king06.casino.domaturk.com Open in urlscan Pro
162.0.217.128 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://king06.casino.domaturk.com/
Submission: On March 10 via api (March 10th 2024, 2:03:00 pm UTC) from US — Scanned from US

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 9 domains to perform 17 HTTP transactions. The main IP is 162.0.217.128, located in Amsterdam, Netherlands and belongs to NAMECHEAP-NET, US. The main domain is king06.casino.domaturk.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 11th 2023. Valid for: a year.

This is the only time king06.casino.domaturk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	162.0.217.128 162.0.217.128	22612 (NAMECHEAP...) (NAMECHEAP-NET)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::681a:af6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
2	2a04:4e42:600... 2a04:4e42:600::649	54113 (FASTLY) (FASTLY)
1	104.26.15.198 104.26.15.198	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.1.195 151.101.1.195	54113 (FASTLY) (FASTLY)
1	2606:4700:303... 2606:4700:3034::6815:5f61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	9

3 162.0.217.128 (Amsterdam, Netherlands) 1 redirects

ASN22612 (NAMECHEAP-NET, US)
PTR: premium245-4.web-hosting.com

king06.casino.domaturk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
king33.casino	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:af6 (United States)

ASN13335 (CLOUDFLARENET, US)

progressier.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.15.198 (None, )

ASN13335 (CLOUDFLARENET, US)

www.cssscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.195 (United States)

ASN54113 (FASTLY, US)

progressier.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::6815:5f61 (United States)

ASN13335 (CLOUDFLARENET, US)

pwa.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 310	54 KB
2	progressier.com progressier.com — Cisco Umbrella Rank: 182964	3 KB
2	king33.casino king33.casino Failed	6 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 760	60 KB
2	progressier.app progressier.app — Cisco Umbrella Rank: 290309	74 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 228	138 KB
1	pwa.xyz pwa.xyz — Cisco Umbrella Rank: 958999	98 KB
1	cssscript.com www.cssscript.com — Cisco Umbrella Rank: 319783	2 KB
1	domaturk.com king06.casino.domaturk.com	9 KB
17	9

	Domain	Requested by
3	cdn.jsdelivr.net	king06.casino.domaturk.com
2	progressier.com	progressier.app
2	king33.casino	king06.casino.domaturk.com king33.casino
2	code.jquery.com	king06.casino.domaturk.com king33.casino
2	progressier.app	king06.casino.domaturk.com progressier.app
2	cdnjs.cloudflare.com	king06.casino.domaturk.com cdnjs.cloudflare.com
1	pwa.xyz	king06.casino.domaturk.com
1	www.cssscript.com	king06.casino.domaturk.com
1	king06.casino.domaturk.com
17	9

This site contains no links.

Subject Issuer	Validity	Valid
*.web-hosting.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-11` - `2024-04-05`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
progressier.app GTS CA 1P5	`2024-02-27` - `2024-05-27`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
cssscript.com GTS CA 1P5	`2024-02-25` - `2024-05-25`	3 months	crt.sh
king33.casino Sectigo RSA Domain Validation Secure Server CA	`2024-02-14` - `2025-02-14`	a year	crt.sh
www.givtme.com GTS CA 1D4	`2024-02-13` - `2024-05-13`	3 months	crt.sh
pwa.xyz E1	`2024-02-16` - `2024-05-16`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://king06.casino.domaturk.com/
Frame ID: B5382C23B5182862D81AF48714AC08D7
Requests: 13 HTTP requests in this frame

Frame: https://king33.casino/index.php?q=https%3A%2F%2F2007slotpark.live%2F
Frame ID: 76772B19ACBCC947FE984F0AC09D8093
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

17
Requests

82 %
HTTPS

63 %
IPv6

9
Domains

9
Subdomains

9
IPs

3
Countries

445 kB
Transfer

1036 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://king33.casino/index.php?q=https%3A%2F%2F2000slotpark.com HTTP 301
https://king33.casino/index.php?q=https%3A%2F%2F2007slotpark.live%2F

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
king06.casino.domaturk.com/ 29 KB
9 KB 757ms
395ms Document
text/html 162.0.217.128
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://king06.casino.domaturk.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.217.128 Amsterdam, Netherlands, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium245-4.web-hosting.com
Software: LiteSpeed / PHP/8.1.27
Resource Hash: 182340d9c01a19647589ff100464336af0cac317801eedf981e08eac812c6643

