2SCxH_FzNh6KyOqoJvJm5plkKvmcqhbChaFr-DKACkchzYkK5iUtYFTCviTTRndWxiMaqzDhEZTfqYwTfGC9KBWt5vAMu26C51gFs&request_ab2=0&zoneid=4662728&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Fworldfreshjournal.com%2F%3Fs%3D789814473669222655%26ssk%3Db5f26fa7cc263afb2e6daf1191689d5e%26svar%3D1709869963%26z%3D6849338%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb%26btz%3D%26bto%3D%26rdc%3D2&drf=https%3A%2F%2Fworldfreshjournal.com%2F%3Fs%3D789814473669222655%26ssk%3Db5f26fa7cc263afb2e6daf1191689d5e%26svar%3D1709869963%26z%3D6849338%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb%26btz%3D%26bto%3D&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-unknown&var=6849338&var3=789814473669222655&ymid=&rhd=1&m=link

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.196.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a16931178b75b2750febc44c306b36fc6b9cc118064921a40091f47058bdc452

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://worldfreshjournal.com/?s=789814473669222655&ssk=b5f26fa7cc263afb2e6daf1191689d5e&svar=1709869963&z=6849338&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:44 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: 8286579968a7ba9cbe8697cbdf1dedef
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VDMUTPYU5KBGw43RWMjs6deUMPagpWM2GbFDWCByXLOwQ3LZG3IhSY%2BVuLWaiBBAyXzugB2aoaQkxna5dn2TFuTt7sUBW%2FHRacdx3iGSJLWI0xUlUBmfEGYZXPqDgenOeuzxhms3xfw%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 860fdfca58603720-FRA
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H2 200 custom
jouteetu.net/ 0
0 35ms
34ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: worldfreshjournal.com
URL: https://worldfreshjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=789814473669222655&var=6849338&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://worldfreshjournal.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 4662709
worldfreshjournal.com/sw-check-permissions/ 0
1011 B 51ms
51ms Other
application/javascript 172.64.196.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://worldfreshjournal.com/sw-check-permissions/4662709?var=6849338&ymid=789814473669222655&uhd=1&zoneId=4662709
Requested by: Host: worldfreshjournal.com
URL: https://worldfreshjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=789814473669222655&var=6849338&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.196.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://worldfreshjournal.com/?s=789814473669222655&ssk=b5f26fa7cc263afb2e6daf1191689d5e&svar=1709869963&z=6849338&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:43 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1XRe64HU5wJMKmDoHpjS6WcGddADasJ0GWF%2FAvRaRKvTfgTR%2BfgmBPFF0tsk3u011IFn0532vVG%2FUsfd8fN7W%2B35qJ75hTzAQ7L%2Bhr2bpxRkBjlWLZiqO6SUDsXrBePNsncy9Vyx3TY%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray: 860fdfca68693720-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400

POST
H2 200 custom
jouteetu.net/ 0
0 31ms
30ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: worldfreshjournal.com
URL: https://worldfreshjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=789814473669222655&var=6849338&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://worldfreshjournal.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H3 200 zone
worldfreshjournal.com/ 0
498 B 49ms
49ms Ping
text/plain 172.64.196.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://worldfreshjournal.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=worldfreshjournal.com&var=6849338&ymid=789814473669222655&var_3=&var_4=&dsig=&tg=1&sw=3.1.495&trace_id=bdeb2ce0-1a42-4330-b888-9887b73f3999&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=

Requested by

Host: worldfreshjournal.com
URL: https://worldfreshjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=789814473669222655&var=6849338&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.196.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://worldfreshjournal.com/?s=789814473669222655&ssk=b5f26fa7cc263afb2e6daf1191689d5e&svar=1709869963&z=6849338&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-trace-id: f3978d014b230a2b1a68cdd422fd7f87
date: Fri, 08 Mar 2024 03:52:43 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wcmjK1nO%2F8E7VsrqRMMgriMX0VHn1osIu6VXC4oDWCIb1CfpO8sNDAygHR5R2Ym4f%2BpAXBrUcKBKrVZ%2FntVSeWSKLb6UvRKoeTpobnsw2McHXq6lIkc5hIjFQt3NUEXBMPlmz2jhYEY%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://worldfreshjournal.com
access-control-allow-credentials: true
cf-ray: 860fdfca686a3720-FRA
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 0
alt-svc: h3=":443"; ma=86400

POST
H2 200 custom
jouteetu.net/ 0
0 34ms
34ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: worldfreshjournal.com
URL: https://worldfreshjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=789814473669222655&var=6849338&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://worldfreshjournal.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 31ms
31ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: worldfreshjournal.com
URL: https://worldfreshjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=789814473669222655&var=6849338&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://worldfreshjournal.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
547 B 35ms
35ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=789814473669222655&var=6849338

Requested by

Host: worldfreshjournal.com
URL: https://worldfreshjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=789814473669222655&var=6849338&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

119023b23b71daaac29297729dddbf24f88960a4c310d8227e3badf81a776e01

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://worldfreshjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:43 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://worldfreshjournal.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

POST
H2 200 custom
jouteetu.net/ 0
0 32ms
31ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: worldfreshjournal.com
URL: https://worldfreshjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=789814473669222655&var=6849338&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://worldfreshjournal.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 34ms
33ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: worldfreshjournal.com
URL: https://worldfreshjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=789814473669222655&var=6849338&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://worldfreshjournal.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 32ms
31ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: worldfreshjournal.com
URL: https://worldfreshjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=789814473669222655&var=6849338&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://worldfreshjournal.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 zone Show response
worldfreshjournal.com/ 798 B
985 B 50ms
50ms Fetch
application/json 172.64.196.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://worldfreshjournal.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=worldfreshjournal.com&var=6849338&ymid=789814473669222655&var_3=&var_4=&dsig=&tg=1&sw=3.1.495&trace_id=bdeb2ce0-1a42-4330-b888-9887b73f3999&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=

Requested by

Host: worldfreshjournal.com
URL: https://worldfreshjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=789814473669222655&var=6849338&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.196.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43c2749336c9f0068187bf4582ad9be41dcc152df001987777864e9429d1e5a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://worldfreshjournal.com/?s=789814473669222655&ssk=b5f26fa7cc263afb2e6daf1191689d5e&svar=1709869963&z=6849338&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:43 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-trace-id: f735344d6527f5a579afa78a22035130
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2FKwHEsJYSa7Q7086YW8rgClD603ODuCiPO0sU7AUxCSPbrFJQiuh87mg5tfIV4j9Eormkx8Gcf8HS1fxenY0tHC8kcmBhdpxlVesrq0Iby7oD9AAXdv%2F%2BgJT55Utg6jPa6wZjVfvrM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 860fdfca686f3720-FRA
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept

POST
H2 200 custom
jouteetu.net/ 0
0 32ms
31ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: worldfreshjournal.com
URL: https://worldfreshjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=789814473669222655&var=6849338&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://worldfreshjournal.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 31ms
31ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: worldfreshjournal.com
URL: https://worldfreshjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=789814473669222655&var=6849338&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://worldfreshjournal.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2

200

Primary Request red-door.htm Show response
www.888casino.it/offerta-speciale/
Redirect Chain

http://34.102.137.201/2/PU_IT_PA_CS_DT_888?source=4662728&geo=IT&device_type=desktop&browser_type=chrome&os=windows&region=ce&useragent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWe...
https://ic.aff-handler.com/c/48365?sr=1842791
https://www.888casino.it/offerta-speciale/red-door.htm?sr=1842791&mm_id=48365&utm_source=aff&utm_medium=casap&utm_content=100138643&utm_campaign=100138643_1842791_nodescription
https://www.888casino.it/offerta-speciale/red-door.htm?utm_campaign=100138643_1842791_nodescription&utm_content=100138643&utm_medium=casap&utm_source=aff

53 KB
18 KB

43ms
42ms

Document
text/html

13.32.121.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.888casino.it/offerta-speciale/red-door.htm?utm_campaign=100138643_1842791_nodescription&utm_content=100138643&utm_medium=casap&utm_source=aff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.89 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-89.fra60.r.cloudfront.net

Software

Resource Hash

f9aef914d782ee82c5a2c2e65b6514af8cc85f51a1ad28ecf5f8390a4e3a3da9

Security Headers

Name

Value

Content-Security-Policy

frame-ancestors 'self' *.genesazrak.com *.888casinoarabic.net *.arabiccasino888.com *.casinoarabic888.com *.casinoarabic-888.com *.888-casinoarabic.com *.888casino-arabic.com http://wrapper.safe-installation.com/ https://wrapper.safe-installation.com/ http://localhost:* https://localhost:* *.bingosys.net *.secured-igaming-usa.com *.888.pt *.sisportsbook.com *.888poker.de *.888slots.de *.safe-iplay.com http://*.safe-iplay.com http://*.888sport.com http://*.sisportsbook.com http://*.secured-igaming-usa.com *.safe-installation.com *.payoutscentral.com *.triple8holdem.com *.888.com *.secured-qa.com *.secured-registration.com *.secureutils.com *.images4us.com *.onlinepersonalmessages.com *.888sport.com *.888sport.es *.888sport.it *.888sport.dk *.888sport.ro *.888sport.se *.888sport.us *.888sport.de *.777.com *.personalinfoonline.com *.888.de *.888casino.com *.888poker.com *.888casino.dk *.888poker.dk *.888.de *.888casino.ro *.888poker.ro *.888casino.se *.888poker.se *.888casino.es *.888poker.es *.888casino.it *.888poker.it *.888casino.us *.888poker.us *.888ladies.com *.888.pt cmsp *.harrahscasino.com *.wsop.com *.delawarepark.com *.doverdowns.com *.harringtongamingonline.com *.secured-igaming-services.com *.secured-igaming-usa.com *.igaming-services.com *.888.ca *.888casino.ca *.888poker.ca *.888sport.ca *.888.nl *.888casino.nl *.888poker.nl *.888sport.nl *.ar-888-casino.com *.888casino-ar.com *.ar888-casino.com *.arab888-casino.com *.casinoelarab-888.com *.alarab-888casino.com *.casinoalarab-888.com *.888casino-alarab.com *.888casino-arabian.com *.arabian-888casino.com *.888-casino-arabian.com *.888-casino-alarab.com *.ballysdover.com *.888casino-uae.com *.playat888-games.com *.888casino-game.com *.online-arabic-casino.net *.tripleeight.live *.playat888online.com *.888games-uae.com *.triple-eight-games.com *.play-casino-now.com *.888slots-uae.com *.888-uae.com *.mrgreen.de *.mrgreen.se *.mrgreen.com *.mrgreen.dk *.williamhill.com *.williamhill.local *.williamhill-pp2.com *.clevernt.com *.cleverwebserver.com