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 10 Mar 2024 14:02:46 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/8.1.27
x-turbo-charged-by: LiteSpeed

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/ 82 KB
15 KB 138ms
40ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css

Requested by

Host: king06.casino.domaturk.com
URL: https://king06.casino.domaturk.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a361e7885c36bacb3fd9cb068da207c3b9329962cac022d06e28923939f575e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king06.casino.domaturk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 14:02:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 232253
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 14850
last-modified: Mon, 22 Nov 2021 21:02:51 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "619c057b-3a02"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iVSaBtZVFJrMFqPmRPMfK60%2Fknj0xS6YASq7x0sTMmmTrGedrz%2FVkJYoiZx7TfS47Kcx7TvFjJ9qzHuvXY%2Be3bavcYcW77E274j3Kn78RqtQtwdiudvIugtdrJRCUHX60%2BiUx%2FeevZmHcWw1O4JZBlK8"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8623d829d90d3376-MIA
expires: Fri, 28 Feb 2025 14:02:46 GMT

GET
H2 200 script.js Show response
progressier.app/3NiDLpElbWpBKFomQlh1/ 237 KB
73 KB 316ms
216ms Script
text/javascript 2606:4700:20::681a:af6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://progressier.app/3NiDLpElbWpBKFomQlh1/script.js

Requested by

Host: king06.casino.domaturk.com
URL: https://king06.casino.domaturk.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:af6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

22f2d76a1cdda0f5afe93ef0fa372f741339de3680add8fffd1451de3acd33db

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king06.casino.domaturk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 14:02:46 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
server: cloudflare
etag: W/"3b314-jUnXZkp7FS9w0Wrwjy2q0S4yihw"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q8J1t2TAmcgaUn87gwxut9drlvle7rCK%2B4emXFJMeABwxlCqw5HGfZ79%2BOwTEDeCAE21EO6FCKR06V33khOV3jvs74WOjbbpHVIL2uX%2FWOOMexwAALs0hkQXo%2BWp%2FhXqqlPYVNqbPSn1A6DIPw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-cloud-trace-context: 2277c301d4aeb1838ec49517e99397a8;o=1
cache-control: public, max-age=3600, immutable
function-execution-id: 7ro9tdd8srly
x-frame-options: SAMEORIGIN
cf-ray: 8623d829d9ea571e-MIA
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.2.0/dist/css/ 190 KB
30 KB 134ms
33ms Stylesheet
text/css 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.2.0/dist/css/bootstrap.min.css

Requested by

Host: king06.casino.domaturk.com
URL: https://king06.casino.domaturk.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ed959b654022f7bae48ab9380dc129e065833e45a944c70d684c971ac3578cb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://king06.casino.domaturk.com/
Origin: https://king06.casino.domaturk.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 10 Mar 2024 14:02:46 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1421309
x-jsd-version: 5.2.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30275
x-served-by: cache-fra-eddf8230090-FRA, cache-mia-kmia1760096-MIA
x-jsd-version-type: version
etag: W/"2f88b-Yz6bIW1g1A6raHMXUTTpNbVU+JE"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 135ms
32ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: king06.casino.domaturk.com
URL: https://king06.casino.domaturk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king06.casino.domaturk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 14:02:46 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 2536985
x-cache: HIT, HIT
content-length: 30875
x-served-by: cache-lga21931-LGA, cache-mia-kmia1760046-MIA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1710079367.698551,VS0,VE0
etag: W/"28feccc0-15d9d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 4, 404985

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.2.0/dist/js/ 78 KB
24 KB 133ms
32ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.2.0/dist/js/bootstrap.bundle.min.js

Requested by

Host: king06.casino.domaturk.com
URL: https://king06.casino.domaturk.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c0c09020adb6f602b16d48374166b9e38ca92383a81650b6a9097c43cc43f31f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://king06.casino.domaturk.com/
Origin: https://king06.casino.domaturk.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 10 Mar 2024 14:02:46 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1429323
x-jsd-version: 5.2.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 24474
x-served-by: cache-fra-eddf8230139-FRA, cache-mia-kmia1760096-MIA
x-jsd-version-type: version
etag: W/"137ae-xmO6oFGFa2TXRmKalh4ju/D7r4w"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 bootstrap-show-toast.js Show response
www.cssscript.com/demo/bootstrap-5-toast-show/src/ 4 KB
2 KB 255ms
152ms Script
application/javascript 104.26.15.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cssscript.com/demo/bootstrap-5-toast-show/src/bootstrap-show-toast.js
Requested by: Host: king06.casino.domaturk.com
URL: https://king06.casino.domaturk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.15.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 169bba6e3ed01663d910ce8195d060ac0d7cfa8a411c50189e3876c56674a27f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king06.casino.domaturk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 14:02:46 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 28 Sep 2022 14:22:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"633458a0-ffe"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L5jnu9X87BeWXhxnUCvpAoAHYQn%2BguoTFVO7JQP3%2B%2BpcqWE23zg8Qvkk4SV0K8NNId55ByNi90CwF33miAtik%2BCs%2FfdZ5XB5FI6328%2Fsg6UHYSK3Lfepa9Y4oYl7RUVLQT9o"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-ray: 8623d829d89c3dd3-MIA
expires: Mon, 10 Mar 2025 14:02:46 GMT

GET 1.otf
king33.casino/ 0
0

GET
H2

200

index.php Show response
king33.casino/ Frame 7677
Redirect Chain

https://king33.casino/index.php?q=https%3A%2F%2F2000slotpark.com
https://king33.casino/index.php?q=https%3A%2F%2F2007slotpark.live%2F

17 KB
6 KB

490ms
490ms

Document
text/html

162.0.217.128
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://king33.casino/index.php?q=https%3A%2F%2F2007slotpark.live%2F
Requested by: Host: king06.casino.domaturk.com
URL: https://king06.casino.domaturk.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.217.128 Amsterdam, Netherlands, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium245-4.web-hosting.com
Software: LiteSpeed / PHP/8.1.27
Resource Hash: be499568fc1a804ef1d3781d3e325a59f780a17a6b162f5795b6b9879fb2b875

Request headers

Referer: https://king06.casino.domaturk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-store, no-cache, must-revalidate
content-disposition: filename=""
content-encoding: br
content-length: 5823
content-type: text/html;charset=UTF-8
date: Sun, 10 Mar 2024 14:02:48 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT 0
pragma: no-cache
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/8.1.27
x-turbo-charged-by: LiteSpeed

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-disposition: filename=""
content-encoding: br
content-length: 5301
content-type: text/html;charset=UTF-8
date: Sun, 10 Mar 2024 14:02:47 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT 0
location: https://king33.casino/index.php?q=https%3A%2F%2F2007slotpark.live%2F
pragma: no-cache
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/8.1.27
x-turbo-charged-by: LiteSpeed

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/webfonts/ 122 KB
123 KB 78ms
41ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94e1bbc1c2a41ebc73fa5253fd563256c0035b4d69181e48f9aef9e474a11251

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css
Origin: https://king06.casino.domaturk.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 14:02:46 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 236867
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 125064
last-modified: Mon, 22 Nov 2021 21:02:51 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "619c057b-1e888"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kmboQAfXklJIGwO84wIrT2FnnxfehR3cUeLkX5IUPuFBoP6o8K9pWH9qV5zI7gQ2aK1ypZxU01keK3O1AUNtwQT7IBeR0YxvYXRXXBidDaXTIM9bSaVMcBW5xzdYOzIW6Fk6WT%2BdQEF9qMk7aMWeMYZT"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8623d82aeb83db29-MIA
expires: Fri, 28 Feb 2025 14:02:46 GMT

OPTIONS
H2 200 get-app
progressier.com/myapp/3NiDLpElbWpBKFomQlh1/ Frame 0
0 679ms
281ms Preflight
text/html 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://progressier.com/myapp/3NiDLpElbWpBKFomQlh1/get-app?version=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend / Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://king06.casino.domaturk.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=31536000, immutable
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 10 Mar 2024 14:02:47 GMT
etag: W/"2-eoX0dku9ba8cNUXvu/DyeabcC+s"
function-execution-id: jothcu7ej0t4
server: Google Frontend
strict-transport-security: max-age=31556926
vary: cookie,need-authorization, x-fh-requested-host, accept-encoding
x-cache: MISS
x-cache-hits: 0
x-cloud-trace-context: 83c17058c48386ce5d7fd1882af0c8fa
x-country-code: US
x-frame-options: SAMEORIGIN
x-powered-by: Express
x-served-by: cache-mia-kmia1760039-MIA
x-timer: S1710079367.362326,VS0,VE248