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

age: 875
alt-svc: h3=":443"; ma=86400
apigw-requestid: USo1QjJKDoEEP-A=
cache-control: max-age=1800, must-revalidate
content-encoding: gzip
content-security-policy: frame-ancestors 'self' *.genesazrak.com *.888casinoarabic.net *.arabiccasino888.com *.casinoarabic888.com *.casinoarabic-888.com *.888-casinoarabic.com *.888casino-arabic.com http://wrapper.safe-installation.com/ https://wrapper.safe-installation.com/ http://localhost:* https://localhost:* *.bingosys.net *.secured-igaming-usa.com *.888.pt *.sisportsbook.com *.888poker.de *.888slots.de *.safe-iplay.com http://*.safe-iplay.com http://*.888sport.com http://*.sisportsbook.com http://*.secured-igaming-usa.com *.safe-installation.com *.payoutscentral.com *.triple8holdem.com *.888.com *.secured-qa.com *.secured-registration.com *.secureutils.com *.images4us.com *.onlinepersonalmessages.com *.888sport.com *.888sport.es *.888sport.it *.888sport.dk *.888sport.ro *.888sport.se *.888sport.us *.888sport.de *.777.com *.personalinfoonline.com *.888.de *.888casino.com *.888poker.com *.888casino.dk *.888poker.dk *.888.de *.888casino.ro *.888poker.ro *.888casino.se *.888poker.se *.888casino.es *.888poker.es *.888casino.it *.888poker.it *.888casino.us *.888poker.us *.888ladies.com *.888.pt cmsp *.harrahscasino.com *.wsop.com *.delawarepark.com *.doverdowns.com *.harringtongamingonline.com *.secured-igaming-services.com *.secured-igaming-usa.com *.igaming-services.com *.888.ca *.888casino.ca *.888poker.ca *.888sport.ca *.888.nl *.888casino.nl *.888poker.nl *.888sport.nl *.ar-888-casino.com *.888casino-ar.com *.ar888-casino.com *.arab888-casino.com *.casinoelarab-888.com *.alarab-888casino.com *.casinoalarab-888.com *.888casino-alarab.com *.888casino-arabian.com *.arabian-888casino.com *.888-casino-arabian.com *.888-casino-alarab.com *.ballysdover.com *.888casino-uae.com *.playat888-games.com *.888casino-game.com *.online-arabic-casino.net *.tripleeight.live *.playat888online.com *.888games-uae.com *.triple-eight-games.com *.play-casino-now.com *.888slots-uae.com *.888-uae.com *.mrgreen.de *.mrgreen.se *.mrgreen.com *.mrgreen.dk *.williamhill.com *.williamhill.local *.williamhill-pp2.com *.clevernt.com *.cleverwebserver.com
content-type: text/html; charset=utf-8
date: Fri, 08 Mar 2024 03:38:09 GMT
p3p: CP="Read our privacy policy at http://www.888.com/security-and-privacy/privacy-policy.htm"
srv: 44301334
vary: Accept-Encoding,User-Agent,Cookie
via: 1.1 ed4565467c6c9847b6a3fcb6cec799e4.cloudfront.net (CloudFront)
x-amz-cf-id: wErbELKL2XHQ97z8NdByhcfyTle9TE1zP0qeqilsVsBmCwTzGi6iUA==
x-amz-cf-pop: FRA60-P1
x-cache: Hit from cloudfront
x-wcs-correlation-id: NKSyuSG5tDApivKBGr9InGuzBI9lXP9daMOkeB9KO3I8xah3_7PatQ==

Redirect headers

age: 1070
alt-svc: h3=":443"; ma=86400
apigw-requestid: USoW0jcIjoEEPgg=
cache-control: max-age=1800, must-revalidate
content-length: 0
date: Fri, 08 Mar 2024 03:34:54 GMT
location: https://www.888casino.it/offerta-speciale/red-door.htm?utm_campaign=100138643_1842791_nodescription&utm_content=100138643&utm_medium=casap&utm_source=aff
vary: Cookie
via: 1.1 ed4565467c6c9847b6a3fcb6cec799e4.cloudfront.net (CloudFront)
x-amz-cf-id: ou-Pc4J7X1kYXerb7XOc-F4A_IxPnoAWRDL_UxwIsdDAjVCdtq8HEg==
x-amz-cf-pop: FRA60-P1
x-cache: Hit from cloudfront
x-wcs-correlation-id: 90q7NNmB-A11vaCQsLEHn4k1mlUHwqsPW6ZYKSSUhiILjvUHAb9Lag==

POST
H3 200 cat.php
worldfreshjournal.com/ 0
772 B 41ms
41ms Ping
text/plain 172.64.196.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://worldfreshjournal.com/cat.php?userId=d52d5df177f4bbca4be5525870b74140&zoneid=4662728&rb=EJK6sFLEIiGKW41dqShDd1iTmicxpzNMRXjDEptm27G9TK8cmdi8_uklxJ53EOX6cCLj8n6R3zcN1dTTlaqxFs9r0pkcIvEVGoIqp2CYNQXghpKeFzQHoEhjrfm_HhsHq6c5BZqz3RWnJK0QEf2fGrxtkSaDXEfNRqqjV_joyPL7jpxQJaJtZNMh4E-KOyqa72xyTFtaJNBxZM7MOlhKzes8F1v5lJxCG_en18pBNt2vtKvtouh4I62DkiwmwySGfzJ1J066cGK2v1BBVUk8Zb3pFNOOcnfhIogcdWmocGxOjy2RSWrk-vkRTRibHlLnHDUr8X2S5VIp15BIiiCmB9dUU6b6swLr-Dxg8XwwHEpUSi469pgmUTM8Zxp8JtPXfdfXtF1MOdTth26iYzEHC0rI9h0lpEHMHXlO-REK8kcPRQbLENg_7LnNdkvWYZINmLmWIUhqXjV2SCxH_FzNh6KyOqoJvJm5plkKvmcqhbChaFr-DKACkchzYkK5iUtYFTCviTTRndWxiMaqzDhEZTfqYwTfGC9KBWt5vAMu26C51gFs&var=6849338&var3=789814473669222655&ymid=&rhd=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.196.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://worldfreshjournal.com/?s=789814473669222655&ssk=b5f26fa7cc263afb2e6daf1191689d5e&svar=1709869963&z=6849338&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 08 Mar 2024 03:52:44 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
x-trace-id: 57b2f14896424b91cb5dac9986b62d78
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U5quDprTMrJsAmGQxDrUA3OlN%2Fe8X%2F39zHkUu5LBoatDH4d8uE088rjZ0KWy%2BbQ5KHEOcdz2CD7aIbsR8fa9B32gTeoib57o6j%2BI%2BF%2ByuxWV%2B%2Fm%2FAEc4K7NcnSeW8mnsA5KUPSvNsiI%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://worldfreshjournal.com
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 860fdfcdca903720-FRA
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H3 200 funnel-data-v5.min.js Show response
www.888casino.it/js/ 11 KB
3 KB 29ms
29ms Script
text/javascript 13.32.121.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.888casino.it/js/funnel-data-v5.min.js?x=1.2.141
Requested by: Host: www.888casino.it
URL: https://www.888casino.it/offerta-speciale/red-door.htm?utm_campaign=100138643_1842791_nodescription&utm_content=100138643&utm_medium=casap&utm_source=aff
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.32.121.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-89.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b23530a4d5c362f622fa45bd5cb727b04ba6a969d3de2ecac4fe494d2bae87a6

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/offerta-speciale/red-door.htm?utm_campaign=100138643_1842791_nodescription&utm_content=100138643&utm_medium=casap&utm_source=aff
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:31:30 GMT
content-encoding: br
via: 1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront)
last-modified: Mon, 16 Oct 2023 07:45:51 GMT
server: AmazonS3
age: 1276
x-amz-cf-pop: FRA60-P1
x-amz-server-side-encryption: AES256
etag: W/"c21b3fe665c58da77b47efe48edec070"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: WL9_lpnpHmeeLosGfPfiBGebPMx6xgzfczF8Lc5WXAOuNXoaOIzjFg==

GET
H2 200 jquery-lib.js Show response
storage.googleapis.com/cw-prod/ 86 KB
30 KB 105ms
43ms Script
application/javascript 2a00:1450:4001:82b::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/cw-prod/jquery-lib.js
Requested by: Host: www.888casino.it
URL: https://www.888casino.it/offerta-speciale/red-door.htm?utm_campaign=100138643_1842791_nodescription&utm_content=100138643&utm_medium=casap&utm_source=aff
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b3cc520b32db55dce4fc3c1da2431c2180fbbb2196b62f4f7c1cccd90a79294b

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:45 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ABPtcPqmujQRLExZ7aKSBWjcx8r4uDojYE8lgVypigxghHOpOMZyxm3GJ9uHl3rbZThbMCeNxLbekQWMmQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30653
last-modified: Wed, 06 Mar 2024 13:43:13 GMT
server: UploadServer
etag: "22010d0c9912c5824e77acf9895ce2f4"
x-goog-generation: 1709732593682329
x-goog-hash: crc32c=bQ0kyg==, md5=IgENDJkSxYJOd6z5iVzi9A==
content-type: application/javascript
cache-control: no-cache,max-age=0,no-transform
x-goog-stored-content-length: 30653
accept-ranges: bytes
expires: Fri, 08 Mar 2024 03:52:45 GMT

GET
H2 200 27183480759 Show response
optimizely-edge.com/edge-client/v1/15304250335/ 23 KB
9 KB 100ms
44ms Script
application/javascript 2606:4700::6812:a658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://optimizely-edge.com/edge-client/v1/15304250335/27183480759
Requested by: Host: www.888casino.it
URL: https://www.888casino.it/offerta-speciale/red-door.htm?utm_campaign=100138643_1842791_nodescription&utm_content=100138643&utm_medium=casap&utm_source=aff
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:a658 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59741d83b5c94e924ea038afd91e98348045c4f14f9218924167369dd7225a8b

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/offerta-speciale/red-door.htm?utm_campaign=100138643_1842791_nodescription&utm_content=100138643&utm_medium=casap&utm_source=aff
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:45 GMT
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
cf-ray: 860fdfd199400d55-MXP
alt-svc: h3=":443"; ma=86400

GET
H3 200 acqFullBackground.css
www.888casino.it/IT/CSS/main-files/ 33 KB
7 KB 31ms
31ms Stylesheet
text/css 13.32.121.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.888casino.it/IT/CSS/main-files/acqFullBackground.css

Requested by

Host: www.888casino.it
URL: https://www.888casino.it/offerta-speciale/red-door.htm?utm_campaign=100138643_1842791_nodescription&utm_content=100138643&utm_medium=casap&utm_source=aff

Protocol

Security

QUIC, , AES_128_GCM

Server

13.32.121.89 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-89.fra60.r.cloudfront.net