GET
H2 200 get-app Show response
progressier.com/myapp/3NiDLpElbWpBKFomQlh1/ 6 KB
3 KB 300ms
298ms Fetch
application/json 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://progressier.com/myapp/3NiDLpElbWpBKFomQlh1/get-app?version=1

Requested by

Host: progressier.app
URL: https://progressier.app/3NiDLpElbWpBKFomQlh1/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend / Express

Resource Hash

c570d887336205d72e9dad9714cce41a389c20f918a876468ae94e78df9ff3ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://king06.casino.domaturk.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=31556926
content-encoding: gzip
date: Sun, 10 Mar 2024 14:02:47 GMT
x-powered-by: Express
x-cache: MISS
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-served-by: cache-mia-kmia1760039-MIA
server: Google Frontend
x-timer: S1710079368.644631,VS0,VE266
etag: W/"17f4-BY0dSnY8VyWlHRUUEYv86kwue9g"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 8d837feda1570dc22f2ccbf3cb4e11f1
cache-control: no-store
function-execution-id: joth6ek0dcf1
vary: cookie,need-authorization, x-fh-requested-host, accept-encoding
accept-ranges: bytes
x-orig-accept-language: en-US,en;q=0.9
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
x-country-code: US
x-cache-hits: 0

GET
H2 200 progressier.json
progressier.app/3NiDLpElbWpBKFomQlh1/ 1021 B
1 KB 236ms
166ms Manifest
application/json 2606:4700:20::681a:af6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://progressier.app/3NiDLpElbWpBKFomQlh1/progressier.json

Requested by

Host: progressier.app
URL: https://progressier.app/3NiDLpElbWpBKFomQlh1/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:af6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

1cfad87e9d671c82c9ab629ed963ce56abd727f267cd3cde07774fab5ca75e9c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king06.casino.domaturk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 14:02:47 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
server: cloudflare
etag: W/"3fd-6B53tccT1/yrDOO5P4kYJaJasgI"
vary: origin, Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zR%2BOW3km%2B6Z22nSWtfhi%2B6CGCPCa7%2FKhgZdM0QTSwD0cS3di7G7QLi%2BWyp7NKQ%2B%2BhGebnzVPebFmFOP01KvEzUEHOSjv9%2Fx0ZHFXTSdoqGH2NHw4bIamtJ%2FPB6VGMBK8KcxOiM5AlTfZtoM0DA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-cloud-trace-context: 40c9e262e46360d7567179b48dd7b699
cache-control: no-store
function-execution-id: 7ro9dvkssluk
x-frame-options: SAMEORIGIN
cf-ray: 8623d82bf8f1257d-MIA
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With

GET
H2 404 try.json Show response
cdn.jsdelivr.net/gh/fawazahmed0/currency-api@1/latest/currencies/ 55 B
256 B 314ms
313ms Fetch
text/plain 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/fawazahmed0/currency-api@1/latest/currencies/try.json

Requested by

Host: king06.casino.domaturk.com
URL: https://king06.casino.domaturk.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

638214adc1cd65a1f9131f15dab04b773a909bc2305488ebc6b1374d9ff1021d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king06.casino.domaturk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sun, 10 Mar 2024 14:02:47 GMT
age: 0
x-cache: MISS, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 60
x-served-by: cache-fra-etou8220055-FRA, cache-mia-kmia1760096-MIA
etag: W/"37-Fpj4hN0GslDgMbjNQ1Zc+52XK0w"
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ZvJ17stZb8ntX3Ca9WgC%2FRRYKRAligBzjJMD.png
pwa.xyz/v0/b/pwaa-8d87e.appspot.com/o/ 97 KB
98 KB 477ms
362ms Image
image/png 2606:4700:3034::6815:5f61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pwa.xyz/v0/b/pwaa-8d87e.appspot.com/o/ZvJ17stZb8ntX3Ca9WgC%2FRRYKRAligBzjJMD.png?alt=media&token=ca92b7cf-5741-45ef-830c-214559d40a0a
Requested by: Host: king06.casino.domaturk.com
URL: https://king06.casino.domaturk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:5f61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6689b79ff1f8a4fb6493691fb2a3b345396eb113afb5140b6afbb5e13efea0b4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king06.casino.domaturk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 14:02:48 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ABPtcPrm-m0YJbyObAQbrkgLhDAp5YJgIw2HNv6UDxoXp-14KpJfAO6HVK5l3vlVlpKwG5yFzSnIrGWhTA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''RRYKRAligBzjJMD.png
alt-svc: h3=":443"; ma=86400
content-length: 99835
server: cloudflare
etag: "daf3a31a4c37880984631dc12323f6dc"
vary: Accept-Encoding
x-goog-generation: 1705454224840275
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=0xhBsw==, md5=2vOjGkw3iAmEYx3BIyP23A==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nrUcZn93UP0cIB8UZOFw9F6cZSV6EJKSnmiqw9vyzt7ajvxrKBtjb0ch%2FFlBid5nDhzQfa5Za%2B%2FN5B4is39eoLhkFTwKXs%2BYQ3WT5ljyY9GUr1jUqI7AAUm2Emq7YDIcheZuUtaQ"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 99835
x-goog-meta-firebasestoragedownloadtokens: ca92b7cf-5741-45ef-830c-214559d40a0a
accept-ranges: bytes
cf-ray: 8623d8332cb05c63-MIA