Software

Resource Hash

0f5103d82f2fe4fbee1718d1d0b3691c91d4dcb2200d1ca122fe0d21132b5171

Security Headers

Name

Value

Content-Security-Policy

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/offerta-speciale/red-door.htm?utm_campaign=100138643_1842791_nodescription&utm_content=100138643&utm_medium=casap&utm_source=aff
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:31:29 GMT
content-security-policy: frame-ancestors 'self' *.genesazrak.com *.888casinoarabic.net *.arabiccasino888.com *.casinoarabic888.com *.casinoarabic-888.com *.888-casinoarabic.com *.888casino-arabic.com http://wrapper.safe-installation.com/ https://wrapper.safe-installation.com/ http://localhost:* https://localhost:* *.bingosys.net *.secured-igaming-usa.com *.888.pt *.sisportsbook.com *.888poker.de *.888slots.de *.safe-iplay.com http://*.safe-iplay.com http://*.888sport.com http://*.sisportsbook.com http://*.secured-igaming-usa.com *.safe-installation.com *.payoutscentral.com *.triple8holdem.com *.888.com *.secured-qa.com *.secured-registration.com *.secureutils.com *.images4us.com *.onlinepersonalmessages.com *.888sport.com *.888sport.es *.888sport.it *.888sport.dk *.888sport.ro *.888sport.se *.888sport.us *.888sport.de *.777.com *.personalinfoonline.com *.888.de *.888casino.com *.888poker.com *.888casino.dk *.888poker.dk *.888.de *.888casino.ro *.888poker.ro *.888casino.se *.888poker.se *.888casino.es *.888poker.es *.888casino.it *.888poker.it *.888casino.us *.888poker.us *.888ladies.com *.888.pt cmsp *.harrahscasino.com *.wsop.com *.delawarepark.com *.doverdowns.com *.harringtongamingonline.com *.secured-igaming-services.com *.secured-igaming-usa.com *.igaming-services.com *.888.ca *.888casino.ca *.888poker.ca *.888sport.ca *.888.nl *.888casino.nl *.888poker.nl *.888sport.nl *.ar-888-casino.com *.888casino-ar.com *.ar888-casino.com *.arab888-casino.com *.casinoelarab-888.com *.alarab-888casino.com *.casinoalarab-888.com *.888casino-alarab.com *.888casino-arabian.com *.arabian-888casino.com *.888-casino-arabian.com *.888-casino-alarab.com *.ballysdover.com *.888casino-uae.com *.playat888-games.com *.888casino-game.com *.online-arabic-casino.net *.tripleeight.live *.playat888online.com *.888games-uae.com *.triple-eight-games.com *.play-casino-now.com *.888slots-uae.com *.888-uae.com *.mrgreen.de *.mrgreen.se *.mrgreen.com *.mrgreen.dk *.williamhill.com *.williamhill.local *.williamhill-pp2.com *.clevernt.com *.cleverwebserver.com
content-encoding: br
via: 1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront)
age: 1276
x-amz-cf-pop: FRA60-P1
x-cache: Hit from cloudfront
x-wcs-correlation-id: 8bzYhkRNFdmJ3xYObtpOrvBBl5xsBBjWsSulUvBY-ySjF4P5qzsF7A==
p3p: CP="Read our privacy policy at http://www.888.com/security-and-privacy/privacy-policy.htm"
alt-svc: h3=":443"; ma=86400
apigw-requestid: USn2wg70DoEEMJg=
last-modified: Fri, 08 Sep 2023 07:01:01 GMT
etag: W/"47663a22e2d91:0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1800, must-revalidate
srv: 44304334
x-amz-cf-id: _yQk_AKZ13cYed2vGDHCjlBLV7_jmRWzen_QeZpuCThPQZI3YjfvNQ==

GET
H3 200 acqFullBackground.js Show response
www.888casino.it/IT/JS/main-files/ 15 KB
6 KB 33ms
32ms Script
application/javascript 13.32.121.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.888casino.it/IT/JS/main-files/acqFullBackground.js

Requested by

Host: www.888casino.it
URL: https://www.888casino.it/offerta-speciale/red-door.htm?utm_campaign=100138643_1842791_nodescription&utm_content=100138643&utm_medium=casap&utm_source=aff

Protocol

Security

QUIC, , AES_128_GCM

Server

13.32.121.89 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-89.fra60.r.cloudfront.net

Software

Resource Hash

578b1c088a7fc405c93cb177a00a8c9a325cc1b4ee85e663dd1a9dc46808645e

Security Headers

Name

Value

Content-Security-Policy

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/offerta-speciale/red-door.htm?utm_campaign=100138643_1842791_nodescription&utm_content=100138643&utm_medium=casap&utm_source=aff
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.genesazrak.com *.888casinoarabic.net *.arabiccasino888.com *.casinoarabic888.com *.casinoarabic-888.com *.888-casinoarabic.com *.888casino-arabic.com http://wrapper.safe-installation.com/ https://wrapper.safe-installation.com/ http://localhost:* https://localhost:* *.bingosys.net *.secured-igaming-usa.com *.888.pt *.sisportsbook.com *.888poker.de *.888slots.de *.safe-iplay.com http://*.safe-iplay.com http://*.888sport.com http://*.sisportsbook.com http://*.secured-igaming-usa.com *.safe-installation.com *.payoutscentral.com *.triple8holdem.com *.888.com *.secured-qa.com *.secured-registration.com *.secureutils.com *.images4us.com *.onlinepersonalmessages.com *.888sport.com *.888sport.es *.888sport.it *.888sport.dk *.888sport.ro *.888sport.se *.888sport.us *.888sport.de *.777.com *.personalinfoonline.com *.888.de *.888casino.com *.888poker.com *.888casino.dk *.888poker.dk *.888.de *.888casino.ro *.888poker.ro *.888casino.se *.888poker.se *.888casino.es *.888poker.es *.888casino.it *.888poker.it *.888casino.us *.888poker.us *.888ladies.com *.888.pt cmsp *.harrahscasino.com *.wsop.com *.delawarepark.com *.doverdowns.com *.harringtongamingonline.com *.secured-igaming-services.com *.secured-igaming-usa.com *.igaming-services.com *.888.ca *.888casino.ca *.888poker.ca *.888sport.ca *.888.nl *.888casino.nl *.888poker.nl *.888sport.nl *.ar-888-casino.com *.888casino-ar.com *.ar888-casino.com *.arab888-casino.com *.casinoelarab-888.com *.alarab-888casino.com *.casinoalarab-888.com *.888casino-alarab.com *.888casino-arabian.com *.arabian-888casino.com *.888-casino-arabian.com *.888-casino-alarab.com *.ballysdover.com *.888casino-uae.com *.playat888-games.com *.888casino-game.com *.online-arabic-casino.net *.tripleeight.live *.playat888online.com *.888games-uae.com *.triple-eight-games.com *.play-casino-now.com *.888slots-uae.com *.888-uae.com *.mrgreen.de *.mrgreen.se *.mrgreen.com *.mrgreen.dk *.williamhill.com *.williamhill.local *.williamhill-pp2.com *.clevernt.com *.cleverwebserver.com
content-encoding: gzip
via: 1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront)
date: Fri, 08 Mar 2024 03:31:29 GMT
age: 1276
x-amz-cf-pop: FRA60-P1
x-cache: Hit from cloudfront
x-wcs-correlation-id: SZKJGD4F6mR6kg3ub6s0mWnCDrxmJC3HpYc-4slpbgaqTHQyJzl5SA==
p3p: CP="Read our privacy policy at http://www.888.com/security-and-privacy/privacy-policy.htm"
alt-svc: h3=":443"; ma=86400
apigw-requestid: URHoYj7JDoEEJpg=
last-modified: Fri, 08 Sep 2023 07:00:48 GMT
etag: W/"84d24a3222e2d91:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1800, must-revalidate
srv: 44302334
x-amz-cf-id: ubsalLUlUJ-6K46n_Xbj4Z3fX7Qe4vhbMzMSoU0OPxHYQSy5mfSEYA==

GET
H2 200 MTP-logo-1676371173930.png
images.images4us.com/888Casino_CGP_IT/IT/ 11 KB
11 KB 181ms
87ms Image
image/png 2600:9000:223e:d400:1d:fa70:cfc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.images4us.com/888Casino_CGP_IT/IT/MTP-logo-1676371173930.png
Requested by: Host: www.888casino.it
URL: https://www.888casino.it/offerta-speciale/red-door.htm?utm_campaign=100138643_1842791_nodescription&utm_content=100138643&utm_medium=casap&utm_source=aff
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:d400:1d:fa70:cfc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b67caf22a35e8b7e31c5532f83eb8eb21f4530aa87f2d1d18e899f90229a7f28

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 17:03:49 GMT
via: 1.1 387adc951beb5181d840dfb5d1f09488.cloudfront.net (CloudFront)
last-modified: Tue, 19 Dec 2023 12:07:29 GMT
x-amz-cf-pop: FRA56-P4
age: 6432536
etag: "fc9b11f07332da1:0"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7776000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 11253
x-amz-cf-id: MuaLxLPRHOKHLPXBd8Drb38pDBJr9-zY5_MWcqEHL1Wo9jnWGv8C5Q==

GET
H2 200 CAM-79195_Mobile-1702915921723.jpg
images.images4us.com/888Casino_CGP_IT/IT/ 113 KB
114 KB 124ms
30ms Image
image/jpeg 2600:9000:223e:d400:1d:fa70:cfc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.images4us.com/888Casino_CGP_IT/IT/CAM-79195_Mobile-1702915921723.jpg
Requested by: Host: www.888casino.it
URL: https://www.888casino.it/offerta-speciale/red-door.htm?utm_campaign=100138643_1842791_nodescription&utm_content=100138643&utm_medium=casap&utm_source=aff
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:d400:1d:fa70:cfc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 9e8b3363afcd612a7506f936cef4d01befe5055bd08eea10d3fa10afb92d6cf2

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 15:22:22 GMT
via: 1.1 387adc951beb5181d840dfb5d1f09488.cloudfront.net (CloudFront)
last-modified: Tue, 19 Dec 2023 12:07:29 GMT
x-amz-cf-pop: FRA56-P4
age: 6093023
etag: "723128f07332da1:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=7776000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 116075
x-amz-cf-id: 5qzTmpDeFchgHJFxE0oc0TeV3r3dyzaGSBAI7I8egMbTEilLtEbtpA==