GET
H2 200 jquery-3.7.1.min.js Show response
code.jquery.com/ Frame 7677 85 KB
30 KB 102ms
34ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.7.1.min.js
Requested by: Host: king33.casino
URL: https://king33.casino/index.php?q=https%3A%2F%2F2007slotpark.live%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Request headers

Referer: https://king33.casino/
Origin: https://king33.casino
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 14:02:48 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 14880693
x-cache: HIT, HIT
content-length: 30336
x-served-by: cache-lga21978-LGA, cache-mia-kmia1760020-MIA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1710079368.364479,VS0,VE0
etag: W/"28feccc0-155ed"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 32, 85627

GET 1.otf
king33.casino/ Frame 7677 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: king33.casino
URL: https://king33.casino/1.otf

Domain: king33.casino
URL: https://king33.casino/1.otf

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			king06.casino.domaturk.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: uam14mc0gnigdsq60576iq3ku6

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdn.jsdelivr.net/gh/fawazahmed0/currency-api@1/latest/currencies/try.json Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://king06.casino.domaturk.com/ Message: Access to font at 'https://king33.casino/1.otf' from origin 'https://king06.casino.domaturk.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://king33.casino/1.otf Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
king06.casino.domaturk.com
king33.casino
progressier.app
progressier.com
pwa.xyz
www.cssscript.com
king33.casino
104.26.15.198
151.101.1.195
162.0.217.128
2606:4700:20::681a:af6
2606:4700:3034::6815:5f61
2606:4700::6811:180e
2a04:4e42:400::485
2a04:4e42:600::649
169bba6e3ed01663d910ce8195d060ac0d7cfa8a411c50189e3876c56674a27f
182340d9c01a19647589ff100464336af0cac317801eedf981e08eac812c6643
1cfad87e9d671c82c9ab629ed963ce56abd727f267cd3cde07774fab5ca75e9c
22f2d76a1cdda0f5afe93ef0fa372f741339de3680add8fffd1451de3acd33db
638214adc1cd65a1f9131f15dab04b773a909bc2305488ebc6b1374d9ff1021d
6689b79ff1f8a4fb6493691fb2a3b345396eb113afb5140b6afbb5e13efea0b4
94e1bbc1c2a41ebc73fa5253fd563256c0035b4d69181e48f9aef9e474a11251
a361e7885c36bacb3fd9cb068da207c3b9329962cac022d06e28923939f575e8
be499568fc1a804ef1d3781d3e325a59f780a17a6b162f5795b6b9879fb2b875
c0c09020adb6f602b16d48374166b9e38ca92383a81650b6a9097c43cc43f31f
c570d887336205d72e9dad9714cce41a389c20f918a876468ae94e78df9ff3ee
ed959b654022f7bae48ab9380dc129e065833e45a944c70d684c971ac3578cb8
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

king06.casino.domaturk.com Open in urlscan Pro 162.0.217.128 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

17 Requests

82 %HTTPS

63 %IPv6

9 Domains

9 Subdomains

9 IPs

3 Countries

445 kBTransfer

1036 kBSize

1 Cookies

0 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

1 Cookies

3 Console Messages

Indicators

king06.casino.domaturk.com Open in urlscan Pro
162.0.217.128 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

82 %
HTTPS

63 %
IPv6

9
Domains

9
Subdomains

9
IPs

3
Countries

445 kB
Transfer

1036 kB
Size

1
Cookies

17 HTTP transactions
0 data transactions