GET
H2 200 Sheild%20M2P-1676371601743_tcm1870-569366.png
images.images4us.com/888Casino_CGP_IT/IT/ 8 KB
8 KB 178ms
84ms Image
image/png 2600:9000:223e:d400:1d:fa70:cfc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.images4us.com/888Casino_CGP_IT/IT/Sheild%20M2P-1676371601743_tcm1870-569366.png
Requested by: Host: www.888casino.it
URL: https://www.888casino.it/offerta-speciale/red-door.htm?utm_campaign=100138643_1842791_nodescription&utm_content=100138643&utm_medium=casap&utm_source=aff
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:d400:1d:fa70:cfc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b33ecf2f63bc06a6a1a3821ae8442db4501469a36052773edbb1dc62f8f50f72

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 11:34:47 GMT
via: 1.1 387adc951beb5181d840dfb5d1f09488.cloudfront.net (CloudFront)
last-modified: Mon, 11 Dec 2023 09:18:08 GMT
x-amz-cf-pop: FRA56-P4
age: 6970678
etag: "17434ef4122cda1:0"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7776000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 8123
x-amz-cf-id: AG_wI8ER-r2ywpkd3WT6V4OvBllA8lRR13dMKrYiNNP6jROlPyU1UQ==

GET
H2 200 sperator_white-1570520089985_tcm1870-465230.png
images.images4us.com/888Casino_CGP_IT/IT/ 109 B
472 B 77ms
76ms Image
image/png 2600:9000:223e:d400:1d:fa70:cfc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.images4us.com/888Casino_CGP_IT/IT/sperator_white-1570520089985_tcm1870-465230.png
Requested by: Host: www.888casino.it
URL: https://www.888casino.it/offerta-speciale/red-door.htm?utm_campaign=100138643_1842791_nodescription&utm_content=100138643&utm_medium=casap&utm_source=aff
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:d400:1d:fa70:cfc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 614a7ecd8cb6d55bac91e6f303401707c74632ac69a562e06695d2af4a99a8b5

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 17:03:49 GMT
via: 1.1 387adc951beb5181d840dfb5d1f09488.cloudfront.net (CloudFront)
last-modified: Tue, 19 Dec 2023 12:07:29 GMT
x-amz-cf-pop: FRA56-P4
age: 6432536
etag: "134117f07332da1:0"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7776000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 109
x-amz-cf-id: f8xEn1JSoya-aKRtiD16v4AKXyEhY_penudwxy0r_IEF8zLzmArc4A==

GET
H2 200 18plus_white-1570520016318_tcm1870-465227.png
images.images4us.com/888Casino_CGP_IT/IT/ 914 B
1 KB 78ms
77ms Image
image/png 2600:9000:223e:d400:1d:fa70:cfc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.images4us.com/888Casino_CGP_IT/IT/18plus_white-1570520016318_tcm1870-465227.png
Requested by: Host: www.888casino.it
URL: https://www.888casino.it/offerta-speciale/red-door.htm?utm_campaign=100138643_1842791_nodescription&utm_content=100138643&utm_medium=casap&utm_source=aff
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:d400:1d:fa70:cfc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 3d2bc7aaa49060a6767829051bf6b0b7bda6b866abe650a4e56f878d2c0e1f05

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 03:41:35 GMT
via: 1.1 387adc951beb5181d840dfb5d1f09488.cloudfront.net (CloudFront)
last-modified: Mon, 11 Dec 2023 09:18:07 GMT
x-amz-cf-pop: FRA56-P4
age: 7517470
etag: "58342f4122cda1:0"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7776000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 914
x-amz-cf-id: Ip2YSFdm7XtrEY8mz4t298-Lts8ToV8wPrCMxFOLKs_YXNdwxyBkFA==

GET
H2 200 IT_responsible-01-1586335583782_tcm1870-479996.png
images.images4us.com/888Casino_CGP_IT/IT/ 15 KB
15 KB 82ms
81ms Image
image/png 2600:9000:223e:d400:1d:fa70:cfc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.images4us.com/888Casino_CGP_IT/IT/IT_responsible-01-1586335583782_tcm1870-479996.png
Requested by: Host: www.888casino.it
URL: https://www.888casino.it/offerta-speciale/red-door.htm?utm_campaign=100138643_1842791_nodescription&utm_content=100138643&utm_medium=casap&utm_source=aff
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:d400:1d:fa70:cfc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 273cce10d4a84f96bd90b67a53707554eae4414acd08319040a69413d2aec50e

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 17:03:49 GMT
via: 1.1 387adc951beb5181d840dfb5d1f09488.cloudfront.net (CloudFront)
last-modified: Tue, 19 Dec 2023 12:07:29 GMT
x-amz-cf-pop: FRA56-P4
age: 6432536
etag: "81751af07332da1:0"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7776000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 15454
x-amz-cf-id: Tu4QzX00vIfMFOb1k3ftsryokq9LfUZtKYBZy_lZyiAzcM5xxtCajA==

GET
H2 200 lib.js Show response
storage.googleapis.com/cw-prod/ 6 KB
2 KB 43ms
42ms Script
application/javascript 2a00:1450:4001:82b::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/cw-prod/lib.js
Requested by: Host: www.888casino.it
URL: https://www.888casino.it/offerta-speciale/red-door.htm?utm_campaign=100138643_1842791_nodescription&utm_content=100138643&utm_medium=casap&utm_source=aff
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 1bbc5774cc98b6dc2fd1aeb5da63f94d07fccc2415f0b82e4593ccac15a1993c

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:45 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ABPtcPrCOF1ux_LiOuoJpNRASjkq_86vOB_i-PjJDL4zJfmtVhwxqLvNsX7gzEK555sV1NnEo8PFwRh62A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1829
last-modified: Wed, 06 Mar 2024 13:43:13 GMT
server: UploadServer
etag: "824660b2ba3f4cf1e64c99e29ae5cb78"
x-goog-generation: 1709732593276705
x-goog-hash: crc32c=scHKjg==, md5=gkZgsro/TPHmTJnimuXLeA==
content-type: application/javascript
cache-control: no-cache,max-age=0,no-transform
x-goog-stored-content-length: 1829
accept-ranges: bytes
expires: Fri, 08 Mar 2024 03:52:45 GMT

GET
H2 200 32_6ca10c8e2014f7e59ce0b17a530801e4cfa30a48a97aad5d334833bbaefaee49_tracking.js Show response
cdn.optimizely.com/public/15304250335/27183480759/ 262 KB
82 KB 133ms
35ms Script
text/javascript 2a02:26f0:480:5b0::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/public/15304250335/27183480759/32_6ca10c8e2014f7e59ce0b17a530801e4cfa30a48a97aad5d334833bbaefaee49_tracking.js

Requested by

Host: optimizely-edge.com
URL: https://optimizely-edge.com/edge-client/v1/15304250335/27183480759

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:5b0::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6ca10c8e2014f7e59ce0b17a530801e4cfa30a48a97aad5d334833bbaefaee49

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-meta-pci_enabled: True
x-amz-version-id: bOO9DzlsVoxiYZZgwSvBSPvkLY8mpwp1
content-encoding: gzip
date: Fri, 08 Mar 2024 03:52:45 GMT
strict-transport-security: max-age=15768000
x-amz-request-id: E68P0RVN3B80HWN4
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 32
x-amz-replication-status: PENDING
server-timing: cdn-cache; desc=HIT, edge; dur=1, cdn;desc="AkamaiION";dur=0,rtt;desc="34";dur=0,cdnip;desc="2a02:26f0:480:5b0::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0, ak_p; desc="1709869965167_35115149_1020170812_36_2069_34_38_146";dur=1
content-length: 83140
x-amz-id-2: 8r0r1XvGpFnxrL+mjCxmasUVA+u8GwLd5X0AxDb7tiMLk/F+IEzoUtTk5ttAW3GH3SMcxCqgvBc=
last-modified: Thu, 07 Mar 2024 11:25:11 GMT
server: AmazonS3
etag: "f6f0f11c8c7bfc6d2f9d5f33394c27dc"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: x-amz-meta-revision
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 415 KB
121 KB 99ms
38ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PQ2ZJ7J

Requested by

Host: www.888casino.it
URL: https://www.888casino.it/offerta-speciale/red-door.htm?utm_campaign=100138643_1842791_nodescription&utm_content=100138643&utm_medium=casap&utm_source=aff

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e6831e816ebef6ed6a5d5537c616f6ecaab26e261fed04da28f5244bd64045a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123088
x-xss-protection: 0
last-modified: Fri, 08 Mar 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 08 Mar 2024 03:52:45 GMT

GET
H2 200 main.js Show response
storage.googleapis.com/cw-prod/ 323 KB
74 KB 45ms
44ms Script
application/javascript 2a00:1450:4001:82b::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/cw-prod/main.js
Requested by: Host: www.888casino.it
URL: https://www.888casino.it/offerta-speciale/red-door.htm?utm_campaign=100138643_1842791_nodescription&utm_content=100138643&utm_medium=casap&utm_source=aff
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 76b924d989198b555d20987d22c0188545ead47ce59772eda8c9f35697c07d59

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:45 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ABPtcPouuljHDqsQlFfwTUGMPIkk94w61bv0-8tLRe55vZ6YxAi5B2uMBiIrGwIWDDLmyZHDXvc
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75884
last-modified: Wed, 06 Mar 2024 13:43:13 GMT
server: UploadServer
etag: "d6b0fb45715493b2b61eff9b35f8aac8"
x-goog-generation: 1709732593886360
x-goog-hash: crc32c=cfDZqw==, md5=1rD7RXFUk7K2Hv+bNfiqyA==
content-type: application/javascript
cache-control: no-cache,max-age=0,no-transform
x-goog-stored-content-length: 75884
accept-ranges: bytes
expires: Fri, 08 Mar 2024 03:52:45 GMT

GET
H2 200 Circle%20M2P%20-1665577612963_tcm1870-569367.png
images.images4us.com/888Casino_CGP_IT/IT/ 17 KB
17 KB 73ms
72ms Image
image/png 2600:9000:223e:d400:1d:fa70:cfc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.images4us.com/888Casino_CGP_IT/IT/Circle%20M2P%20-1665577612963_tcm1870-569367.png
Requested by: Host: www.888casino.it
URL: https://www.888casino.it/offerta-speciale/red-door.htm?utm_campaign=100138643_1842791_nodescription&utm_content=100138643&utm_medium=casap&utm_source=aff
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:d400:1d:fa70:cfc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b3f97bdfa28d959d0230309b44783e6717212e102a8c5c4d44c91578c25862fd

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 07:26:34 GMT
via: 1.1 387adc951beb5181d840dfb5d1f09488.cloudfront.net (CloudFront)
last-modified: Tue, 19 Dec 2023 12:07:29 GMT
x-amz-cf-pop: FRA56-P4
age: 5084771
etag: "9def21f07332da1:0"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7776000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 17224
x-amz-cf-id: wc6fmyKOhWK5BHVL9zpmooCpYfD8xCMHAsaKX21Qq3Rt-V2sspktpw==

GET
H2 200 CAM-79195_Desktop-1702915770009.jpg
images.images4us.com/888Casino_CGP_IT/IT/ 258 KB
259 KB 65ms
65ms Image
image/jpeg 2600:9000:223e:d400:1d:fa70:cfc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.images4us.com/888Casino_CGP_IT/IT/CAM-79195_Desktop-1702915770009.jpg
Requested by: Host: www.888casino.it
URL: https://www.888casino.it/offerta-speciale/red-door.htm?utm_campaign=100138643_1842791_nodescription&utm_content=100138643&utm_medium=casap&utm_source=aff
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:d400:1d:fa70:cfc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bf997a14e70bb530fbb1a61bf1b28af8913406c6ae4c30d48d569386e7b6462c

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 15:22:22 GMT
via: 1.1 387adc951beb5181d840dfb5d1f09488.cloudfront.net (CloudFront)
last-modified: Tue, 19 Dec 2023 12:07:29 GMT
x-amz-cf-pop: FRA56-P4
age: 6093023
etag: "efd24f07332da1:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=7776000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 264186
x-amz-cf-id: F-C_uwBKgwzVNM5LbPiBFeL5eWUpPEHX4geSUEXo_N4S6ADxXlDyug==

GET
H2 200 footer.css
storage.googleapis.com/cw-prod/ 45 KB
7 KB 52ms
52ms Stylesheet
text/css 2a00:1450:4001:82b::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/cw-prod/footer.css
Requested by: Host: www.888casino.it
URL: https://www.888casino.it/IT/JS/main-files/acqFullBackground.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 977816ea761d03ac88e2867d087fcb97646aeb6362ef9f51bbbe4d21821ad1f2

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:45 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ABPtcPqmBnBrpSedPlubZ6nvMPAgjFrgbmbTbF7D9jPVBy6ruI-0EuJJX6X2pcPFyYqcr_M1gTflvhcumg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7317
last-modified: Wed, 06 Mar 2024 13:43:13 GMT
server: UploadServer
etag: "248298c26e962902b41a5270ee1beb69"
x-goog-generation: 1709732593323408
x-goog-hash: crc32c=6YPXmg==, md5=JIKYwm6WKQK0GlJw7hvraQ==
content-type: text/css
cache-control: no-cache,max-age=0,no-transform
x-goog-stored-content-length: 7317
accept-ranges: bytes
expires: Fri, 08 Mar 2024 03:52:45 GMT

GET
H2 200 it-footer-sprite.png
stage-casino-staticcontent.safe-iplay.com/assets/media/images/acq-full-background-template/ 17 KB
17 KB 126ms
30ms Image
image/png 2600:9000:2359:5400:3:1e5:8ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stage-casino-staticcontent.safe-iplay.com/assets/media/images/acq-full-background-template/it-footer-sprite.png
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/cw-prod/footer.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2359:5400:3:1e5:8ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d73920a12fff53e1984710d9cd686113e97c8c94e27d73934c42b1705852366

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://storage.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:34:48 GMT
via: 1.1 9a97e41242551c9a56be1311e4d3db70.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P10
age: 1096
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 17271
last-modified: Mon, 04 Mar 2024 09:46:41 GMT
server: AmazonS3
etag: "caeb3957b66ce7ae1f2614fcf54ed45c"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=3600
accept-ranges: bytes
x-amz-cf-id: P0ds8NW217tEiMfT3JoIOD5W4vXWke___16ov_-DKQYmv7kaa5rxSg==

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 67ms
32ms Script
application/javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PQ2ZJ7J

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ea1823078c462969eaa59d6ef62623c19d77b72e25a103105b043aefaa0769a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 08 Mar 2024 03:52:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: TNPM/PizeaP1LGhMRcm7BA==
age: 33698
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6841
x-ms-lease-status: unlocked
last-modified: Wed, 06 Mar 2024 17:32:11 GMT
server: cloudflare
etag: 0x8DC3E035B297D15
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f1e8725f-e01e-00a1-033c-70e2fe000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 860fdfd35cc259ad-MXP

GET
H2 200 b8a61645-5e45-45d1-aa81-aaa0a412824e.json Show response
cdn.cookielaw.org/consent/b8a61645-5e45-45d1-aa81-aaa0a412824e/ 3 KB
2 KB 70ms
35ms XHR
application/x-javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/b8a61645-5e45-45d1-aa81-aaa0a412824e/b8a61645-5e45-45d1-aa81-aaa0a412824e.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63f5683ffd8a00abe5ffec5d8eea77e76fda44f30973b7a2d2c947691e3eac90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 08 Mar 2024 03:52:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 33697
content-md5: QSm4EkUgUtxPUXRV5//irg==
content-length: 1422
x-ms-lease-status: unlocked
last-modified: Mon, 25 Jul 2022 13:25:35 GMT
server: cloudflare
etag: 0x8DA6E41281B4B07
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 96795725-e01e-006a-0cc6-0be1ab000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 860fdfd3c9884bf6-MXP
expires: Sat, 09 Mar 2024 03:52:45 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 264 KB
90 KB 36ms
35ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1YFG8LJ90F&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PQ2ZJ7J

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d165c8ea15012d3d1caa6964953d325d48925f25681003e1a8140f8761494a40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92159
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 08 Mar 2024 03:52:45 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 68ms
16ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PQ2ZJ7J

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 08 Mar 2024 03:51:41 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 64
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 08 Mar 2024 05:51:41 GMT

GET
H2 200 ba1424f147c2a.js Show response
t.contentsquare.net/uxa/ 336 KB
79 KB 132ms
43ms Script
application/javascript 18.244.18.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.contentsquare.net/uxa/ba1424f147c2a.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PQ2ZJ7J
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-112.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3679d9abebe3a5c42438b69fb69f1adf604e2659b56429e40b4fc5686420d21b

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 10:12:37 GMT
content-encoding: br
via: 1.1 56837fe4941e707f9c6564d049ea12b6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P11
age: 0
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 80736
last-modified: Wed, 06 Mar 2024 10:12:30 GMT
server: AmazonS3
etag: "8e3a30089d3e6f116b23793af949737a"
vary: Origin
content-type: application/javascript;charset=utf-8
cache-control: max-age=900
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: _HJILqNNN1_btt8H9bacKkiot2QuBEUYLuEKaVNiT1tEVe5gz8HvWQ==

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 252 KB
69 KB 64ms
18ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: href.li
URL: https://href.li/?https://idygez.com/gosl/InNpZCI6MTI3NjA3OCwic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwNjI0NjIs?si1=&si2=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c38b336f03108b44e85ed615a210c9832324f8d5f3efc8c418196fb0517750a9

Request headers

Referer: https://www.888casino.it/
Origin: https://www.888casino.it
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:53:45 GMT
content-encoding: br
age: 3540
x-guploader-uploadid: ABPtcPpwC8RlBCRx3P8AS3iISmF2MF17bUxjco5owFkKW2DvgRhmVHLeS39YBdu1ybDVurGhI_IOT2Tvzw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70374
last-modified: Thu, 07 Mar 2024 13:50:26 GMT
server: UploadServer
etag: "f14fadd940a61b9217c00dafdcacd622"
vary: Accept-Encoding
x-goog-generation: 1709819426398348
x-goog-hash: crc32c=RzMU9Q==, md5=8U+t2UCmG5IXwA2v3KzWIg==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 70374
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 08 Mar 2024 03:53:45 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 69 B
317 B 71ms
37ms XHR
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6964d03a8ab5896300c3dd5cb3fc6fa302ef3d1b5453d2021282038af12e5679

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.888casino.it/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 860fdfd44e470e63-MXP
access-control-allow-headers: Content-Type

GET
H2 200 web Show response
edge.fullstory.com/s/settings/o-1APZPQ-na1/v1/ 4 KB
2 KB 17ms
17ms XHR
application/json 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/settings/o-1APZPQ-na1/v1/web
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 9e074330ccdd9b155912ea4bea675df2283c8514e33db05edd0ba4f5ae9baf3a

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:38:44 GMT
content-encoding: gzip
age: 841
x-guploader-uploadid: ABPtcPp43Q2gSsG78LB5V7sG9yiSLYCbo90I8R0mgg4eESQTp2jgj1Z5a5QJAYvmYzNd9FBuL4wMz2KoXw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1224
last-modified: Tue, 05 Mar 2024 14:53:38 GMT
server: UploadServer
etag: "5bb9f84faaed01f98cb13212435d7187"
x-goog-generation: 1709650417992921
x-goog-hash: crc32c=pPS5wA==, md5=W7n4T6rtAfmMsTISQ11xhw==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=900,no-transform
x-goog-stored-content-length: 1224
accept-ranges: bytes
content-type: application/json
expires: Fri, 08 Mar 2024 03:53:44 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.34.0/ 348 KB
83 KB 31ms
31ms Script
application/javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.34.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e88dafe889a514ea8b9b07747f53d08b66a473b7caa78645b4aa2167563651e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 08 Mar 2024 03:52:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ywzctmjVIapkx83Pz3a+AQ==
age: 17582
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 84671
x-ms-lease-status: unlocked
last-modified: Tue, 17 May 2022 16:31:35 GMT
server: cloudflare
etag: 0x8DA3822B5C4CCF6
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 24814a3a-201e-0038-4ce6-1d9d43000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 860fdfd48d5259ad-MXP

POST
H2 202 page Show response
rs.fullstory.com/rec/ 76 B
275 B 189ms
135ms XHR
text/plain 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rs.fullstory.com/rec/page

Requested by

Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

58.194.186.35.bc.googleusercontent.com

Software

Resource Hash

60285b423af26b5aadd6df94a1923d8625aa9b92b1a8fea871e51b3fba6d2671

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.888casino.it/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 08 Mar 2024 03:52:45 GMT
via: 1.1 google
x-content-type-options: nosniff
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.888casino.it
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76

GET
H2 200 xdframe-single-domain-1.2.0.html Show response
csxd.contentsquare.net/uxa/ Frame B8E8 2 KB
1 KB 143ms
26ms Document
text/html 2600:9000:2057:3000:1b:ed91:4680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://csxd.contentsquare.net/uxa/xdframe-single-domain-1.2.0.html?pid=70848
Requested by: Host: t.contentsquare.net
URL: https://t.contentsquare.net/uxa/ba1424f147c2a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:3000:1b:ed91:4680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 535feb1335a0a42ed2cd06f68cb63002dbda9d385ecd00fbbc0697ae98c6b32f

Request headers

Referer: https://www.888casino.it/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

age: 4380872
cache-control: max-age=31536000
content-encoding: gzip
content-type: text/html
date: Wed, 17 Jan 2024 10:58:14 GMT
etag: W/"17303eed7f8afe41b1523ca58723426b"
last-modified: Fri, 04 Aug 2023 17:04:45 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-amz-cf-id: 1ru8RTjLJ3gyVARhr7b2unXHI6hfDiE1CiXW6bNENxAYgFU4S3FWNg==
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: null
x-cache: Hit from cloudfront

GET
H2 200 it.json Show response
cdn.cookielaw.org/consent/b8a61645-5e45-45d1-aa81-aaa0a412824e/6451f36f-d3de-4feb-938f-4a21c97a5ed7/ 67 KB
16 KB 29ms
29ms Fetch
application/x-javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/b8a61645-5e45-45d1-aa81-aaa0a412824e/6451f36f-d3de-4feb-938f-4a21c97a5ed7/it.json

Requested by

Host: href.li
URL: https://href.li/?https://idygez.com/gosl/InNpZCI6MTI3NjA3OCwic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwNjI0NjIs?si1=&si2=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a32df32f80914320eb97da78b55e3e219882d7f88f489e62d21b5855d7fa4b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 08 Mar 2024 03:52:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 27536
content-md5: YA/g4a872t9EfSL+WcX8Lw==
content-length: 16292
x-ms-lease-status: unlocked
last-modified: Mon, 25 Jul 2022 13:25:36 GMT
server: cloudflare
etag: 0x8DA6E4128A8D140
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: c08460e8-f01e-0059-54e7-1dbe00000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 860fdfd509df4bf6-MXP
expires: Sat, 09 Mar 2024 03:52:45 GMT

GET
BLOB 200
OK 94fbba43-b858-4645-ae44-7907f57b1017
https://www.888casino.it/ 7 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.888casino.it/94fbba43-b858-4645-ae44-7907f57b1017
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0f438378880ba01aa0283717273100c7252a9a41ba9dfa33e89bdf5423dcfe91

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Length: 7329
Content-Type: application/javascript

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
209 B 33ms
32ms XHR
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1627401561&t=pageview&_s=1&dl=https%3A%2F%2Fwww.888casino.it%2Fofferta-speciale%2Fred-door.htm%3Futm_campaign%3D100138643_1842791_nodescription%26utm_content%3D100138643%26utm_medium%3Dcasap%26utm_source%3Daff&ul=en-us&de=UTF-8&dt=Gioca%20su%20888casino&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABEAAAICAAIg~&cid=702552542.1709869966&tid=UA-183049889-3&_gid=1678333013.1709869966&_slc=1&gtm=45He4360n81PQ2ZJ7Jv832208706za220&cd1=1842791&cd6=0&cd7=anon&cd9=https%3A%2F%2Fwww.888casino.it%2Fofferta-speciale%2Fred-door.htm&cd10=0&cd11=false&cd12=0&cd13=Bingo%20CD%20-%20N%2FA&cd14=0&cd15=Bingo%20CD%20-%20N%2FA&cd17=0&cd18=0&cd19=0&cd20=Bingo%20CD%20-%20N%2FA&cd21=Bingo%20CD%20-%20N%2FA&cd26=0&cd27=GTM-PQ2ZJ7J&gcs=G101&gcd=13q3v3q2q5&dma_cps=-&dma=1&npa=1&z=29025950

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.888casino.it/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Mar 2024 03:52:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.888casino.it
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect Show response
analytics.888casino.it/g/ 65 B
528 B 144ms
74ms XHR
text/plain 216.239.38.21
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.888casino.it/g/collect?v=2&tid=G-1YFG8LJ90F&gtm=45je4360v897577087z8832208706za220&_p=1709869965094&gcs=G101&gcd=13q3v3q2q5&npa=1&dma_cps=-&dma=1&cid=702552542.1709869966&ul=en-us&sr=1600x1200&_fplc=0&ur=IT-25&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=denied&sst.uc=IT&sst.rnd=652286699.1709869966&sst.gse=1&sst.etld=google.it&sst.gcsub=region1&sst.gcd=13q3v3q2q5&sst.tft=1709869965094&_s=1&sid=1709869965&sct=1&seg=0&dl=https%3A%2F%2Fwww.888casino.it%2Fofferta-speciale%2Fred-door.htm%3Futm_campaign%3D100138643_1842791_nodescription%26utm_content%3D100138643%26utm_medium%3Dcasap%26utm_source%3Daff&dt=Gioca%20su%20888casino&en=page_view&_fv=1&_ss=1&epn.serial=1842791&epn.subBrandId=46&ep.environment=production&ep.userStatus=Anonymous&ep.isFTD=false&ep.isNative=false&ep.country=ita&epn.timestamp_micros=1709869965373&tfd=1226&richsstsse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1YFG8LJ90F&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.38.21 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

any-in-2615.1e100.net

Software

Google Frontend /

Resource Hash

e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 03:52:45 GMT
x-content-type-options: nosniff
server: Google Frontend
content-type: text/plain
access-control-allow-origin: https://www.888casino.it
cache-control: no-cache
access-control-allow-credentials: true
x-accel-buffering: no
expires: Fri, 08 Mar 2024 03:52:45 GMT

GET
H2 200 otFloatingRounded.json Show response
cdn.cookielaw.org/scripttemplates/6.34.0/assets/ 10 KB
3 KB 28ms
28ms Fetch
application/json 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.34.0/assets/otFloatingRounded.json

Requested by

Host: href.li
URL: https://href.li/?https://idygez.com/gosl/InNpZCI6MTI3NjA3OCwic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwNjI0NjIs?si1=&si2=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b2a793c91a6b4893ca1934faa1738d3fea531ba0f7bfbb4180c0abc7ccb6930

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 08 Mar 2024 03:52:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: GnBP1Tj0YWr4Qdbm7JUdUA==
age: 17582
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2586
x-ms-lease-status: unlocked
last-modified: Tue, 17 May 2022 16:31:25 GMT
server: cloudflare
etag: 0x8DA3822AFC3B334
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: db1241b2-d01e-0061-7f46-141ac0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 860fdfd569f74bf6-MXP

GET
H2 200 otPcPanel.json Show response
cdn.cookielaw.org/scripttemplates/6.34.0/assets/v2/ 49 KB
12 KB 26ms
25ms Fetch
application/json 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.34.0/assets/v2/otPcPanel.json

Requested by

Host: href.li
URL: https://href.li/?https://idygez.com/gosl/InNpZCI6MTI3NjA3OCwic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwNjI0NjIs?si1=&si2=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa2a533259add5c6153cd3812130ed56ccecf82d5e0c3b44ad661e3722a3ad16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 08 Mar 2024 03:52:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: hpvDwHPbzfRabRITP+pUfw==
age: 27535
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 11724
x-ms-lease-status: unlocked
last-modified: Tue, 17 May 2022 16:31:28 GMT
server: cloudflare
etag: 0x8DA3822B15824D7
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: a5d0045c-d01e-0013-661a-241d8f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 860fdfd569f84bf6-MXP

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.34.0/assets/ 21 KB
4 KB 27ms
27ms Fetch
text/css 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.34.0/assets/otCommonStyles.css

Requested by

Host: href.li
URL: https://href.li/?https://idygez.com/gosl/InNpZCI6MTI3NjA3OCwic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwNjI0NjIs?si1=&si2=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74c39b5ec5a61c19ff20d81c0418fabd61d6deb6ac0c967da28761d6b895ff7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 08 Mar 2024 03:52:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: /wtHD+oYY7dZRzCx50GZrQ==
age: 33695
x-ms-lease-status: unlocked
last-modified: Tue, 17 May 2022 16:31:39 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: eeca4071-b01e-0048-0f72-2224b4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 860fdfd569f94bf6-MXP

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
19ms Image
image/gif 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=1627401561&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.888casino.it%2Fofferta-speciale%2Fred-door.htm%3Futm_campaign%3D100138643_1842791_nodescription%26utm_content%3D100138643%26utm_medium%3Dcasap%26utm_source%3Daff&ul=en-us&de=UTF-8&dt=Gioca%20su%20888casino&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=undefined&ea=undefined&_u=aEDAAEABEAAAICAAIg~&cid=702552542.1709869966&tid=UA-183049889-3&_gid=1678333013.1709869966&gtm=45He4360n81PQ2ZJ7Jv832208706za220&cd1=1842791&cd6=0&cd7=anon&cd9=https%3A%2F%2Fwww.888casino.it%2Fofferta-speciale%2Fred-door.htm&cd10=0&cd11=false&cd12=0&cd13=Bingo%20CD%20-%20N%2FA&cd14=0&cd15=Bingo%20CD%20-%20N%2FA&cd17=0&cd18=0&cd19=0&cd20=Bingo%20CD%20-%20N%2FA&cd21=Bingo%20CD%20-%20N%2FA&cd26=0&cd27=GTM-PQ2ZJ7J&gcs=G101&gcd=13q3v3q2q5&dma_cps=-&dma=1&npa=1&z=528202263

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Mar 2024 15:19:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 45173
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 poweredBy_ot_logo.svg
cdn.cookielaw.org/logos/static/ 3 KB
2 KB 30ms
29ms Image
image/svg+xml 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 08 Mar 2024 03:52:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: LpuayL42jB78xRllx0vkOw==
age: 33696
x-ms-lease-status: unlocked
last-modified: Wed, 06 Mar 2024 17:32:17 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 8ac7cd97-801e-007c-075d-70177c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 860fdfd5be3459ad-MXP

GET
H2 204 pageview
c.az.contentsquare.net/ 0
19 B 236ms
48ms Image
text/plain 51.104.148.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.az.contentsquare.net/pageview?ex=&pvt=n&cvars=%7B%221%22%3A%5B%22subBrandId%22%2C%2246%22%5D%7D&cvarp=%7B%221%22%3A%5B%22subBrandId%22%2C%2246%22%5D%7D&la=en-US&uc=0&url=https%3A%2F%2Fwww.888casino.it%2Fofferta-speciale%2Fred-door.htm%3Futm_campaign%3D100138643_1842791_nodescription%26utm_content%3D100138643%26utm_medium%3Dcasap%26utm_source%3Daff&dr=&dw=1600&dh=1517&ww=1600&wh=1200&sw=1600&sh=1200&uu=3888cfa6-dcd3-a273-c4fc-b4880d3ff78c&sn=1&hd=1709869965&v=13.99.5&pid=70848&pn=1&r=280991
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.104.148.203 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Mar 2024 03:52:45 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
H2 204 dvar
c.az.contentsquare.net/ 0
272 B 222ms
48ms Image
text/plain 51.104.148.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.az.contentsquare.net/dvar?v=13.99.5&pid=70848&pn=1&sn=1&uu=3888cfa6-dcd3-a273-c4fc-b4880d3ff78c&dv=H4sIAAAAAAAAAw2KOQ6AMAzA%2FpKZgQLi2hAzUx%2BAoragDk2qHgNC%2FJ1stuUXDmd9DbCCwYwRGtBck3ES8LpEdwwR%2FU0SVNuqfh6H%2FlTz0E2LOomtyyb5WDyTzDW7pAuWmmXfiOkJLPz99P1dH2cAAAA%3D&ct=2&r=634001
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.104.148.203 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.888casino.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Mar 2024 03:52:45 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

POST
H2 200 exist Show response
srm.aa.contentsquare.net/ 2 B
67 B 158ms
50ms Fetch
application/json 4.208.65.156
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://srm.aa.contentsquare.net/exist?v=13.99.5&pid=70848&pn=1&sn=1&uu=3888cfa6-dcd3-a273-c4fc-b4880d3ff78c
Requested by: Host: href.li
URL: https://href.li/?https://idygez.com/gosl/InNpZCI6MTI3NjA3OCwic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwNjI0NjIs?si1=&si2=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 4.208.65.156 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.888casino.it/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 08 Mar 2024 03:52:45 GMT
content-length: 2
content-type: application/json

POST
H2 204 events Show response
logx.optimizely.com/v1/ 0
482 B 180ms
131ms XHR
text/plain 34.111.140.246
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/public/15304250335/27183480759/32_6ca10c8e2014f7e59ce0b17a530801e4cfa30a48a97aad5d334833bbaefaee49_tracking.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.140.246 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 246.140.111.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.888casino.it/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 08 Mar 2024 03:52:46 GMT
x-envoy-decorator-operation: events-smart-router.edp-prod.svc.cluster.local:8080/*
via: 1.1 google
server: istio-envoy
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.888casino.it
access-control-expose-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id,X-Optimizely-Strict
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id: 2d6db5e5-7a15-4f6d-9a91-6d4e0cb96d65

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: worldfreshjournal.com
URL: https://worldfreshjournal.com/rhd?rb=gz0D7rVy5kP0PA_7ETfUBgTYaDMuDum8wI2wHNmO-7p6PbeCyWXypN-GNtvvnHTzaw86q6xCVSDnlsx6zFAtrxokVJZ-cxfgqKosrVUcKAE3I23DKiyQTnyZ1MFZJibO4vNrBoIYsaLBmBsbX1yhTiATMNf77qL2AcinEBQMBHTmfB3Tpj7otNWezdfs2yYKvb5bRt7B5jkIKN_zB9j3CJVhTZZa4oGlrVdggDs-5yTxqt27H7lXxCZcNVZ80RCtKeJibANftaHl8FszWvD8ukBoLmT0slRgtJHDTUEWPTblwj3WxpfcDTg8_8EkSfWkuqVyewQi0G1zwFwrueKX5GQkBOzAzcmHhAQsKjcmETz09fYLxfd7s7rGn2OssPohlcqQZeuGwcqe7csRpmbez9ZU4Fo3kRj1wDDlFSx0uQ5DTJfkUqVUCka7URIV_apXSINaTFQ-K3j-UJQSDOT5ZV0WHIlxoe4AC7-MOcKfg2xEX8r0Ed-2WxRSwVpzVbhLD1rNFR-38ttvyg2lPbl6RZdhAxXYtFnWvt1M4esws4o%3D&request_ab2=0&zoneid=4662728&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Fworldfreshjournal.com%2F%3Fs%3D789814473669222655%26ssk%3Db5f26fa7cc263afb2e6daf1191689d5e%26svar%3D1709869963%26z%3D6849338%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb%26btz%3D%26bto%3D&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-unknown&var=6849338&var3=789814473669222655&ymid=&rhd=1&m=link

Domain: jouteetu.net
URL: https://jouteetu.net/custom

Domain: jouteetu.net
URL: https://jouteetu.net/custom

Domain: jouteetu.net
URL: https://jouteetu.net/custom

Domain: jouteetu.net
URL: https://jouteetu.net/custom

Domain: jouteetu.net
URL: https://jouteetu.net/custom

Domain: jouteetu.net
URL: https://jouteetu.net/custom

Domain: jouteetu.net
URL: https://jouteetu.net/custom

Verdicts & Comments Add Verdict or Comment

201 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ryymie.com/	1970-01-20 18:59:16	Name: truniq Value: 1
.ryymie.com/	1970-01-21 03:43:25	Name: prompt Value: 1
.ryymie.com/	1970-01-20 19:07:54	Name: ufp2 Value: 837bb4a6e595579884ad202033eb79d931a97c0d
mataoransolda.com/	1970-01-21 03:43:25	Name: OAID Value: 0480198604c94e6de57713d1d17972a7
mataoransolda.com/	1970-01-21 03:43:25	Name: oaidts Value: 1709869963
mataoransolda.com/	1970-01-20 18:59:16	Name: phpckd6849336 Value: true
mataoransolda.com/	1970-01-21 03:43:25	Name: allcnt Value: 1
my.rtmark.net/	1970-01-21 03:43:25	Name: ID Value: 0480198604c94e6de57713d1d17972a7
worldfreshjournal.com/	1970-01-21 03:43:25	Name: oaidts Value: 1709869963
worldfreshjournal.com/	1970-01-21 04:33:49	Name: syncedCookie Value: true
worldfreshjournal.com/	1970-01-21 03:43:25	Name: OAID Value: d52d5df177f4bbca4be5525870b74140
worldfreshjournal.com/	1970-01-20 18:57:50	Name: prefetchAd_4662728 Value: true
worldfreshjournal.com/	1970-01-20 18:57:53	Name: reverse Value: pXmxnQPasdQ7SnFFTROyaos9P-1gUOiIqmDC0iFHezQ
ic.aff-handler.com/	1970-01-20 19:41:01	Name: uffiliate_click_48365_1842791_ Value: uffiliate_click_48365_1842791_
.888casino.it/	1970-01-20 18:57:50	Name: 888Attribution Value: 1
.888casino.it/	1970-01-20 19:07:54	Name: 888Cookie Value: isftd%3Dfalse%26isHybrid%3Dfalse%26isreal%3Dfalse%26lang%3Dit%26OSR%3D1842791
.888casino.it/	1970-01-20 19:07:54	Name: 888TestData Value: %7B%22queryserial%22%3A%221842791%22%2C%22mm_id%22%3A%2248365%22%2C%22utm_source%22%3A%22aff%22%2C%22utm_medium%22%3A%22casap%22%2C%22utm_content%22%3A%22100138643%22%2C%22utm_campaign%22%3A%22100138643_1842791_nodescription%22%2C%22orig-lp%22%3A%22https%3A%2F%2Fwww.888casino.it%2Fofferta-speciale%2Fred-door.htm%22%2C%22substrategy%22%3A%22CasapStrategy%22%2C%22currentvisittype%22%3A%22Paid%22%2C%22strategy%22%3A%22ValidSerialInQueryParam%22%2C%22strategysource%22%3A%22currentvisit%22%2C%22datecreated%22%3A%222024-03-08T03%3A52%3A45.021Z%22%2C%22expiredat%22%3A%22Fri%2C%2015%20Mar%202024%2003%3A52%3A00%20GMT%22%7D
.888casino.it/	1970-01-20 23:17:01	Name: optimizelyEndUserId Value: oeu1709869965058r0.0124415600246226
.888casino.it/	1970-01-20 18:59:16	Name: _gid Value: GA1.2.1678333013.1709869966
.888casino.it/	1970-01-21 04:33:49	Name: _ga_1YFG8LJ90F Value: GS1.1.1709869965.1.0.1709869965.0.0.0
.888casino.it/	1970-01-21 04:33:49	Name: _ga Value: GA1.2.702552542.1709869966
.888casino.it/	1970-01-21 04:19:25	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Fri+Mar+08+2024+04%3A52%3A45+GMT%2B0100+(Central+European+Standard+Time)&version=6.34.0&isIABGlobal=false&hosts=&consentId=9320f9aa-6c66-49d1-87d8-b4b61f2bc644&interactionCount=0&landingPath=https%3A%2F%2Fwww.888casino.it%2Fofferta-speciale%2Fred-door.htm%3Futm_campaign%3D100138643_1842791_nodescription%26utm_content%3D100138643%26utm_medium%3Dcasap%26utm_source%3Daff&groups=C0001%3A1%2CC0002%3A1%2CC0003%3A1%2CC0004%3A0
.888casino.it/	1970-01-21 04:27:13	Name: _cs_c Value: 0
.888casino.it/	1970-01-21 04:27:13	Name: _cs_id Value: 3888cfa6-dcd3-a273-c4fc-b4880d3ff78c.1709869965.1.1709869965.1709869965.1708676508.1744033965759.1
.csxd.contentsquare.net/	1970-01-21 04:27:13	Name: _cs_id___70848 Value: 3888cfa6-dcd3-a273-c4fc-b4880d3ff78c.1709869965.1.1709869965.1709869965.1708676508.1744033965759.1
.888casino.it/	1970-01-21 04:33:49	Name: FPID Value: FPID2.2.s49QlioQc73pTVGLZYEVfe10ZWYT4uE2ffK%2Bf%2F6wznE%3D.1709869966
.888casino.it/	1970-01-20 18:59:01	Name: FPLC Value: yzFa9b76kTaRR5Wv%2BItrTjcuEa1bYiMDdYDzJgSrz6Tyjfws9VuefCNiznOeEsS58ebc4t5PXvrcHg775njFiopOe37CqDL%2FyqYD1zAHIPfHCV3kZfOBP23aHcggWg%3D%3D
.888casino.it/	1970-01-20 18:57:51	Name: _cs_s Value: 1.5.0.1709871765999
.csxd.contentsquare.net/	1970-01-20 18:57:51	Name: _cs_s___70848 Value: 1.5.0.1709871765999

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://mataoransolda.com/partitial/5117867/?var=6849338&ab2r=0&prfrev=false&rhd=false&sf=1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://worldfreshjournal.com/?s=789814473669222655&ssk=b5f26fa7cc263afb2e6daf1191689d5e&svar=1709869963&z=6849338&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto= Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://worldfreshjournal.com/?s=789814473669222655&ssk=b5f26fa7cc263afb2e6daf1191689d5e&svar=1709869963&z=6849338&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto= Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://worldfreshjournal.com/?s=789814473669222655&ssk=b5f26fa7cc263afb2e6daf1191689d5e&svar=1709869963&z=6849338&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto= Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://worldfreshjournal.com/?s=789814473669222655&ssk=b5f26fa7cc263afb2e6daf1191689d5e&svar=1709869963&z=6849338&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto= Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://worldfreshjournal.com/?s=789814473669222655&ssk=b5f26fa7cc263afb2e6daf1191689d5e&svar=1709869963&z=6849338&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://worldfreshjournal.com/?s=789814473669222655&ssk=b5f26fa7cc263afb2e6daf1191689d5e&svar=1709869963&z=6849338&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.888casino.it/offerta-speciale/red-door.htm?utm_campaign=100138643_1842791_nodescription&utm_content=100138643&utm_medium=casap&utm_source=aff Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.888casino.it/offerta-speciale/red-door.htm?utm_campaign=100138643_1842791_nodescription&utm_content=100138643&utm_medium=casap&utm_source=aff Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.888casino.it/offerta-speciale/red-door.htm?utm_campaign=100138643_1842791_nodescription&utm_content=100138643&utm_medium=casap&utm_source=aff Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6zm.ryymie.com
analytics.888casino.it
c.az.contentsquare.net
cdn.cookielaw.org
cdn.optimizely.com
cdntechone.com
ceigix.com
csxd.contentsquare.net
datatechone.com
eb7.ryymie.com
edge.fullstory.com
geolocation.onetrust.com
h18.ryymie.com
himgta.com
href.li
ic.aff-handler.com
idygez.com
images.images4us.com
iplayer.website
jouteetu.net
l8u.ryymie.com
logx.optimizely.com
mataoransolda.com
mdakky.com
my.rtmark.net
optimizely-edge.com
qno.ryymie.com
roh.ryymie.com
rs.fullstory.com
ryymie.com
sdb.ryymie.com
srm.aa.contentsquare.net
stage-casino-staticcontent.safe-iplay.com
storage.googleapis.com
t.contentsquare.net
ujg.ryymie.com
wokoez.com
worldfreshjournal.com
www.888casino.it
www.google-analytics.com
www.googletagmanager.com
xh5.ryymie.com
jouteetu.net
worldfreshjournal.com
13.32.121.89
139.45.195.253
139.45.195.8
139.45.196.64
139.45.197.251
172.64.196.12
18.244.18.112
192.0.78.26
2001:4860:4802:32::178
216.239.38.21
217.147.127.42
2600:9000:2057:3000:1b:ed91:4680:93a1
2600:9000:223e:d400:1d:fa70:cfc0:93a1
2600:9000:2359:5400:3:1e5:8ac0:93a1
2606:4700:3034::6815:42b7
2606:4700:4400::6812:2089
2606:4700::6812:83ec
2606:4700::6812:a658
2a00:1450:4001:808::2008
2a00:1450:4001:82b::201b
2a02:26f0:480:5b0::13b8
2a02:b4a:1:7::5647:1
2a02:b4a:1:7::9165:1
2a06:98c1:3120::3
2a06:98c1:3121::3
31.220.27.98
34.102.137.201
34.111.140.246
35.186.194.58
35.201.112.186
4.208.65.156
51.104.148.203
95.47.161.64
0f438378880ba01aa0283717273100c7252a9a41ba9dfa33e89bdf5423dcfe91
0f5103d82f2fe4fbee1718d1d0b3691c91d4dcb2200d1ca122fe0d21132b5171
119023b23b71daaac29297729dddbf24f88960a4c310d8227e3badf81a776e01
1bbc5774cc98b6dc2fd1aeb5da63f94d07fccc2415f0b82e4593ccac15a1993c
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
216cede34d915ac7819447d27a9fcd25953b17a03e7c608b91bfb8133c556556
22d681d737dd950077e4a2a383d676572307078cb2ce219b677f439af717eabd
273cce10d4a84f96bd90b67a53707554eae4414acd08319040a69413d2aec50e
2f06f8af82e74d695787c8c3edb56d9ff7193ad3d6e9b42deb3ec9472314d579
309ec8e35c84525cf1ee3daac74a22dcec61aa596c73057eb5fde00097ab882e
3679d9abebe3a5c42438b69fb69f1adf604e2659b56429e40b4fc5686420d21b
3d2bc7aaa49060a6767829051bf6b0b7bda6b866abe650a4e56f878d2c0e1f05
425c631201d7d64c4f5a934c39e7857279d9cf148900cb1f79c39ed29eb8d04c
43c2749336c9f0068187bf4582ad9be41dcc152df001987777864e9429d1e5a5
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4845324802598b0a06d6ce48cbf395b85f43f9b4701afc7d32cd1fdeddd196dd
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
4a18771cdff256e1f2575bae3a68f5b3ddac3660c37cdbfcecf1254c5927f43c
4b032651a0a4199cbba44d9213ec84926d868774d240e87b50070b471cb93fdd
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5071e0e67d26df6e91e0a1d5e89b9dd904db03c3965a0743fe2c72cd077ef812
535feb1335a0a42ed2cd06f68cb63002dbda9d385ecd00fbbc0697ae98c6b32f
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc
578b1c088a7fc405c93cb177a00a8c9a325cc1b4ee85e663dd1a9dc46808645e
59741d83b5c94e924ea038afd91e98348045c4f14f9218924167369dd7225a8b
60285b423af26b5aadd6df94a1923d8625aa9b92b1a8fea871e51b3fba6d2671
614a7ecd8cb6d55bac91e6f303401707c74632ac69a562e06695d2af4a99a8b5
63f5683ffd8a00abe5ffec5d8eea77e76fda44f30973b7a2d2c947691e3eac90
6964d03a8ab5896300c3dd5cb3fc6fa302ef3d1b5453d2021282038af12e5679
6b2a793c91a6b4893ca1934faa1738d3fea531ba0f7bfbb4180c0abc7ccb6930
6c90a2fc7531b67cce6c4de6252a1677a1780dfc333de7b35f4648b2466c6d43
6ca10c8e2014f7e59ce0b17a530801e4cfa30a48a97aad5d334833bbaefaee49
700f7c7e4b6f7240c2e9cf8d275642d32b494991c78be5ae92388a0ae675f3db
74c39b5ec5a61c19ff20d81c0418fabd61d6deb6ac0c967da28761d6b895ff7d
75deecba21b76ca7e73ae35cf6f571a7520227cf666e6f6610fb99a39cb0eea8
76b924d989198b555d20987d22c0188545ead47ce59772eda8c9f35697c07d59
76d2557eeb69b8934253e2892c6a80cf8f27ecb31ca33605d798007a9b73d541
785c9ae55eb9710019f4b32060731514e6bf11d2fb96e0c5bc5dec7d2bfc9319
7ac32cac8cbe79a28748898ad0e5aee51f2f4e0d82e94ebe2ca369938d0212d6
7d3c4904e44ea0e4f89e47895404ca4067a4fb48f7eb155fd7a67b81583f7175
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a32df32f80914320eb97da78b55e3e219882d7f88f489e62d21b5855d7fa4b3
8d73920a12fff53e1984710d9cd686113e97c8c94e27d73934c42b1705852366
977816ea761d03ac88e2867d087fcb97646aeb6362ef9f51bbbe4d21821ad1f2
9d3fc0a3f3ebfbf5c57b425981294139b697dba5fe0179e9bfc812f29db5644d
9d5745f638eeaefbcca623c2080ea77cc8598dd02bfacc8ee229d2fc8c25539b
9dc15e2892ca9f3acda5aa7987586f4511deb6279067615285c049e6986ae0a8
9e074330ccdd9b155912ea4bea675df2283c8514e33db05edd0ba4f5ae9baf3a
9e8b3363afcd612a7506f936cef4d01befe5055bd08eea10d3fa10afb92d6cf2
9ea1823078c462969eaa59d6ef62623c19d77b72e25a103105b043aefaa0769a
a16931178b75b2750febc44c306b36fc6b9cc118064921a40091f47058bdc452
a7c122afdfb398ce3494c80d3b03aa8c7d100e5f529aa0c483bbd3dfc01817d1
af275f7873f170840c84eb5c22d58814e687ab5f0c68c30c3ddff845d876f61a
b23530a4d5c362f622fa45bd5cb727b04ba6a969d3de2ecac4fe494d2bae87a6
b33ecf2f63bc06a6a1a3821ae8442db4501469a36052773edbb1dc62f8f50f72
b3cc520b32db55dce4fc3c1da2431c2180fbbb2196b62f4f7c1cccd90a79294b
b3f97bdfa28d959d0230309b44783e6717212e102a8c5c4d44c91578c25862fd
b4ffa81baaad370e0818cbfcd8017d97f21aa0915c7e2474a4275e4b8721035c
b67caf22a35e8b7e31c5532f83eb8eb21f4530aa87f2d1d18e899f90229a7f28
ba6167c770fda9c25d16e8f09faeb8e4b1e59234bd5d543ae004e66d95753229
bee06d27f31bb80bc088523ea15be7cf7c39a16dec1330f83f1907b478d9db4e
bf997a14e70bb530fbb1a61bf1b28af8913406c6ae4c30d48d569386e7b6462c
c143e6d84c9d1bcca5d221a8430b357e02a438178d2a58e473c0505aabbff7be
c38b336f03108b44e85ed615a210c9832324f8d5f3efc8c418196fb0517750a9
d165c8ea15012d3d1caa6964953d325d48925f25681003e1a8140f8761494a40
da6c5ae398b9177de5f2363c507f1a93c9706c032f1d63a676db4e54ba445548
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0d227f2350ae6b49b5cc9dc6d81b0ad10528e074873710e20b67c151acaa8c8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5f14041768342aa780a55e702a30d939563af64fb2c19e37568bfa049a5694a
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
e6831e816ebef6ed6a5d5537c616f6ecaab26e261fed04da28f5244bd64045a4
e6f1d853408b6f2048851e30279a946a17a9799e1ac1ad7113035ed52d54a817
e88dafe889a514ea8b9b07747f53d08b66a473b7caa78645b4aa2167563651e7
ed31555e2535e8c7c4d50a926caa89aa7ccf90c70939eb449d7416b77260feb2
ee0f88e6b4de01f11bc95ee59e6d31ef0fcb43f3e55f3a77b537bc27f5f9399c
f6c10f3a1cb50d433d2c7940b8e70a9c7f5e3d1d4dc4432bc887c92fed7150d3
f9aef914d782ee82c5a2c2e65b6514af8cc85f51a1ad28ecf5f8390a4e3a3da9
fa2a533259add5c6153cd3812130ed56ccecf82d5e0c3b44ad661e3722a3ad16

www.888casino.it Open in urlscan Pro 13.32.121.89 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

142 Requests

94 %HTTPS

45 %IPv6

27 Domains

42 Subdomains

30 IPs

7 Countries

2339 kBTransfer

4620 kBSize

29 Cookies

7 Outgoing links

Page URL History

Redirected requests

142 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.888casino.it Open in urlscan Pro
13.32.121.89 Public Scan

Screenshot
Live screenshot

Full Image

142
Requests

94 %
HTTPS

45 %
IPv6

27
Domains

42
Subdomains

30
IPs

7
Countries

2339 kB
Transfer

4620 kB
Size

29
Cookies

142 HTTP transactions
2 data transactions